Submitted URL: http://chimerically.nogue.bike/Garnavillo/Garnavillo/cFNUWXV3SGEvUHk4bGUxRjFmRUlMR0hTZjRRcDdtME02M1FZWCtKZ0ptWGFxZEc3amgvNURlel...
Effective URL: http://tracking.hitcell.com/superlink?aff_id=559936&aff_sub=00fee89c-2ea4-11e8-9d36-025779f3dc2e&aff_sub2=ADVO-1512098
Submission: On March 23 via manual from US

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 3 HTTP transactions. The main IP is 88.198.53.171, located in Nürnberg, Germany and belongs to HETZNER-AS, DE. The main domain is tracking.hitcell.com.
This is the only time tracking.hitcell.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 173.224.117.155 30083 (HEG-US)
1 1 34.235.174.184 14618 (AMAZON-AES)
1 52.32.193.218 16509 (AMAZON-02)
1 88.198.53.171 24940 (HETZNER-AS)
1 52.210.50.26 16509 (AMAZON-02)
3 3
Apex Domain
Subdomains
Transfer
1 appfly.mobi
appfly.mobi
249 B
1 hitcell.com
tracking.hitcell.com
556 B
1 px9y20.com
c.px9y20.com
674 B
1 clickbooth.com
m.clickbooth.com
570 B
1 nogue.bike
chimerically.nogue.bike
878 B
3 5
Domain Requested by
1 appfly.mobi
1 tracking.hitcell.com
1 c.px9y20.com
1 m.clickbooth.com 1 redirects
1 chimerically.nogue.bike 1 redirects
3 5

This site contains no links.

Subject Issuer Validity Valid

This page contains 1 frames:

Frame: http://appfly.mobi/red/afad6d6f-c20c-11e6-8b9b-0cc47a44dbaa/?alg=2&clickid=bccd291074d11f25cf7bdcc0a46d2c9b&source=&source2=&idfa=&androidid=
Frame ID: BF97D3E63B500C4914FE0A9783CAB6A7
Requests: 3 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://chimerically.nogue.bike/Garnavillo/Garnavillo/cFNUWXV3SGEvUHk4bGUxRjFmRUlMR0hTZjRRcDdtME02M1FZWCtKZ0... HTTP 302
    http://m.clickbooth.com/c/aff?lid=25861&subid1=ss1&subid2=&subid3=80a0a1539a4966a1551a7841 HTTP 302
    http://c.px9y20.com/?x=622333999-1434721235&s=25861&pbc=i0opBSzDEei64pl0rmEdWwg Page URL
  2. http://tracking.hitcell.com/superlink?aff_id=559936&aff_sub=00fee89c-2ea4-11e8-9d36-025779f3dc2e&aff_sub... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

3
Requests

0 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

1 kB
Transfer

1 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://chimerically.nogue.bike/Garnavillo/Garnavillo/cFNUWXV3SGEvUHk4bGUxRjFmRUlMR0hTZjRRcDdtME02M1FZWCtKZ0ptWGFxZEc3amgvNURlellIdHhRUXJBNHV6VHRVSkNQNGVEVk5MRjZGajFLZGFWQ21PRE1IeXNUYythVExuRVlOenc9 HTTP 302
    http://m.clickbooth.com/c/aff?lid=25861&subid1=ss1&subid2=&subid3=80a0a1539a4966a1551a7841 HTTP 302
    http://c.px9y20.com/?x=622333999-1434721235&s=25861&pbc=i0opBSzDEei64pl0rmEdWwg Page URL
  2. http://tracking.hitcell.com/superlink?aff_id=559936&aff_sub=00fee89c-2ea4-11e8-9d36-025779f3dc2e&aff_sub2=ADVO-1512098 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://chimerically.nogue.bike/Garnavillo/Garnavillo/cFNUWXV3SGEvUHk4bGUxRjFmRUlMR0hTZjRRcDdtME02M1FZWCtKZ0ptWGFxZEc3amgvNURlellIdHhRUXJBNHV6VHRVSkNQNGVEVk5MRjZGajFLZGFWQ21PRE1IeXNUYythVExuRVlOenc9 HTTP 302
  • http://m.clickbooth.com/c/aff?lid=25861&subid1=ss1&subid2=&subid3=80a0a1539a4966a1551a7841 HTTP 302
  • http://c.px9y20.com/?x=622333999-1434721235&s=25861&pbc=i0opBSzDEei64pl0rmEdWwg

3 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
c.px9y20.com/
Redirect Chain
  • http://chimerically.nogue.bike/Garnavillo/Garnavillo/cFNUWXV3SGEvUHk4bGUxRjFmRUlMR0hTZjRRcDdtME02M1FZWCtKZ0ptWGFxZEc3amgvNURlellIdHhRUXJBNHV6VHRVSkNQNGVEVk5MRjZGajFLZGFWQ21PRE1IeXNUYythVExuRVlOenc9
  • http://m.clickbooth.com/c/aff?lid=25861&subid1=ss1&subid2=&subid3=80a0a1539a4966a1551a7841
  • http://c.px9y20.com/?x=622333999-1434721235&s=25861&pbc=i0opBSzDEei64pl0rmEdWwg
485 B
674 B
Document
General
Full URL
http://c.px9y20.com/?x=622333999-1434721235&s=25861&pbc=i0opBSzDEei64pl0rmEdWwg
Protocol
HTTP/1.1
Server
52.32.193.218 Boardman, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-32-193-218.us-west-2.compute.amazonaws.com
Software
nginx/1.12.1 / PHP/7.1.11
Resource Hash
f3380fdd48142140e8b9e76c6672f8c0a43dc974d68887e54bcb909a2c618110

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
c.px9y20.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Mar 2018 14:10:56 GMT
Server
nginx/1.12.1
Connection
keep-alive
X-Powered-By
PHP/7.1.11
Content-Length
485
Content-Type
text/html; charset=UTF-8

Redirect headers

Pragma
no-cache
Date
Fri, 23 Mar 2018 14:10:55 GMT
Server
nginx/1.10.3 (Ubuntu)
Content-Type
text/html; charset=UTF-8
Location
http://c.px9y20.com?x=622333999-1434721235&s=25861&pbc=i0opBSzDEei64pl0rmEdWwg
Set-Cookie
CB_UI_T="2|1:0|10:1521814255|7:CB_UI_T|56:OTFkMGI1ZGQzZjYxZmQ2Y2E4YWI5NWVjNDUxODE2NDA3ZDZlMmQ5Mg==|a26c8af7921dde097ab3dea68f73eefd587801614971e5437acb85be884e0881"; expires=Sun, 22 Apr 2018 14:10:55 GMT; Path=/
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
Primary Request superlink
tracking.hitcell.com/
291 B
556 B
Document
General
Full URL
http://tracking.hitcell.com/superlink?aff_id=559936&aff_sub=00fee89c-2ea4-11e8-9d36-025779f3dc2e&aff_sub2=ADVO-1512098
Protocol
HTTP/1.1
Server
88.198.53.171 Nürnberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.88-198-53-171.clients.your-server.de
Software
nginx/1.10.3 / PHP/7.0.15
Resource Hash
f71fb70100a31742649316512ccb26aeb790af2c81f6d330120ddd38bbc50edf

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tracking.hitcell.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Mar 2018 22:09:07 GMT
Content-Encoding
gzip
Server
nginx/1.10.3
X-Powered-By
PHP/7.0.15
Transfer-Encoding
chunked
Content-Type
text/html; charset=UTF-8
Connection
keep-alive
X-Backend-Server
t39.orangr.com b2.orangr.com
Keep-Alive
timeout=60
/
appfly.mobi/red/afad6d6f-c20c-11e6-8b9b-0cc47a44dbaa/
0
249 B
Document
General
Full URL
http://appfly.mobi/red/afad6d6f-c20c-11e6-8b9b-0cc47a44dbaa/?alg=2&clickid=bccd291074d11f25cf7bdcc0a46d2c9b&source=&source2=&idfa=&androidid=
Protocol
HTTP/1.1
Server
52.210.50.26 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-210-50-26.eu-west-1.compute.amazonaws.com
Software
nginx/1.4.6 (Ubuntu) / HHVM/3.14.1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
appfly.mobi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://tracking.hitcell.com/superlink?aff_id=559936&aff_sub=00fee89c-2ea4-11e8-9d36-025779f3dc2e&aff_sub2=ADVO-1512098
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://tracking.hitcell.com/superlink?aff_id=559936&aff_sub=00fee89c-2ea4-11e8-9d36-025779f3dc2e&aff_sub2=ADVO-1512098
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36

Response headers

Date
Fri, 23 Mar 2018 14:10:56 GMT
Content-Encoding
gzip
Server
nginx/1.4.6 (Ubuntu)
X-Powered-By
HHVM/3.14.1
Vary
Accept-Encoding
Content-Type
text/html
Connection
keep-alive
Content-Length
20

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies