urlscan.io logo urlscan.io
SecurityTrails logo

www.critch-comedy.de Open in urlscan Pro
78.46.10.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://bit.ly/30ozk0h
Effective URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Submission: On May 31 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 17 domains to perform 15 HTTP transactions. The main IP is 78.46.10.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.critch-comedy.de.
This is the only time www.critch-comedy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 67.199.248.10 395224 (BITLY-AS)
1 1 52.29.251.15 16509 (AMAZON-02)
1 1 2a05:d018:e36... 16509 (AMAZON-02)
1 2 2a05:d018:483... 16509 (AMAZON-02)
1 2a05:d018:483... 16509 (AMAZON-02)
1 205.147.93.131 393676 (ZENEDGE)
1 104.25.185.102 13335 (CLOUDFLAR...)
1 147.135.243.181 16276 (OVH)
1 1 151.80.221.9 16276 (OVH)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 54.85.224.136 14618 (AMAZON-AES)
1 2 95.211.229.246 60781 (LEASEWEB-...)
2 2 78.46.155.195 24940 (HETZNER-AS)
3 78.46.10.196 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 104.244.42.197 13414 (TWITTER)
2 104.244.42.5 13414 (TWITTER)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
15 11
1    67.199.248.10 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
PTR: bit.ly
bit.ly
1    52.29.251.15 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-29-251-15.eu-central-1.compute.amazonaws.com
sactinas-dintire.com
1    2a05:d018:e36:3930:6152:c043:260e:a879 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
mysslgo.com
2    2a05:d018:483:6110:910e:48ff:2bc6:3ece (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
securessl-smart.com
1    2a05:d018:483:6130:5cc5:c974:7f81:d960 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
gdmconvtrck.com
1    205.147.93.131 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)
polimerk.com
1    104.25.185.102 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
botudeso.com
1    147.135.243.181 (Netherlands)

ASN16276 (OVH, FR)
PTR: ip181.ip-147-135-243.eu
core.royalads.net
1    151.80.221.9 (Netherlands)

ASN16276 (OVH, FR)
PTR: core.royalads.net
core.royalads.net
1    2606:4700:20::6819:b111 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
popcash.net
2    54.85.224.136 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-85-224-136.compute-1.amazonaws.com
ps.popcash.net
2    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.exdynsrv.com
2    78.46.155.195 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi3961.your-server.de
www1.lustich.de
3    78.46.10.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1996.your-server.de
www.critch-comedy.de
dirtyads.de
1    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
2    104.244.42.5 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    2606:4700:10::6814:db2a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tinyurl.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
4 t.co 2 redirects www.critch-comedy.de
2 www.google-analytics.com www.googletagmanager.com
www.critch-comedy.de
2 www.critch-comedy.de syndication.exdynsrv.com
www.critch-comedy.de
2 www1.lustich.de 2 redirects
2 syndication.exdynsrv.com 1 redirects ps.popcash.net
2 ps.popcash.net 1 redirects core.royalads.net
2 core.royalads.net 1 redirects botudeso.com
2 securessl-smart.com 1 redirects
1 dirtyads.de www.critch-comedy.de
1 tinyurl.com 1 redirects
1 www.googletagmanager.com www.critch-comedy.de
1 popcash.net 1 redirects
1 botudeso.com
1 polimerk.com gdmconvtrck.com
1 gdmconvtrck.com securessl-smart.com
1 mysslgo.com 1 redirects
1 sactinas-dintire.com 1 redirects
1 bit.ly 1 redirects
15 18

This site contains no links.

Subject Issuer Validity Valid
ssl375931.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-21 -
2019-11-27		 6 months crt.sh
*.royalads.net
Sectigo RSA Domain Validation Secure Server CA		 2019-05-19 -
2020-08-16		 a year crt.sh
exdynsrv.com
Let's Encrypt Authority X3		 2019-04-29 -
2019-07-28		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-14 -
2019-08-06		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh

This page contains 4 frames:

Primary Page: http://www.critch-comedy.de/cxp/200-euro-gratis/
Frame ID: A47E414F24A9C21A1DC34433B5B5619A
Requests: 12 HTTP requests in this frame

Frame: https://t.co/HXFJWCUIIe
Frame ID: B8F2838CEB46F1EB4ECF5C7277360A4B
Requests: 1 HTTP requests in this frame

Frame: https://t.co/x9tizX9PKq
Frame ID: F069DF80B0B33B116D89BF609E5305AF
Requests: 1 HTTP requests in this frame

Frame: http://dirtyads.de/ip-ad/
Frame ID: F48784CE04446A8442862A1E64D3AF2C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://bit.ly/30ozk0h HTTP 301
    http://sactinas-dintire.com/00d9e1ab-70fc-484a-9a55-1d97898b980c HTTP 302
    https://mysslgo.com/?a=55066&c=170736&s2=wRV3578NVM054URMHQGJVLC8 HTTP 302
    http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578N... Page URL
  2. http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578N... HTTP 302
    http://polimerk.com/15w53/sV8D/v1sT/5xdF9znIvAf9LzXSJfWSnetzOKPsa0HjqgtZ2ZFNPIxNpUNBgpKy?tVY=MM_... Page URL
  3. https://botudeso.com/auction?info=Z%252FktJ1rPgd5Ed2uQHWWB8biBL8almAZ0fULOIv7YQClZWd%252Bi4pqtsNk... Page URL
  4. https://core.royalads.net/click/?pub=c8e1e96b-6832-4c6a-b06b-83f93492d89f Page URL
  5. http://core.royalads.net/go/?pub=c8e1e96b-6832-4c6a-b06b-83f93492d89f&ref=https%3A%2F%2Fbotudeso.com%... HTTP 302
    http://popcash.net/world/go/79141/465699 HTTP 301
    http://ps.popcash.net/go/79141/465699 Page URL
  6. http://ps.popcash.net/ad/ad?p=79141&w=465699&t=c824a131ced007c1&r=aHR0cHMlM0ElMkYlMkZjb3JlLnJveWFs... HTTP 303
    https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8 Page URL
  7. https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8&p=http%3A%2F%2Fps.popcash.net%2F... HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxp/200-euro-gratis/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Page Statistics

15
Requests

53 %
HTTPS

37 %
IPv6

17
Domains

18
Subdomains

11
IPs

4
Countries

53 kB
Transfer

124 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://bit.ly/30ozk0h HTTP 301
    http://sactinas-dintire.com/00d9e1ab-70fc-484a-9a55-1d97898b980c HTTP 302
    https://mysslgo.com/?a=55066&c=170736&s2=wRV3578NVM054URMHQGJVLC8 HTTP 302
    http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8 Page URL
  2. http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517914&h=63d104ca8b53ae09f3f4398bf0a5c65dbb58e65e&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8&us=6dde9a500dd74451b58b0c735583ccf8 HTTP 302
    http://polimerk.com/15w53/sV8D/v1sT/5xdF9znIvAf9LzXSJfWSnetzOKPsa0HjqgtZ2ZFNPIxNpUNBgpKy?tVY=MM_MS_WW_New&af=55066&rrr=983f292f84444ba1a50b51d6e88aa075995f Page URL
  3. https://botudeso.com/auction?info=Z%252FktJ1rPgd5Ed2uQHWWB8biBL8almAZ0fULOIv7YQClZWd%252Bi4pqtsNk4z3widkm8vvNXoOOh6hpaHkQ3YmG%252FY5XJrRqMtvh%252ByN1FZY%252BQRGo%253D&sid=Ow0UQnUnJ9Bbjvt21pAW8xTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2 Page URL
  4. https://core.royalads.net/click/?pub=c8e1e96b-6832-4c6a-b06b-83f93492d89f Page URL
  5. http://core.royalads.net/go/?pub=c8e1e96b-6832-4c6a-b06b-83f93492d89f&ref=https%3A%2F%2Fbotudeso.com%2F&scrw=1600&scrh=1200&nlc=GZd695uj5n3Ab7UV&ven=&ver=&iif=0 HTTP 302
    http://popcash.net/world/go/79141/465699 HTTP 301
    http://ps.popcash.net/go/79141/465699 Page URL
  6. http://ps.popcash.net/ad/ad?p=79141&w=465699&t=c824a131ced007c1&r=aHR0cHMlM0ElMkYlMkZjb3JlLnJveWFsYWRzLm5ldCUyRg==&vw=1600&vh=1200 HTTP 303
    https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8 Page URL
  7. https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8&p=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&tested=1&check=80d8b102858d861badb6cef7955f61fb&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxp/200-euro-gratis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://bit.ly/30ozk0h HTTP 301
  • http://sactinas-dintire.com/00d9e1ab-70fc-484a-9a55-1d97898b980c HTTP 302
  • https://mysslgo.com/?a=55066&c=170736&s2=wRV3578NVM054URMHQGJVLC8 HTTP 302
  • http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8
Request Chain 2
  • http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517914&h=63d104ca8b53ae09f3f4398bf0a5c65dbb58e65e&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8&us=6dde9a500dd74451b58b0c735583ccf8 HTTP 302
  • http://polimerk.com/15w53/sV8D/v1sT/5xdF9znIvAf9LzXSJfWSnetzOKPsa0HjqgtZ2ZFNPIxNpUNBgpKy?tVY=MM_MS_WW_New&af=55066&rrr=983f292f84444ba1a50b51d6e88aa075995f
Request Chain 5
  • http://core.royalads.net/go/?pub=c8e1e96b-6832-4c6a-b06b-83f93492d89f&ref=https%3A%2F%2Fbotudeso.com%2F&scrw=1600&scrh=1200&nlc=GZd695uj5n3Ab7UV&ven=&ver=&iif=0 HTTP 302
  • http://popcash.net/world/go/79141/465699 HTTP 301
  • http://ps.popcash.net/go/79141/465699
Request Chain 6
  • http://ps.popcash.net/ad/ad?p=79141&w=465699&t=c824a131ced007c1&r=aHR0cHMlM0ElMkYlMkZjb3JlLnJveWFsYWRzLm5ldCUyRg==&vw=1600&vh=1200 HTTP 303
  • https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8
Request Chain 9
  • http://t.co/HXFJWCUIIe HTTP 301
  • https://t.co/HXFJWCUIIe
Request Chain 10
  • http://t.co/x9tizX9PKq HTTP 301
  • https://t.co/x9tizX9PKq
Request Chain 11
  • http://tinyurl.com/y5psyqtv HTTP 301
  • http://dirtyads.de/ip-ad/

15 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
securessl-smart.com/
Redirect Chain
  • http://bit.ly/30ozk0h
  • http://sactinas-dintire.com/00d9e1ab-70fc-484a-9a55-1d97898b980c
  • https://mysslgo.com/?a=55066&c=170736&s2=wRV3578NVM054URMHQGJVLC8
  • http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2...
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8
Protocol
HTTP/1.1
Server
2a05:d018:483:6110:910e:48ff:2bc6:3ece Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash
959d86c25e3621f005c75c63a3d91366cb1c4b669acb6e8701188ddee91b71ed

Request headers

Host
securessl-smart.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 31 May 2019 06:51:57 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Cache-Control
no-cache, must-revalidate
Pragma
no-cache
Expires
Sat, 1 May 2020 12:00:00 GMT
Content-Encoding
gzip

Redirect headers

status
302
date
Fri, 31 May 2019 06:51:57 GMT
content-type
text/html;charset=ISO-8859-1
location
http://securessl-smart.com?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8
server
nginx
content-language
en-US
trck
gdmconvtrck.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://gdmconvtrck.com/trck
Requested by
Host: securessl-smart.com
URL: http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8
Protocol
HTTP/1.1
Server
2a05:d018:483:6130:5cc5:c974:7f81:d960 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 31 May 2019 06:51:57 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/javascript;charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, must-revalidate
Transfer-Encoding
chunked
Connection
keep-alive
Expires
Sat, 1 May 2020 12:00:00 GMT
Cookie set 5xdF9znIvAf9LzXSJfWSnetzOKPsa0HjqgtZ2ZFNPIxNpUNBgpKy
polimerk.com/15w53/sV8D/v1sT/
Redirect Chain
  • http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517914&h=63d104ca8b53ae09f3f4398bf0a5c65dbb58e65e&req=https%3A%2F%2...
  • http://polimerk.com/15w53/sV8D/v1sT/5xdF9znIvAf9LzXSJfWSnetzOKPsa0HjqgtZ2ZFNPIxNpUNBgpKy?tVY=MM_MS_WW_New&af=55066&rrr=983f292f84444ba1a50b51d6e88aa075995f
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://polimerk.com/15w53/sV8D/v1sT/5xdF9znIvAf9LzXSJfWSnetzOKPsa0HjqgtZ2ZFNPIxNpUNBgpKy?tVY=MM_MS_WW_New&af=55066&rrr=983f292f84444ba1a50b51d6e88aa075995f
Requested by
Host: gdmconvtrck.com
URL: http://gdmconvtrck.com/trck
Protocol
HTTP/1.1
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
0278ffdc917d5713d30d8b9397955a2675138b2b27edd8dcc2cd52c7f889b17d

Request headers

Host
polimerk.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://securessl-smart.com/?a=55066&c=145009&oc=48335&sr=t&so=54015&sc=10487514&rc=24_66679&s2=wRV3578NVM054URMHQGJVLC8&vt=1559285517830&h=45ae7fc50058600cac3277946a154cb898ad8995&req=https%3A%2F%2Fmysslgo.com%2F%3Fa%3D55066%26c%3D170736%26s2%3DwRV3578NVM054URMHQGJVLC8

Response headers

Date
Fri, 31 May 2019 06:51:58 GMT
Content-Type
text/html;charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Set-Cookie
DLECYFGXT1JDy68n0qBW6ZoYvKG3hmFYctfVt%2BnVzM8%3D=50ba96f176f6c47a00bf930ffc638773_1559285518.1175; domain=polimerk.com; path=/; expires=Mon, 28-May-2029 06:51:58 UTC IvzH1Nc%2FMn3AhesCvjdkv07oSeab5zLGT8BmAUNdjkM%3D=1559285518.1216; domain=polimerk.com; path=/; expires=Mon, 28-May-2029 06:51:58 UTC B04gqyr4yLmq9nWbIHz4kqhPepdZrW4W7JFAxrLIu80%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Vjc1dGtrZnIrZHNnejRYSVU0RnlEN0dwYVVySnIvMEh4elBFaUNSNUY4SQ%3D%3D; domain=polimerk.com; path=/; expires=Mon, 28-May-2029 06:51:58 UTC 50ba96f176f6c47a00bf930ffc638773_1559285518.1175_ck=MzhEZ044WllxeTNrQ0VUajhpc0lud0MvL05RZENtQS9NQVRuK3dhdkJNUmtYdCtEZ29peTNLU3duaUJtYjVVcTI2K2VjczU5Z1QvQzNjMC9lckR5WDFpbXN0MHlxdHhNd2JSUzhiV3ZhZkltdmZtN0pGZ0RXczEyMWZITXpjYkxJTnRtNFNzbWxOTTJhYlk4T055VWh2d2J4cVIvTlhQRzhRb0RLYkpLMXJzUzJiTDFQNVkya1lWM24zYjdjcDUyMWtVSC9mWHVWUHArRGY3NGs1WFpZbE9rdlV3WjNYWHNxMnNyL0RHTktxWXlIaS91OUxqUkV1VnkweVEwZWpWd282QjdTcGEvdzhHSEx6SVQ0bEJjNWVBSmxtTVNJQm5UaVhhdUdkNEkxbVNkN3pPVEljM09IaWp2RXJXMnFESzRjdjhnemNqakltSFg1Z2lKNDVGdVc0V09pWDRmWjV6SmNXRnpyNndPR2ZzV2ltN3VIUWx2QkpJOWFMcHUvN0ljd3FCZnRXbzZxUVlMc0JDY3k4OXR6aks1cStEVUlLbzNHSndmYVB2SzNGTW5qeWJaVnBBTjBhd2RpR0Jmb1liWmZWMDdQY293NXQzNE9pdzcrQS9OM0pxR1U0QkpVZitxNXdRT0w5dENlcGVCaVNEemZzMUV1V1g4VTBGZkNrV3pubDF4aWhIMVlFalo1Y2traXZwTzB5YzdJTUhZMGtMS1p6MWZha3pvWHVpeGpDelVjWnZMc2dyc29BVUhSUVRUUUZBbmxPNWNMaU56UVU1R2VUek1tWi9UMmtFNmZPVWlQcnUreVVWY2RYMThuSHdKSGhTYVMwbVc1QzMzODBJT2xpdnRtYWZQSUUvTlBRaWRjVXV5a1hHeXFKeTB5cWIzQ01VQmJQZUJmOXpoODc5NlkzODVveFRzQWVnZ3VuUHpxZzBGUFA3c3l4ZXR2MTR0TElSK0NEaGxoaGtrOEhMZ2lJVUdqaXZhbEJJPQ%3D%3D; domain=polimerk.com; path=/; expires=Mon, 28-May-2029 06:51:58 UTC yNqbr7cghl6g4kLHWT2eFPplv9Z%2Bwz6%2BtyUAzvwJBiE%3D=RytuNFVZOVQ1ZHNjS1BXeVBmampGSTVHbFcxZWRDK3h1VFkxSGhMeFozb3FHNnViM3dpWG1Va3hVUldVcnlFMUN5STd3a2dyb1NvSFJmZUhmd2xmeE1LUUtKUG9RNmNoektJeHoxMFN1enM9; domain=polimerk.com; path=/; expires=Fri, 31-May-2019 07:56:58 UTC SERVERID=sfc11; path=/
X-Zen-Fury
57edbcaaf5d179dbaec4d79e12c8a7e5d4a1a3e5
Server
ZENEDGE
X-Cache-Status
NOTCACHED
Content-Encoding
gzip

Redirect headers

Date
Fri, 31 May 2019 06:51:58 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Set-Cookie
gdm_sid_v1_3_001=r2Gm14neHLhA+L16GQ8uSF9z60d/117OD3+2+lBNiLuQbrVb2lUypkCYz3Y9RBiv1eLjRBNDX1QorcF+/s3OFUnBUgSxdi84XMpOnD6r23rF8qwX6nB419GJwJxT+FmHscu8uNJ0WEjrKc5bsQRtjc1FezIPgqmBlhcOPyNlYjzBdU7s3f0zK5g8fgObu7vQOVc+j6mKQTYoZc/XDhVpguZrAlBsYqgnie6c+6AJepQCi6QUUhhuxtUrsCjTX3kt8SiZz8OJUyZcK/C+df1F4xaCwAma+hI+QDfs0EK6PupjUcU0FIm0o8x5aXFmpME2yo4wzSoDZkC99w8a3BRjAo1sObac2Kf1gDIljeCPQVtJAccb3cOSHImXAJLwx56eh8t+tR1JSJrbc8dvJgu+F1yKEPkb8yx/IFmbxE/uKulzhy/MIVBnNBpqVBFXH/CENKnx7HrH3/WLAQSOFxiGfJOoeyr/gCI3OqbQgRMxpoBM0dUahHgEyRMdZ2CSVXPIPioWdM0drRpHOyKHYkbX9MUvtHIcJkmv3w5tsiFb/hWa+/vy00voz8PR9iZdS4CiQMRAQMpX/jLTIrIHm5cUM7sgR0AcozsKXtY44KAeyc/5bPwf4AxRUR/0hE7QF/+/AbIf38f3lcdaJjyZPqCmDeC3B0C9B1Vj+eBnWuxmoea+e24lGTUocQet/LDQmRDoaxspu7Ipj/x0laru6HnItOsDEnLfIO0RJ2+HgDjFZt4XoEe0qv6QG98N0+qegNhy4T9+8OZd+9w+3amvxHBOJh43kZZ3zxrszWPOm0+TDhQXzjuA735r4Czm9Ye9kusixcBYqiQh1sSi0pQq9668pye5C95afMfakHcz2aiGuXfqxrOp6oL6HTIbQxDVzBFjkZec6SkdMXTB9R00lr4eckPzVIqBzg8bzAvL/2RidOO7jZX4wmJzxutlIaGxvBpJUuMAmcc6i/2zdzbUlx32LlD8571D6i7qhZfBU4gAivGgDhf1kk9R9mX8AI4mZNy3IxFLTuCHQUH2qhXpWkC0Z6L87DfMlEQlI4d1g6EMBnYaF5cOhhJMo5FqbmWO28EZNmP2WEMIgcH34bBtrcXAlOxRdpII+8Z8yB/ocYlQtFmokjc2faiwgqKzoQ9oE6hNfSsbvDI5jvfwdu0LHbgqw31/22WDUvUQr8LQx2W08rNKfmMnrAz3QxY61K4DEKthOsKD/HsFyVVtdnfss6qoib/zoo/Z0VTl0R8zckLmXPUIexj775BlKOSAKiOQZv7FVtywHCxs1dUtDwPHI1+otMyA4N8kti07vtCGf3X2qvAe5ixKruZEwdr7fMT7fbTssH+BTaG8F9s/8+Jvq5Thty4nUjl6F4C2XEb/cEtLUwA=; Expires=Thu, 29-Aug-2019 06:51:58 GMT gdm_click_adv_freq_v1_1_001=fh7lWQYPOD5HnY5N8r1ep34pPUeGWbMbJJ54Vvj4dGwAOur9tJL0Y2IhnY4OFAT7; Expires=Thu, 29-Aug-2019 06:51:58 GMT gdm_click_freq_v1_1_001=nRl+4xCTrTQgQsi2d0AmwbDsZP+ZQ2M4UH906Oz+Vp2S6sFOcyZNJYFrEm4itIUz; Expires=Thu, 29-Aug-2019 06:51:58 GMT gdm_suid_v1_1_001=2daHQDy0aJj3jQkqQICwsKe0aL2YV3LX1N5XAxlZEX+HmWNX5pXfmuZLvV6lzm6N; Expires=Thu, 29-Aug-2019 06:51:58 GMT gdm_uid_v1_1_001=2daHQDy0aJj3jQkqQICwsKe0aL2YV3LX1N5XAxlZEX+HmWNX5pXfmuZLvV6lzm6N; Expires=Thu, 29-Aug-2019 06:51:58 GMT
Location
http://polimerk.com/15w53/sV8D/v1sT/5xdF9znIvAf9LzXSJfWSnetzOKPsa0HjqgtZ2ZFNPIxNpUNBgpKy?tVY=MM_MS_WW_New&af=55066&rrr=983f292f84444ba1a50b51d6e88aa075995f
Content-Language
en-US
auction
botudeso.com/ 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://botudeso.com/auction?info=Z%252FktJ1rPgd5Ed2uQHWWB8biBL8almAZ0fULOIv7YQClZWd%252Bi4pqtsNk4z3widkm8vvNXoOOh6hpaHkQ3YmG%252FY5XJrRqMtvh%252ByN1FZY%252BQRGo%253D&sid=Ow0UQnUnJ9Bbjvt21pAW8xTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.185.102 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
3db74843e87eca0635e355967cecbe5d32c930207698710eb7afc88f089f69f1

Request headers

:method
GET
:authority
botudeso.com
:scheme
https
:path
/auction?info=Z%252FktJ1rPgd5Ed2uQHWWB8biBL8almAZ0fULOIv7YQClZWd%252Bi4pqtsNk4z3widkm8vvNXoOOh6hpaHkQ3YmG%252FY5XJrRqMtvh%252ByN1FZY%252BQRGo%253D&sid=Ow0UQnUnJ9Bbjvt21pAW8xTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://polimerk.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://polimerk.com/

Response headers

status
200
date
Fri, 31 May 2019 06:51:58 GMT
content-type
text/html;charset=ISO-8859-1
set-cookie
__cfduid=dbeb2e889377631f3c89a15cacf064b7b1559285518; expires=Sat, 30-May-20 06:51:58 GMT; path=/; domain=.botudeso.com; HttpOnly
cache-control
no-store, no-cache
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4df705bacc429d4e-AMS
content-encoding
br
Cookie set /
core.royalads.net/click/ 		635 B
692 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.royalads.net/click/?pub=c8e1e96b-6832-4c6a-b06b-83f93492d89f
Requested by
Host: botudeso.com
URL: https://botudeso.com/auction?info=Z%252FktJ1rPgd5Ed2uQHWWB8biBL8almAZ0fULOIv7YQClZWd%252Bi4pqtsNk4z3widkm8vvNXoOOh6hpaHkQ3YmG%252FY5XJrRqMtvh%252ByN1FZY%252BQRGo%253D&sid=Ow0UQnUnJ9Bbjvt21pAW8xTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
147.135.243.181 , Netherlands, ASN16276 (OVH, FR),
Reverse DNS
ip181.ip-147-135-243.eu
Software
nginx /
Resource Hash
26a18efd6459316fdf45854c449325b8c4f83fe6a96e9ab84a39819e627ef42f

Request headers

Host
core.royalads.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://botudeso.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://botudeso.com/

Response headers

Server
nginx
Date
Fri, 31 May 2019 06:51:58 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-cache
Set-Cookie
cflag=851;Domain=core.royalads.net;Path=/
Content-Encoding
gzip
465699
ps.popcash.net/go/79141/
Redirect Chain
  • http://core.royalads.net/go/?pub=c8e1e96b-6832-4c6a-b06b-83f93492d89f&ref=https%3A%2F%2Fbotudeso.com%2F&scrw=1600&scrh=1200&nlc=GZd695uj5n3Ab7UV&ven=&ver=&iif=0
  • http://popcash.net/world/go/79141/465699
  • http://ps.popcash.net/go/79141/465699
473 B
522 B 		Document
General
Check archive.org
Download Go to
Full URL
http://ps.popcash.net/go/79141/465699
Requested by
Host: core.royalads.net
URL: https://core.royalads.net/click/?pub=c8e1e96b-6832-4c6a-b06b-83f93492d89f
Protocol
HTTP/1.1
Server
54.85.224.136 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-85-224-136.compute-1.amazonaws.com
Software
nginx /
Resource Hash
dd5536267d18555885350d4682221204146047a9e2d547cb534c4961b027ad2e

Request headers

Host
ps.popcash.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://core.royalads.net/
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d55cc0bd7514095f72663f71b9318b5791559285519
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://core.royalads.net/

Response headers

Date
Fri, 31 May 2019 06:51:59 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Fri, 31 May 2019 06:51:59 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Set-Cookie
__cfduid=d55cc0bd7514095f72663f71b9318b5791559285519; expires=Sat, 30-May-20 06:51:59 GMT; path=/; domain=.popcash.net; HttpOnly
Location
http://ps.popcash.net/go/79141/465699
Server
cloudflare
CF-RAY
4df705bddc9763b3-FRA
Cookie set splash.php
syndication.exdynsrv.com/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=79141&w=465699&t=c824a131ced007c1&r=aHR0cHMlM0ElMkYlMkZjb3JlLnJveWFsYWRzLm5ldCUyRg==&vw=1600&vh=1200
  • https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8
1 KB
941 B 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/79141/465699
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
ad237d1f14d5e5014bd094a7e727f3a2ca32387fc4826489b1bb622b4cdbed5a

Request headers

Host
syndication.exdynsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ps.popcash.net/go/79141/465699
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ps.popcash.net/go/79141/465699

Response headers

Server
nginx
Date
Fri, 31 May 2019 06:51:59 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225cf0cf0f926370.98223667707711565%22%3B%7D; expires=Sun, 30-May-2021 06:51:59 GMT; Max-Age=63072000; domain=exdynsrv.com
Content-Encoding
gzip

Redirect headers

Date
Fri, 31 May 2019 06:51:59 GMT
Content-Type
text/html; charset=utf-8
Content-Length
111
Connection
keep-alive
Server
nginx
Location
https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8
Primary Request /
www.critch-comedy.de/cxp/200-euro-gratis/
Redirect Chain
  • https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8&p=http%3A%2F%2Fps.popcash.net%2Fgo%2F79141%2F465699&tested=1&check=80d8b102858d861badb6cef7955f61fb&screen_resolution=16...
  • http://www1.lustich.de/link
  • http://www1.lustich.de/link/
  • http://www.critch-comedy.de/cxp/200-euro-gratis/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.critch-comedy.de/cxp/200-euro-gratis/
Requested by
Host: syndication.exdynsrv.com
URL: https://syndication.exdynsrv.com/splash.php?idzone=3207867&sub=465699&type=8
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
ca61e9f547a3af71d2243d5efd0d3fbe694af2e78ad91bf79cc012776c280d59

Request headers

Host
www.critch-comedy.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 31 May 2019 06:51:59 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Access-Control-Allow-Headers
Authorization
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Sat, 06 Apr 2019 17:05:13 GMT
ETag
"55d-585df9b534e09-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
780
Keep-Alive
timeout=15, max=100
Content-Type
text/html

Redirect headers

Date
Fri, 31 May 2019 06:51:59 GMT
Server
Apache
Location
http://www.critch-comedy.de/cxp/200-euro-gratis/
Content-Length
0
Keep-Alive
timeout=15, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
showads.js
www.critch-comedy.de/cxp/200-euro-gratis/ 		21 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.critch-comedy.de/cxp/200-euro-gratis/showads.js
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 31 May 2019 06:51:59 GMT
Last-Modified
Wed, 27 Mar 2019 14:12:07 GMT
Server
Apache
ETag
"15-5851405d534cb"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization
Content-Length
21
Keep-Alive
timeout=15, max=99
js
www.googletagmanager.com/gtag/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
4e18b38317b35b54d5da219577ec6120a97962b913b82cb30dc45945b5c2d02c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 May 2019 06:51:59 GMT
content-encoding
br
last-modified
Thu, 30 May 2019 16:41:01 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25345
x-xss-protection
0
expires
Fri, 31 May 2019 06:51:59 GMT
HXFJWCUIIe
t.co/ Frame B8F2
Redirect Chain
  • http://t.co/HXFJWCUIIe
  • https://t.co/HXFJWCUIIe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/HXFJWCUIIe
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/HXFJWCUIIe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Fri, 31 May 2019 06:52:00 GMT
expires
Fri, 31 May 2019 06:57:00 GMT
server
tsa_f
set-cookie
muc=eeb10310-6a48-43cf-a9bd-ad1633fee8cb; Max-Age=63072000; Expires=Sun, 30 May 2021 06:52:00 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
24db1d02c5b494ae0b98e33825796edf
x-response-time
122
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Fri, 31 May 2019 06:52:00 GMT
location
https://t.co/HXFJWCUIIe
server
tsa_f
x-connection-hash
5824251577beb11a7b7eea27fc57cb24
x-response-time
114
x9tizX9PKq
t.co/ Frame F069
Redirect Chain
  • http://t.co/x9tizX9PKq
  • https://t.co/x9tizX9PKq
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/x9tizX9PKq
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/x9tizX9PKq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
186
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Fri, 31 May 2019 06:52:00 GMT
expires
Fri, 31 May 2019 06:57:00 GMT
referrer-policy
unsafe-url
server
tsa_f
set-cookie
muc=cd38fe6b-674c-4688-b8a1-d918f6778c0d; Max-Age=63072000; Expires=Sun, 30 May 2021 06:52:00 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
24db1d02c5b494ae0b98e33825796edf
x-response-time
122
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Fri, 31 May 2019 06:52:00 GMT
location
https://t.co/x9tizX9PKq
server
tsa_f
x-connection-hash
cc0f6a880c63d7cd85c874a4e29f6237
x-response-time
106
/
dirtyads.de/ip-ad/ Frame F487
Redirect Chain
  • http://tinyurl.com/y5psyqtv
  • http://dirtyads.de/ip-ad/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://dirtyads.de/ip-ad/
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
dirtyads.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

Date
Fri, 31 May 2019 06:52:00 GMT
Server
Apache
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
259
Keep-Alive
timeout=15, max=100
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Fri, 31 May 2019 06:52:00 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=def84986ae0e2da2086cf8e22b4ab411f1559285519; expires=Sat, 30-May-20 06:51:59 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=cf0cf14b3d6a000000000000; expires=Sat, 30-May-2020 06:51:59 GMT; Max-Age=31536000; path=/; domain=.tinyurl.com
Location
http://dirtyads.de/ip-ad/
X-tiny
cache 0.010251998901367
Server
cloudflare
CF-RAY
4df705c33d99c281-FRA
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
4766
date
Fri, 31 May 2019 05:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Fri, 31 May 2019 07:32:33 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=1453894128&t=pageview&_s=1&dl=http%3A%2F%2Fwww.critch-comedy.de%2Fcxp%2F200-euro-gratis%2F&ul=en-us&de=UTF-8&dt=200%20Euro%20gratis%20-%20Critch%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=111949022&gjid=1851249020&cid=465658733.1559285520&tid=UA-117671757-2&_gid=891097055.1559285520&_r=1&gtm=2ou5m0&z=978667797
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 May 2019 06:51:59 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask boolean| canRunAds function| gtag object| dataLayer undefined| leave object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

1 Cookies

Domain/Path Name / Value
.botudeso.com/ Name: __cfduid
Value: dbeb2e889377631f3c89a15cacf064b7b1559285518

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bit.ly
botudeso.com
core.royalads.net
dirtyads.de
gdmconvtrck.com
mysslgo.com
polimerk.com
popcash.net
ps.popcash.net
sactinas-dintire.com
securessl-smart.com
syndication.exdynsrv.com
t.co
tinyurl.com
www.critch-comedy.de
www.google-analytics.com
www.googletagmanager.com
www1.lustich.de
104.244.42.197
104.244.42.5
104.25.185.102
147.135.243.181
151.80.221.9
205.147.93.131
2606:4700:10::6814:db2a
2606:4700:20::6819:b111
2a00:1450:4001:814::200e
2a00:1450:4001:81f::2008
2a05:d018:483:6110:910e:48ff:2bc6:3ece
2a05:d018:483:6130:5cc5:c974:7f81:d960
2a05:d018:e36:3930:6152:c043:260e:a879
52.29.251.15
54.85.224.136
67.199.248.10
78.46.10.196
78.46.155.195
95.211.229.246
0278ffdc917d5713d30d8b9397955a2675138b2b27edd8dcc2cd52c7f889b17d
26a18efd6459316fdf45854c449325b8c4f83fe6a96e9ab84a39819e627ef42f
3db74843e87eca0635e355967cecbe5d32c930207698710eb7afc88f089f69f1
4e18b38317b35b54d5da219577ec6120a97962b913b82cb30dc45945b5c2d02c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
959d86c25e3621f005c75c63a3d91366cb1c4b669acb6e8701188ddee91b71ed
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
ad237d1f14d5e5014bd094a7e727f3a2ca32387fc4826489b1bb622b4cdbed5a
ca61e9f547a3af71d2243d5efd0d3fbe694af2e78ad91bf79cc012776c280d59
dd5536267d18555885350d4682221204146047a9e2d547cb534c4961b027ad2e