urlscan.io logo urlscan.io
SecurityTrails logo

www.critch.de Open in urlscan Pro
78.46.10.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://hqq.tv/out.html
Effective URL: http://www.critch.de/88-euro-gratis/
Submission: On June 26 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 14 domains to perform 11 HTTP transactions. The main IP is 78.46.10.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.critch.de.
This is the only time www.critch.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 37.1.204.9 50673 (SERVERIUS-AS)
1 1 147.135.220.59 16276 (OVH)
1 1 2400:cb00:204... 13335 (CLOUDFLAR...)
2 3 107.21.36.248 14618 (AMAZON-AES)
1 1 216.172.60.242 50245 (SERVEREL-AS)
1 216.172.60.227 50245 (SERVEREL-AS)
1 34.197.168.203 14618 (AMAZON-AES)
1 1 35.170.204.140 14618 (AMAZON-AES)
1 2 64.111.199.222 23393 (NUCDN)
2 2 78.46.155.195 24940 (HETZNER-AS)
1 2 78.46.10.196 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 188.40.20.23 24940 (HETZNER-AS)
1 1 67.199.248.10 395224 (BITLY-AS)
2 2a00:1450:400... 15169 (GOOGLE)
11 9
1    37.1.204.9 (Netherlands)

ASN50673 (SERVERIUS-AS, NL)
hqq.tv
1    147.135.220.59 (Waltham, United States)

ASN16276 (OVH, FR)
PTR: o3.as12as.com
a.o333o.com
1    2400:cb00:2048:1::6814:802e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
popcash.net
3    107.21.36.248 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-21-36-248.compute-1.amazonaws.com
sp.popcash.net
1    216.172.60.242 (United States)

ASN50245 (SERVEREL-AS, NL)
PTR: 242.60.serverel.net
709014.redpop.pro
1    216.172.60.227 (United States)

ASN50245 (SERVEREL-AS, NL)
PTR: 227.60.serverel.net
1206136508.timenews.mobi
1    34.197.168.203 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-168-203.compute-1.amazonaws.com
sax.peakonspot.com
1    35.170.204.140 (Seattle, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-170-204-140.compute-1.amazonaws.com
goto.peak-serving.com
2    64.111.199.222 (Weehawken, United States)

ASN23393 (NUCDN - NuCDN LLC, US)
syndication.exdynsrv.com
2    78.46.155.195 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi3961.your-server.de
www1.lustich.de
2    78.46.10.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1996.your-server.de
www.critch.de
1    2a00:1450:4001:820::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    188.40.20.23 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.23.20.40.188.clients.your-server.de
www.privatelink.de
1    67.199.248.10 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
bit.ly
2    2a00:1450:4001:816::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
4 www.privatelink.de 2 redirects www.critch.de
3 sp.popcash.net 2 redirects
2 www.google-analytics.com www.googletagmanager.com
www.critch.de
2 www.critch.de 1 redirects syndication.exdynsrv.com
2 www1.lustich.de 2 redirects
2 syndication.exdynsrv.com 1 redirects sax.peakonspot.com
1 bit.ly 1 redirects
1 www.googletagmanager.com www.critch.de
1 goto.peak-serving.com 1 redirects
1 sax.peakonspot.com 1206136508.timenews.mobi
1 1206136508.timenews.mobi sp.popcash.net
1 709014.redpop.pro 1 redirects
1 popcash.net 1 redirects
1 a.o333o.com 1 redirects
1 hqq.tv
11 15

This site contains no links.

Subject Issuer Validity Valid
*.hqq.tv
COMODO RSA Domain Validation Secure Server CA		 2018-04-26 -
2020-05-10		 2 years crt.sh
exdynsrv.com
Let's Encrypt Authority X3		 2018-05-07 -
2018-08-05		 3 months crt.sh
*.privatelink.de
COMODO RSA Domain Validation Secure Server CA		 2017-09-08 -
2020-09-07		 3 years crt.sh

This page contains 3 frames:

Primary Page: http://www.critch.de/88-euro-gratis/
Frame ID: CF450B62C121BCBE578C85EF720556A3
Requests: 9 HTTP requests in this frame

Frame: https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F52jvSt0mcH
Frame ID: 610FB0C0098B5EC6A2D4375509346E98
Requests: 1 HTTP requests in this frame

Frame: https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx
Frame ID: 5AD7E80D080389DD3282CCF7F5C7A6F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://hqq.tv/out.html Page URL
  2. https://a.o333o.com/api/direct/23803 HTTP 302
    http://popcash.net/world/go/194711/415322/ HTTP 301
    http://sp.popcash.net/go/194711/415322/ HTTP 301
    http://sp.popcash.net/go/194711/415322 Page URL
  3. http://sp.popcash.net/sgo/ad?p=194711&w=415322&t=30474dcd5f4534fa&r=&vw=1600&vh=1200 HTTP 303
    http://709014.redpop.pro/d.php?campaing=878597&link_id=dUQpN&source=415322 HTTP 302
    http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209 Page URL
  4. http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&id=15299785449308006456587465&tid=4... Page URL
  5. http://goto.peak-serving.com/?&version=1&id=15299785449308006456587465&t=imp&tid=4798&filter=1&ftype=js&t... HTTP 302
    https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNal... Page URL
  6. https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNal... HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch.de/88-euro-gratis HTTP 301
    http://www.critch.de/88-euro-gratis/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Page Statistics

11
Requests

36 %
HTTPS

20 %
IPv6

14
Domains

15
Subdomains

9
IPs

4
Countries

49 kB
Transfer

117 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://hqq.tv/out.html Page URL
  2. https://a.o333o.com/api/direct/23803 HTTP 302
    http://popcash.net/world/go/194711/415322/ HTTP 301
    http://sp.popcash.net/go/194711/415322/ HTTP 301
    http://sp.popcash.net/go/194711/415322 Page URL
  3. http://sp.popcash.net/sgo/ad?p=194711&w=415322&t=30474dcd5f4534fa&r=&vw=1600&vh=1200 HTTP 303
    http://709014.redpop.pro/d.php?campaing=878597&link_id=dUQpN&source=415322 HTTP 302
    http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209 Page URL
  4. http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&id=15299785449308006456587465&tid=4798&t=imp&end=2 Page URL
  5. http://goto.peak-serving.com/?&version=1&id=15299785449308006456587465&t=imp&tid=4798&filter=1&ftype=js&trs=15299785456299504&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined HTTP 302
    https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNalJrTlRjM1lURXhZdz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1NzEyMzR8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjgyfDEuMTY4MnwyMnx8MXxERVV8fDYwfDJ8MXx8NDc2ZDVmOGQxY2M5OWE5MTIyM2ExMDkyZjI2NmI1NTN8ODU2NDY2NmMyZDUzMWM1NTAyY2YwMTEwYmQ5Y2NiODl8MHwyfDQ3OTgtOTMxYTQ0ZmFkYjQ0ZGViNzk3NzAwN2E5Zjc5ZjI1NjkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwwfC0xfDB8MHxob3N0aW5nfHwxfDE0NDB8fDJ8T0t8YzhlMjNiNjY3YTFkMjhhNzk2ODkxYjI4YzViY2YzNjY= Page URL
  6. https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNalJrTlRjM1lURXhZdz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1NzEyMzR8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjgyfDEuMTY4MnwyMnx8MXxERVV8fDYwfDJ8MXx8NDc2ZDVmOGQxY2M5OWE5MTIyM2ExMDkyZjI2NmI1NTN8ODU2NDY2NmMyZDUzMWM1NTAyY2YwMTEwYmQ5Y2NiODl8MHwyfDQ3OTgtOTMxYTQ0ZmFkYjQ0ZGViNzk3NzAwN2E5Zjc5ZjI1NjkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwwfC0xfDB8MHxob3N0aW5nfHwxfDE0NDB8fDJ8T0t8YzhlMjNiNjY3YTFkMjhhNzk2ODkxYjI4YzViY2YzNjY%3D&p=http%3A%2F%2Fsax.peakonspot.com%2Fpops%2Ffilter.php%3Frd%3Dgoto.peak-serving.com%26id%3D15299785449308006456587465%26tid%3D4798%26t%3Dimp%26end%3D2&tested=1&check=4aac90945af22701a235bc3636c0a0d2&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch.de/88-euro-gratis HTTP 301
    http://www.critch.de/88-euro-gratis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://a.o333o.com/api/direct/23803 HTTP 302
  • http://popcash.net/world/go/194711/415322/ HTTP 301
  • http://sp.popcash.net/go/194711/415322/ HTTP 301
  • http://sp.popcash.net/go/194711/415322
Request Chain 2
  • http://sp.popcash.net/sgo/ad?p=194711&w=415322&t=30474dcd5f4534fa&r=&vw=1600&vh=1200 HTTP 303
  • http://709014.redpop.pro/d.php?campaing=878597&link_id=dUQpN&source=415322 HTTP 302
  • http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209
Request Chain 4
  • http://goto.peak-serving.com/?&version=1&id=15299785449308006456587465&t=imp&tid=4798&filter=1&ftype=js&trs=15299785456299504&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined HTTP 302
  • https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNalJrTlRjM1lURXhZdz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1NzEyMzR8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjgyfDEuMTY4MnwyMnx8MXxERVV8fDYwfDJ8MXx8NDc2ZDVmOGQxY2M5OWE5MTIyM2ExMDkyZjI2NmI1NTN8ODU2NDY2NmMyZDUzMWM1NTAyY2YwMTEwYmQ5Y2NiODl8MHwyfDQ3OTgtOTMxYTQ0ZmFkYjQ0ZGViNzk3NzAwN2E5Zjc5ZjI1NjkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwwfC0xfDB8MHxob3N0aW5nfHwxfDE0NDB8fDJ8T0t8YzhlMjNiNjY3YTFkMjhhNzk2ODkxYjI4YzViY2YzNjY=
Request Chain 6
  • https://www.privatelink.de/sf/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F52jvSt0mcH HTTP 301
  • https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F52jvSt0mcH
Request Chain 7
  • http://bit.ly/2oHl00R HTTP 301
  • https://www.privatelink.de/sf/?http://privatelink.de/%3Fhttps://t.co/z7rulNZ8zx HTTP 301
  • https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx

11 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
out.html
hqq.tv/ 		195 B
442 B 		Document
General
Check archive.org
Download Go to
Full URL
https://hqq.tv/out.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.1.204.9 , Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

:method
GET
:authority
hqq.tv
:scheme
https
:path
/out.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CF450B62C121BCBE578C85EF720556A3

Response headers

status
200
server
nginx
date
Tue, 26 Jun 2018 01:48:17 GMT
content-type
text/html; charset=UTF-8
content-length
195
last-modified
Sat, 16 Jun 2018 22:31:15 GMT
etag
"5b258fb3-c3"
expires
Sun, 23 Jun 2019 19:55:20 GMT
cache-control
max-age=31536000 public
pragma
cache
x-cache-status-inferno
HIT
accept-ranges
bytes
415322
sp.popcash.net/go/194711/
Redirect Chain
  • https://a.o333o.com/api/direct/23803
  • http://popcash.net/world/go/194711/415322/
  • http://sp.popcash.net/go/194711/415322/
  • http://sp.popcash.net/go/194711/415322
427 B
467 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sp.popcash.net/go/194711/415322
Protocol
HTTP/1.1
Server
107.21.36.248 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-21-36-248.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
4922d054144a3e451e197ab523a8afa40bd4cb295405c6ec05498ce889c77068

Request headers

Host
sp.popcash.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
__cfduid=db79f2bd759b41cd94606bef5296ecf451529978543
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CF450B62C121BCBE578C85EF720556A3

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Tue, 26 Jun 2018 02:02:23 GMT
Server
nginx/1.12.2
Vary
Accept-Encoding
Content-Length
272
Connection
keep-alive

Redirect headers

Content-Type
text/html; charset=utf-8
Date
Tue, 26 Jun 2018 02:02:23 GMT
Location
/go/194711/415322
Server
nginx/1.12.2
Content-Length
52
Connection
keep-alive
go.php
1206136508.timenews.mobi/
Redirect Chain
  • http://sp.popcash.net/sgo/ad?p=194711&w=415322&t=30474dcd5f4534fa&r=&vw=1600&vh=1200
  • http://709014.redpop.pro/d.php?campaing=878597&link_id=dUQpN&source=415322
  • http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209
1 KB
944 B 		Document
General
Check archive.org
Download Go to
Full URL
http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209
Requested by
Host: sp.popcash.net
URL: http://sp.popcash.net/go/194711/415322
Protocol
HTTP/1.1
Server
216.172.60.227 , United States, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
227.60.serverel.net
Software
nginx / PHP/5.6.30
Resource Hash
70dd32b153edd53d8e48210094e1f83da73be8e60004053b42a5a44eb4c4bf24

Request headers

Host
1206136508.timenews.mobi
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://sp.popcash.net/go/194711/415322
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CF450B62C121BCBE578C85EF720556A3
Referer
http://sp.popcash.net/go/194711/415322

Response headers

Server
nginx
Date
Tue, 26 Jun 2018 02:02:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Expires
Tue, 26 Jun 2018 02:02:25 GMT
Last-Modified
Tue, 26 Jun 2018 02:02:25 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 26 Jun 2018 02:02:24 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
X-Frame-Options
DENY
Expires
Tue, 26 Jun 2018 02:02:24 GMT
Last-Modified
Tue, 26 Jun 2018 02:02:24 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209
filter.php
sax.peakonspot.com/pops/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&id=15299785449308006456587465&tid=4798&t=imp&end=2
Requested by
Host: 1206136508.timenews.mobi
URL: http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209
Protocol
HTTP/1.1
Server
34.197.168.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-197-168-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f79053eeefed2097ded52acf6a1d1f16745f1e648df2a34be4eda246f8e58857

Request headers

Host
sax.peakonspot.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CF450B62C121BCBE578C85EF720556A3
Referer
http://1206136508.timenews.mobi/go.php?aid=5b319eb02b8e56.45583209

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Jun 2018 02:02:25 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Server
nginx
transfer-encoding
chunked
Connection
keep-alive
cimp.php
syndication.exdynsrv.com/
Redirect Chain
  • http://goto.peak-serving.com/?&version=1&id=15299785449308006456587465&t=imp&tid=4798&filter=1&ftype=js&trs=15299785456299504&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined
  • https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNalJrTlRjM1lURXhZdz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERV...
4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNalJrTlRjM1lURXhZdz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1NzEyMzR8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjgyfDEuMTY4MnwyMnx8MXxERVV8fDYwfDJ8MXx8NDc2ZDVmOGQxY2M5OWE5MTIyM2ExMDkyZjI2NmI1NTN8ODU2NDY2NmMyZDUzMWM1NTAyY2YwMTEwYmQ5Y2NiODl8MHwyfDQ3OTgtOTMxYTQ0ZmFkYjQ0ZGViNzk3NzAwN2E5Zjc5ZjI1NjkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwwfC0xfDB8MHxob3N0aW5nfHwxfDE0NDB8fDJ8T0t8YzhlMjNiNjY3YTFkMjhhNzk2ODkxYjI4YzViY2YzNjY=
Requested by
Host: sax.peakonspot.com
URL: http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&id=15299785449308006456587465&tid=4798&t=imp&end=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.199.222 Weehawken, United States, ASN23393 (NUCDN - NuCDN LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
b80a9cbe9d44a616ebd09d5443e504feaf8dc9ebbc3b4cdcbc838b47bf7e08ec

Request headers

Host
syndication.exdynsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&id=15299785449308006456587465&tid=4798&t=imp&end=2
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CF450B62C121BCBE578C85EF720556A3
Referer
http://sax.peakonspot.com/pops/filter.php?rd=goto.peak-serving.com&id=15299785449308006456587465&tid=4798&t=imp&end=2

Response headers

Server
nginx
Date
Tue, 26 Jun 2018 02:02:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip

Redirect headers

Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Jun 2018 02:02:26 GMT
Location
https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNalJrTlRjM1lURXhZdz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1NzEyMzR8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjgyfDEuMTY4MnwyMnx8MXxERVV8fDYwfDJ8MXx8NDc2ZDVmOGQxY2M5OWE5MTIyM2ExMDkyZjI2NmI1NTN8ODU2NDY2NmMyZDUzMWM1NTAyY2YwMTEwYmQ5Y2NiODl8MHwyfDQ3OTgtOTMxYTQ0ZmFkYjQ0ZGViNzk3NzAwN2E5Zjc5ZjI1NjkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwwfC0xfDB8MHxob3N0aW5nfHwxfDE0NDB8fDJ8T0t8YzhlMjNiNjY3YTFkMjhhNzk2ODkxYjI4YzViY2YzNjY=
Server
nginx
Content-Length
0
Connection
keep-alive
Primary Request /
www.critch.de/88-euro-gratis/
Redirect Chain
  • https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNalJrTlRjM1lURXhZdz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERV...
  • http://www1.lustich.de/link
  • http://www1.lustich.de/link/
  • http://www.critch.de/88-euro-gratis
  • http://www.critch.de/88-euro-gratis/
851 B
842 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.critch.de/88-euro-gratis/
Requested by
Host: syndication.exdynsrv.com
URL: https://syndication.exdynsrv.com/cimp.php?data=TVRVeU9UazNPRFUwTkh3MVptWmhaak5rTXpWaVl6WXdORGd6TldVNFltUTJNalJrTlRjM1lURXhZdz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1NzEyMzR8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjgyfDEuMTY4MnwyMnx8MXxERVV8fDYwfDJ8MXx8NDc2ZDVmOGQxY2M5OWE5MTIyM2ExMDkyZjI2NmI1NTN8ODU2NDY2NmMyZDUzMWM1NTAyY2YwMTEwYmQ5Y2NiODl8MHwyfDQ3OTgtOTMxYTQ0ZmFkYjQ0ZGViNzk3NzAwN2E5Zjc5ZjI1NjkucGVha2FkeC5jb218MHwwfDB8MC4wMXwxfDB8ZXhjaGFuZ2VfbGlua3xiZjQ4NmYzYWJhNGM0MzI2MzJiZGVkMGY5OWE3YmQ0MnwwfDB8MHwwfC0xfDB8MHxob3N0aW5nfHwxfDE0NDB8fDJ8T0t8YzhlMjNiNjY3YTFkMjhhNzk2ODkxYjI4YzViY2YzNjY=
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
9c2e7c1c31d42a365b84afa32ef22d05b13a30acb8e02f3ec35fbba148c644e6

Request headers

Host
www.critch.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CF450B62C121BCBE578C85EF720556A3

Response headers

Date
Tue, 26 Jun 2018 02:02:26 GMT
Server
Apache
Last-Modified
Sun, 24 Jun 2018 12:50:37 GMT
ETag
"353-56f62b62f5d14-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
521
Keep-Alive
timeout=15, max=99
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Tue, 26 Jun 2018 02:02:26 GMT
Server
Apache
Location
http://www.critch.de/88-euro-gratis/
Content-Length
307
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
js
www.googletagmanager.com/gtag/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Requested by
Host: www.critch.de
URL: http://www.critch.de/88-euro-gratis/
Protocol
SPDY
Server
2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
1fd259f055f8efadde95a31bc1d046ad3e12bb931a01125f8763c537525d61f5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.critch.de/88-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Jun 2018 02:02:26 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
24842
x-xss-protection
1; mode=block
expires
Tue, 26 Jun 2018 02:02:26 GMT
/
www.privatelink.de/ Frame 610F
Redirect Chain
  • https://www.privatelink.de/sf/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F52jvSt0mcH
  • https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F52jvSt0mcH
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F52jvSt0mcH
Requested by
Host: www.critch.de
URL: http://www.critch.de/88-euro-gratis/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.20.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.23.20.40.188.clients.your-server.de
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
www.privatelink.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
JSESSIONID=B4FC472FBB743CBE8DCFBFBEFF7A0B40
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CF450B62C121BCBE578C85EF720556A3

Response headers

Server
Apache-Coyote/1.1
Referrer-Policy
no-referrer
Content-Type
text/html;charset=UTF-8
Content-Language
en
Content-Length
5005
Date
Tue, 26 Jun 2018 02:02:26 GMT

Redirect headers

Server
Apache-Coyote/1.1
Set-Cookie
JSESSIONID=B4FC472FBB743CBE8DCFBFBEFF7A0B40; Path=/; Secure; HttpOnly
Referrer-Policy
no-referrer
Location
/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F52jvSt0mcH
Content-Length
0
Date
Tue, 26 Jun 2018 02:02:26 GMT
/
www.privatelink.de/ Frame 5AD7
Redirect Chain
  • http://bit.ly/2oHl00R
  • https://www.privatelink.de/sf/?http://privatelink.de/%3Fhttps://t.co/z7rulNZ8zx
  • https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx
Requested by
Host: www.critch.de
URL: http://www.critch.de/88-euro-gratis/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.20.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.23.20.40.188.clients.your-server.de
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
www.privatelink.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
JSESSIONID=B4FC472FBB743CBE8DCFBFBEFF7A0B40
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CF450B62C121BCBE578C85EF720556A3

Response headers

Server
Apache-Coyote/1.1
Referrer-Policy
no-referrer
Content-Type
text/html;charset=UTF-8
Content-Language
en
Content-Length
5005
Date
Tue, 26 Jun 2018 02:02:26 GMT

Redirect headers

Server
Apache-Coyote/1.1
Referrer-Policy
no-referrer
Location
/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx
Content-Length
0
Date
Tue, 26 Jun 2018 02:02:26 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Protocol
SPDY
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch.de/88-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
4761
date
Tue, 26 Jun 2018 00:43:05 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14386
expires
Tue, 26 Jun 2018 02:43:05 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1596108641&t=pageview&_s=1&dl=http%3A%2F%2Fwww.critch.de%2F88-euro-gratis%2F&ul=en-us&de=UTF-8&dt=88%20Euro%20gratis%20-%20Critch%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1544727610&gjid=704035667&cid=1404342548.1529978547&tid=UA-117671757-2&_gid=554886284.1529978547&_r=1&gtm=u6c&z=403619735
Requested by
Host: www.critch.de
URL: http://www.critch.de/88-euro-gratis/
Protocol
SPDY
Server
2a00:1450:4001:816::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch.de/88-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Jun 2018 02:02:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
www.privatelink.de/ Name: JSESSIONID
Value: B4FC472FBB743CBE8DCFBFBEFF7A0B40
.critch.de/ Name: _gid
Value: GA1.2.554886284.1529978547
.critch.de/ Name: _gat_gtag_UA_117671757_2
Value: 1
.critch.de/ Name: _ga
Value: GA1.2.1404342548.1529978547