urlscan.io logo urlscan.io
SecurityTrails logo

www.critch-comedy.de Open in urlscan Pro
78.46.10.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://162.144.213.102/s.php?851404_0_24767_a1b2c3d4e5#6646?576671684
Effective URL: http://www.critch-comedy.de/cxa/200-euro-gratis/
Submission: On March 26 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 14 domains to perform 17 HTTP transactions. The main IP is 78.46.10.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.critch-comedy.de.
This is the only time www.critch-comedy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 162.144.213.102 46606 (UNIFIEDLA...)
1 174.128.224.199 46844 (ST-BGP)
1 94.237.86.133 202053 (UPCLOUD)
1 1 94.237.86.183 202053 (UPCLOUD)
1 31.170.100.125 201942 (SOLTIA)
1 31.170.100.126 201942 (SOLTIA)
1 3 62.212.87.140 60781 (LEASEWEB-...)
1 1 34.193.160.81 14618 (AMAZON-AES)
1 1 52.206.38.50 14618 (AMAZON-AES)
1 2 95.211.229.247 60781 (LEASEWEB-...)
2 2 78.46.155.195 24940 (HETZNER-AS)
2 78.46.10.196 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 3 104.244.42.133 13414 (TWITTER)
3 104.244.42.197 13414 (TWITTER)
2 2a00:1450:400... 15169 (GOOGLE)
17 12
2    162.144.213.102 (Provo, United States)

ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US)
PTR: ungleaned.com
162.144.213.102
1    174.128.224.199 (Denver, United States)

ASN46844 (ST-BGP - Sharktech, US)
positiveinventive.com
1    94.237.86.133 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-86-133.de-fra1.upcloud.host
sau.simpleberg.com
1    94.237.86.183 (Finland)

ASN202053 (UPCLOUD, FI)
PTR: 94-237-86-183.de-fra1.upcloud.host
sl.zbengi.com
1    31.170.100.125 (None, )

ASN201942 (SOLTIA, ES)
mobi.mativers.com
1    31.170.100.126 (None, )

ASN201942 (SOLTIA, ES)
mobi.mativers.com
3    62.212.87.140 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
misctraff.com
1    34.193.160.81 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-193-160-81.compute-1.amazonaws.com
typrg.com
1    52.206.38.50 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-38-50.compute-1.amazonaws.com
enjrg.com
2    95.211.229.247 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb.exoclick.com
2    78.46.155.195 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi3961.your-server.de
www1.lustich.de
2    78.46.10.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1996.your-server.de
www.critch-comedy.de
1    2a00:1450:4001:81a::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2606:4700:10::6814:3677 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.pushcrew.com
3    104.244.42.133 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
3    104.244.42.197 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
2    2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
6 t.co 3 redirects www.critch-comedy.de
3 misctraff.com 1 redirects mobi.mativers.com
misctraff.com
2 www.google-analytics.com www.googletagmanager.com
www.critch-comedy.de
2 www.critch-comedy.de rtb.exoclick.com
www.critch-comedy.de
2 www1.lustich.de 2 redirects
2 rtb.exoclick.com 1 redirects misctraff.com
2 mobi.mativers.com mobi.mativers.com
1 cdn.pushcrew.com www.critch-comedy.de
1 www.googletagmanager.com www.critch-comedy.de
1 enjrg.com 1 redirects
1 typrg.com 1 redirects
1 sl.zbengi.com 1 redirects
1 sau.simpleberg.com positiveinventive.com
1 positiveinventive.com 162.144.213.102
17 14

This site contains no links.

Subject Issuer Validity Valid
positiveinventive.com
COMODO RSA Domain Validation Secure Server CA		 2018-10-05 -
2019-10-05		 a year crt.sh
sau.simpleberg.com
Let's Encrypt Authority X3		 2019-03-05 -
2019-06-03		 3 months crt.sh
ads.conscier.com
Let's Encrypt Authority X3		 2019-03-13 -
2019-06-11		 3 months crt.sh
trk.billysrv.com
Let's Encrypt Authority X3		 2019-03-25 -
2019-06-23		 3 months crt.sh
*.exoclick.com
Go Daddy Secure Certificate Authority - G2		 2018-08-03 -
2019-10-02		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
*.pushcrew.com
Go Daddy Secure Certificate Authority - G2		 2016-06-02 -
2019-07-31		 3 years crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh
*.google.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh

This page contains 4 frames:

Primary Page: http://www.critch-comedy.de/cxa/200-euro-gratis/
Frame ID: 4D2E49CB5BF6DF8B2D57C95ECDD0BB24
Requests: 14 HTTP requests in this frame

Frame: https://t.co/HXFJWCUIIe
Frame ID: E018507100BDC0DBFA4310CDFB7AE063
Requests: 1 HTTP requests in this frame

Frame: https://t.co/x9tizX9PKq
Frame ID: 8EADC58B4B27C1BC694F47833D1937C4
Requests: 1 HTTP requests in this frame

Frame: https://t.co/z7rulNZ8zx
Frame ID: F7BDE4026EB8F38375AB74FDACA4C069
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://162.144.213.102/s.php?851404_0_24767_a1b2c3d4e5 Page URL
  2. http://162.144.213.102/r.php?851404_6646?576671684_24767_a1b2c3d4e5 HTTP 302
    https://positiveinventive.com/17631636bde328ad800/98/6646--/851404 Page URL
  3. https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub... Page URL
  4. https://sl.zbengi.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub... HTTP 302
    https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-b... Page URL
  5. https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source... Page URL
  6. https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source... HTTP 302
    https://misctraff.com/gw?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&... Page URL
  7. https://typrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326203413_4d9e... HTTP 302
    https://enjrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326203413_4d9e... HTTP 302
    https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMk... Page URL
  8. https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMk... HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxa/200-euro-gratis/ Page URL

Page Statistics

17
Requests

76 %
HTTPS

18 %
IPv6

14
Domains

14
Subdomains

12
IPs

6
Countries

124 kB
Transfer

369 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://162.144.213.102/s.php?851404_0_24767_a1b2c3d4e5 Page URL
  2. http://162.144.213.102/r.php?851404_6646?576671684_24767_a1b2c3d4e5 HTTP 302
    https://positiveinventive.com/17631636bde328ad800/98/6646--/851404 Page URL
  3. https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub_id1=690264&sub_id2=98 Page URL
  4. https://sl.zbengi.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub_id1=690264&sub_id2=98 HTTP 302
    https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c9a7eb4-80e693b1-79b1-ac9e33e88b13-5268-526610bba2d2 Page URL
  5. https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150 Page URL
  6. https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&code2=Y3RtATE1NTM2Mjg4NTMyMTgAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNgBhNDMBMDAwMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMABmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATEwMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgEAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBMABjZGcBMDExMTExMTEwMDAxMTAwMDExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMDEwMQB3dXQBAGtsbmcBZW4tVVMAcnR0ATAAbGFvAQBobHMBMA__ HTTP 302
    https://misctraff.com/gw?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%26ref%3DM2019032619-f9f396c0d7b1c49e0d18aa3055659678&vId=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&hash=4502857aa004e86d2a&ete=true Page URL
  7. https://typrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&ref=M2019032619-f9f396c0d7b1c49e0d18aa3055659678 HTTP 302
    https://enjrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&ref=M2019032619-f9f396c0d7b1c49e0d18aa3055659678 HTTP 302
    https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMkUyTWpOaFlXTmpZUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4Mi4xMDIuMTYuMTg3fERFVXw1MnxhZGV4Y2hhbmdlLTc0OTAyMC5jb218NTI2MTkwfDUzMDM0MHw3NDkwMjB8MzEyMjA1MHw1MTN8MjM2MzA2MHwyMDE0NTk1NHwxNnwyfDB8MHw0NjI1fDc2NDJ8MTIuNXw4MHxVU0R8RVVSfDEuMTM0NHwxLjEzNDR8MjJ8fDF8REVVfDgyLjEwMi4xNi4xODd8MTB8MnwxfHxmMTkxNmE1MjVlNDkwNzQ4N2JkYWQ3MjIxZTJmYzI5M3wzM2FjODExYWE5YmQxNjkwNzFmMTJjYTgxOTZlZDNjZHwxfDB8MDQ5OS5wZWFrYWR4LmNvbXwwfDB8MHwwfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5MDUzMzB8MHwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3xjNWIxNGY4NWVhMWMzMDg4OWMyNmU3NzFiMTkwMGVhZQ%3D%3D Page URL
  8. https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMkUyTWpOaFlXTmpZUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4Mi4xMDIuMTYuMTg3fERFVXw1MnxhZGV4Y2hhbmdlLTc0OTAyMC5jb218NTI2MTkwfDUzMDM0MHw3NDkwMjB8MzEyMjA1MHw1MTN8MjM2MzA2MHwyMDE0NTk1NHwxNnwyfDB8MHw0NjI1fDc2NDJ8MTIuNXw4MHxVU0R8RVVSfDEuMTM0NHwxLjEzNDR8MjJ8fDF8REVVfDgyLjEwMi4xNi4xODd8MTB8MnwxfHxmMTkxNmE1MjVlNDkwNzQ4N2JkYWQ3MjIxZTJmYzI5M3wzM2FjODExYWE5YmQxNjkwNzFmMTJjYTgxOTZlZDNjZHwxfDB8MDQ5OS5wZWFrYWR4LmNvbXwwfDB8MHwwfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5MDUzMzB8MHwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3xjNWIxNGY4NWVhMWMzMDg4OWMyNmU3NzFiMTkwMGVhZQ%3D%3D&p=https%3A%2F%2Fmisctraff.com%2Fl%2F4502857aa004e86d2a%3Fsub%3DM2019032619-f9f396c0d7b1c49e0d18aa3055659678%26source%3D4359338591274150%26url%3Dhttps%253A%252F%252Ftyprg.com%252Fdep.php%253Fpid%253D7642%2526subid%253D15465_4359338591274150%2526cid%253Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%2526ref%253DM2019032619-f9f396c0d7b1c49e0d18aa3055659678%26vId%3Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%26hash%3D4502857aa004e86d2a%26ete%3Dtrue&tested=1&check=57c9c8f450d5b69c5d99c875cf1bf746&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxa/200-euro-gratis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://162.144.213.102/r.php?851404_6646?576671684_24767_a1b2c3d4e5 HTTP 302
  • https://positiveinventive.com/17631636bde328ad800/98/6646--/851404
Request Chain 3
  • https://sl.zbengi.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub_id1=690264&sub_id2=98 HTTP 302
  • https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c9a7eb4-80e693b1-79b1-ac9e33e88b13-5268-526610bba2d2
Request Chain 6
  • https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&code2=Y3RtATE1NTM2Mjg4NTMyMTgAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNgBhNDMBMDAwMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMABmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATEwMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgEAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBMABjZGcBMDExMTExMTEwMDAxMTAwMDExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMDEwMQB3dXQBAGtsbmcBZW4tVVMAcnR0ATAAbGFvAQBobHMBMA__ HTTP 302
  • https://misctraff.com/gw?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%26ref%3DM2019032619-f9f396c0d7b1c49e0d18aa3055659678&vId=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&hash=4502857aa004e86d2a&ete=true
Request Chain 7
  • https://typrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&ref=M2019032619-f9f396c0d7b1c49e0d18aa3055659678 HTTP 302
  • https://enjrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&ref=M2019032619-f9f396c0d7b1c49e0d18aa3055659678 HTTP 302
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMkUyTWpOaFlXTmpZUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4Mi4xMDIuMTYuMTg3fERFVXw1MnxhZGV4Y2hhbmdlLTc0OTAyMC5jb218NTI2MTkwfDUzMDM0MHw3NDkwMjB8MzEyMjA1MHw1MTN8MjM2MzA2MHwyMDE0NTk1NHwxNnwyfDB8MHw0NjI1fDc2NDJ8MTIuNXw4MHxVU0R8RVVSfDEuMTM0NHwxLjEzNDR8MjJ8fDF8REVVfDgyLjEwMi4xNi4xODd8MTB8MnwxfHxmMTkxNmE1MjVlNDkwNzQ4N2JkYWQ3MjIxZTJmYzI5M3wzM2FjODExYWE5YmQxNjkwNzFmMTJjYTgxOTZlZDNjZHwxfDB8MDQ5OS5wZWFrYWR4LmNvbXwwfDB8MHwwfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5MDUzMzB8MHwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3xjNWIxNGY4NWVhMWMzMDg4OWMyNmU3NzFiMTkwMGVhZQ%3D%3D
Request Chain 11
  • http://t.co/HXFJWCUIIe HTTP 301
  • https://t.co/HXFJWCUIIe
Request Chain 12
  • http://t.co/x9tizX9PKq HTTP 301
  • https://t.co/x9tizX9PKq
Request Chain 13
  • http://t.co/z7rulNZ8zx HTTP 301
  • https://t.co/z7rulNZ8zx

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
s.php
162.144.213.102/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://162.144.213.102/s.php?851404_0_24767_a1b2c3d4e5
Protocol
HTTP/1.1
Server
162.144.213.102 Provo, United States, ASN46606 (UNIFIEDLAYER-AS-1 - Unified Layer, US),
Reverse DNS
ungleaned.com
Software
Apache /
Resource Hash
ec12d10b5dcfe1b27827e1017930d611510679fe23689fe362878292007b5412

Request headers

Host
162.144.213.102
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 18:39:34 GMT
Server
Apache
Content-Length
1053
Connection
close
Content-Type
text/html; charset=UTF-8
Cookie set 851404
positiveinventive.com/17631636bde328ad800/98/6646--/
Redirect Chain
  • http://162.144.213.102/r.php?851404_6646?576671684_24767_a1b2c3d4e5
  • https://positiveinventive.com/17631636bde328ad800/98/6646--/851404
188 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
https://positiveinventive.com/17631636bde328ad800/98/6646--/851404
Requested by
Host: 162.144.213.102
URL: http://162.144.213.102/s.php?851404_0_24767_a1b2c3d4e5
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
174.128.224.199 Denver, United States, ASN46844 (ST-BGP - Sharktech, US),
Reverse DNS
Software
Apache /
Resource Hash
f993e0ba0a984c49d7903252867896b1c8affffe6307f5033a9b42161708f998

Request headers

Host
positiveinventive.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://162.144.213.102/s.php?851404_0_24767_a1b2c3d4e5
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://162.144.213.102/s.php?851404_0_24767_a1b2c3d4e5

Response headers

Date
Tue, 26 Mar 2019 19:34:11 GMT
Server
Apache
Set-Cookie
uid15295=835096771-20190326153411-0250eb42cdcbd1281607c6771a03de5d-; expires=Thu, 25-Apr-2019 19:34:11 GMT; path=/
Content-Length
188
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 26 Mar 2019 18:39:35 GMT
Server
Apache
Location
https://positiveinventive.com/17631636bde328ad800/98/6646--/851404
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
/
sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/ 		537 B
769 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub_id1=690264&sub_id2=98
Requested by
Host: positiveinventive.com
URL: https://positiveinventive.com/17631636bde328ad800/98/6646--/851404
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.237.86.133 , Finland, ASN202053 (UPCLOUD, FI),
Reverse DNS
94-237-86-133.de-fra1.upcloud.host
Software
nginx/1.15.9 /
Resource Hash
97f86be962ca2de0d4f5c8ce8bfa66c4170d366a80c7d9a59c3587460d8d81bc

Request headers

Host
sau.simpleberg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://positiveinventive.com/17631636bde328ad800/98/6646--/851404
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://positiveinventive.com/17631636bde328ad800/98/6646--/851404

Response headers

Server
nginx/1.15.9
Date
Tue, 26 Mar 2019 19:34:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
X-Robots-Tag
noindex, nofollow, nosnippet, noarchive
/
mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/
Redirect Chain
  • https://sl.zbengi.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub_id1=690264&sub_id2=98
  • https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c9a7eb4-80e693b1-79b1-ac9e33e88b...
946 B
721 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c9a7eb4-80e693b1-79b1-ac9e33e88b13-5268-526610bba2d2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.170.100.125 -, , ASN201942 (SOLTIA, ES),
Reverse DNS
Software
nginx /
Resource Hash
160e305b22d541b65739b0a7a07f0b1d9c5cccdfd71e426d2ccfc22bc492deee

Request headers

:method
GET
:authority
mobi.mativers.com
:scheme
https
:path
/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c9a7eb4-80e693b1-79b1-ac9e33e88b13-5268-526610bba2d2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub_id1=690264&sub_id2=98
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://sau.simpleberg.com/158rg203/019a/1aa0/20b1/3fa0/409a/4359338591274150/ww/?aff_sub=835096771&sub_id1=690264&sub_id2=98

Response headers

status
200
server
nginx
date
Tue, 26 Mar 2019 19:34:12 GMT
content-type
text/html; charset=UTF-8
content-length
452
access-control-allow-origin
*
access-control-allow-headers
Content-Type
referrer-policy
no-referrer
cache-control
no-cache, private
content-encoding
gzip
x-device
desktop
accept-ranges
bytes
age
0
tp-cache
MISS
vary
Accept-Encoding

Redirect headers

Server
nginx/1.14.2
Date
Tue, 26 Mar 2019 19:34:12 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Location
https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c9a7eb4-80e693b1-79b1-ac9e33e88b13-5268-526610bba2d2
offer.png
mobi.mativers.com/ 		95 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mobi.mativers.com/offer.png
Requested by
Host: mobi.mativers.com
URL: https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c9a7eb4-80e693b1-79b1-ac9e33e88b13-5268-526610bba2d2
Protocol
HTTP/1.1
Server
31.170.100.126 -, , ASN201942 (SOLTIA, ES),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 19:34:12 GMT
TP-Cache
HIT
Last-Modified
Wed, 13 Mar 2019 16:12:49 GMT
Age
1074500
ETag
"5c892c01-5f"
Content-Type
image/png
Cache-Control
max-age=315360000
X-Device
mobile
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95
Expires
Thu, 31 Dec 2037 23:55:55 GMT
4502857aa004e86d2a
misctraff.com/l/ 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150
Requested by
Host: mobi.mativers.com
URL: https://mobi.mativers.com/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/76321433-bea8b666-51362b0b-76be-cfb5/?Subid=4359338591274150&externalid=5c9a7eb4-80e693b1-79b1-ac9e33e88b13-5268-526610bba2d2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.140 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523

Request headers

Host
misctraff.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 26 Mar 2019 19:34:13 GMT
Content-Type
text/html
Last-Modified
Tue, 23 Oct 2018 13:25:19 GMT
Transfer-Encoding
chunked
ETag
W/"5bcf213f-4688"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip
gw
misctraff.com/
Redirect Chain
  • https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&code2=Y3RtATE1NTM2Mjg4NTMyMTgAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXc...
  • https://misctraff.com/gw?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://misctraff.com/gw?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%26ref%3DM2019032619-f9f396c0d7b1c49e0d18aa3055659678&vId=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&hash=4502857aa004e86d2a&ete=true
Requested by
Host: misctraff.com
URL: https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.140 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b

Request headers

Host
misctraff.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150
Accept-Encoding
gzip, deflate, br
Cookie
BSESSID=trk0f3ee3ee-d0c4-4ab3-b786-b6eea30147dc
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150

Response headers

Server
nginx
Date
Tue, 26 Mar 2019 19:34:13 GMT
Content-Type
text/html
Last-Modified
Thu, 25 Oct 2018 14:31:56 GMT
Transfer-Encoding
chunked
ETag
W/"5bd1d3dc-589"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 26 Mar 2019 19:34:13 GMT
Transfer-Encoding
chunked
Location
//misctraff.com/gw?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%26ref%3DM2019032619-f9f396c0d7b1c49e0d18aa3055659678&vId=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&hash=4502857aa004e86d2a&ete=true
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
Set-Cookie
BSESSID=trk0f3ee3ee-d0c4-4ab3-b786-b6eea30147dc; Max-Age=63072000; Expires=Thu, 25 Mar 2021 19:34:13 GMT; Path=/
Cookie set cimp.php
rtb.exoclick.com/
Redirect Chain
  • https://typrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&ref=M2019032619-f9f396c0d7b1c49e0d18aa3055659678
  • https://enjrg.com/dep.php?pid=7642&subid=15465_4359338591274150&cid=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&ref=M2019032619-f9f396c0d7b1c49e0d18aa3055659678
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMkUyTWpOaFlXTmpZUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4Mi4xMDIuMTYuMTg3fERFVXw1MnxhZG...
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMkUyTWpOaFlXTmpZUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4Mi4xMDIuMTYuMTg3fERFVXw1MnxhZGV4Y2hhbmdlLTc0OTAyMC5jb218NTI2MTkwfDUzMDM0MHw3NDkwMjB8MzEyMjA1MHw1MTN8MjM2MzA2MHwyMDE0NTk1NHwxNnwyfDB8MHw0NjI1fDc2NDJ8MTIuNXw4MHxVU0R8RVVSfDEuMTM0NHwxLjEzNDR8MjJ8fDF8REVVfDgyLjEwMi4xNi4xODd8MTB8MnwxfHxmMTkxNmE1MjVlNDkwNzQ4N2JkYWQ3MjIxZTJmYzI5M3wzM2FjODExYWE5YmQxNjkwNzFmMTJjYTgxOTZlZDNjZHwxfDB8MDQ5OS5wZWFrYWR4LmNvbXwwfDB8MHwwfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5MDUzMzB8MHwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3xjNWIxNGY4NWVhMWMzMDg4OWMyNmU3NzFiMTkwMGVhZQ%3D%3D
Requested by
Host: misctraff.com
URL: https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%26ref%3DM2019032619-f9f396c0d7b1c49e0d18aa3055659678&vId=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&hash=4502857aa004e86d2a&ete=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.247 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
6698dc51018556397fe25819bde089c5d96143ac1230829e23b6baf6c2124d34

Request headers

Host
rtb.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%26ref%3DM2019032619-f9f396c0d7b1c49e0d18aa3055659678&vId=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&hash=4502857aa004e86d2a&ete=true
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019032619-f9f396c0d7b1c49e0d18aa3055659678&source=4359338591274150&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_4359338591274150%26cid%3Dbmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088%26ref%3DM2019032619-f9f396c0d7b1c49e0d18aa3055659678&vId=bmconv_20190326203413_4d9ea539_3298_49c5_a8a0_7f7458ca6088&hash=4502857aa004e86d2a&ete=true

Response headers

Server
nginx
Date
Tue, 26 Mar 2019 19:34:14 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225c9a7eb6464861.521384181482011179%22%3B%7D; expires=Thu, 25-Mar-2021 19:34:14 GMT; Max-Age=63072000; domain=exoclick.com
Content-Encoding
gzip

Redirect headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Mar 2019 19:34:14 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMkUyTWpOaFlXTmpZUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4Mi4xMDIuMTYuMTg3fERFVXw1MnxhZGV4Y2hhbmdlLTc0OTAyMC5jb218NTI2MTkwfDUzMDM0MHw3NDkwMjB8MzEyMjA1MHw1MTN8MjM2MzA2MHwyMDE0NTk1NHwxNnwyfDB8MHw0NjI1fDc2NDJ8MTIuNXw4MHxVU0R8RVVSfDEuMTM0NHwxLjEzNDR8MjJ8fDF8REVVfDgyLjEwMi4xNi4xODd8MTB8MnwxfHxmMTkxNmE1MjVlNDkwNzQ4N2JkYWQ3MjIxZTJmYzI5M3wzM2FjODExYWE5YmQxNjkwNzFmMTJjYTgxOTZlZDNjZHwxfDB8MDQ5OS5wZWFrYWR4LmNvbXwwfDB8MHwwfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5MDUzMzB8MHwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3xjNWIxNGY4NWVhMWMzMDg4OWMyNmU3NzFiMTkwMGVhZQ%3D%3D
Server
nginx
Set-Cookie
uuid=15536288544984801376238466; expires=Thu, 25-Apr-2019 19:34:14 GMT; Max-Age=2592000
Content-Length
0
Connection
keep-alive
Primary Request /
www.critch-comedy.de/cxa/200-euro-gratis/
Redirect Chain
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMkUyTWpOaFlXTmpZUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4Mi4xMDIuMTYuMTg3fERFVXw1MnxhZG...
  • http://www1.lustich.de/link
  • http://www1.lustich.de/link/
  • http://www.critch-comedy.de/cxa/200-euro-gratis/
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.critch-comedy.de/cxa/200-euro-gratis/
Requested by
Host: rtb.exoclick.com
URL: https://rtb.exoclick.com/cimp.php?data=TVRVMU16WXlPRGcxTkh4bVlUWTJabU5tT1dReE0yRmpNR0pqWW1Wa1ltVXdNMkUyTWpOaFlXTmpZUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4Mi4xMDIuMTYuMTg3fERFVXw1MnxhZGV4Y2hhbmdlLTc0OTAyMC5jb218NTI2MTkwfDUzMDM0MHw3NDkwMjB8MzEyMjA1MHw1MTN8MjM2MzA2MHwyMDE0NTk1NHwxNnwyfDB8MHw0NjI1fDc2NDJ8MTIuNXw4MHxVU0R8RVVSfDEuMTM0NHwxLjEzNDR8MjJ8fDF8REVVfDgyLjEwMi4xNi4xODd8MTB8MnwxfHxmMTkxNmE1MjVlNDkwNzQ4N2JkYWQ3MjIxZTJmYzI5M3wzM2FjODExYWE5YmQxNjkwNzFmMTJjYTgxOTZlZDNjZHwxfDB8MDQ5OS5wZWFrYWR4LmNvbXwwfDB8MHwwfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5MDUzMzB8MHwwfDI5MjU1MzN8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3xjNWIxNGY4NWVhMWMzMDg4OWMyNmU3NzFiMTkwMGVhZQ%3D%3D
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
0ffd6b29bed1afd2bcddfd165ccbdd48af4dd35190dcbc2601ba8a601deb70eb

Request headers

Host
www.critch-comedy.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 19:34:14 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Access-Control-Allow-Headers
Authorization
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Tue, 26 Mar 2019 11:13:59 GMT
ETag
"656-584fd6af10220-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
880
Keep-Alive
timeout=15, max=100
Content-Type
text/html

Redirect headers

Date
Tue, 26 Mar 2019 19:34:14 GMT
Server
Apache
Location
http://www.critch-comedy.de/cxa/200-euro-gratis/
Content-Length
0
Keep-Alive
timeout=15, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
showads.js
www.critch-comedy.de/cxa/200-euro-gratis/ 		21 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.critch-comedy.de/cxa/200-euro-gratis/showads.js
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxa/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.critch-comedy.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 26 Mar 2019 19:34:14 GMT
Last-Modified
Mon, 01 Oct 2018 19:08:35 GMT
Server
Apache
ETag
"15-5772f882752c0"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization
Content-Length
21
Keep-Alive
timeout=15, max=99
js
www.googletagmanager.com/gtag/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxa/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
d905b7b3860e8a0e0ec3c3f9537fc2bd4c19a9c9eae4f40de595b6b62bab60b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 19:34:14 GMT
content-encoding
br
last-modified
Tue, 26 Mar 2019 17:05:14 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24780
x-xss-protection
0
expires
Tue, 26 Mar 2019 19:34:14 GMT
fcee07991d2e46c4f3ddfde70722c38f.js
cdn.pushcrew.com/js/ 		235 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pushcrew.com/js/fcee07991d2e46c4f3ddfde70722c38f.js
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxa/200-euro-gratis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:3677 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1543ccdd40edc03cbb3ae91389441f19aee996851973200c272308685b56b3a7

Request headers

Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 26 Mar 2019 19:34:14 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 04 Mar 2019 13:08:31 GMT
server
cloudflare
etag
W/"5c7d234f-3ad21"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
public, max-age=43200
cf-ray
4bdb8f94af99642d-FRA
expires
Wed, 27 Mar 2019 07:34:14 GMT
HXFJWCUIIe
t.co/ Frame E018
Redirect Chain
  • http://t.co/HXFJWCUIIe
  • https://t.co/HXFJWCUIIe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/HXFJWCUIIe
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxa/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/HXFJWCUIIe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Tue, 26 Mar 2019 19:34:14 GMT
expires
Tue, 26 Mar 2019 19:39:14 GMT
server
tsa_f
set-cookie
muc=00bdff99-9945-4b57-82fd-cfc51a5d72d6; Max-Age=63072000; Expires=Thu, 25 Mar 2021 19:34:14 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
4ea69de2f2886296c0dfadd5f3d2e46a
x-response-time
131
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Tue, 26 Mar 2019 19:34:14 GMT
location
https://t.co/HXFJWCUIIe
server
tsa_f
x-connection-hash
ee2c8948f538fc13146a93b288600323
x-response-time
115
x9tizX9PKq
t.co/ Frame 8EAD
Redirect Chain
  • http://t.co/x9tizX9PKq
  • https://t.co/x9tizX9PKq
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/x9tizX9PKq
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxa/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/x9tizX9PKq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
186
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Tue, 26 Mar 2019 19:34:14 GMT
expires
Tue, 26 Mar 2019 19:39:14 GMT
referrer-policy
unsafe-url
server
tsa_f
set-cookie
muc=c37a4e5a-a6b1-481d-89b3-6dad3239f2bc; Max-Age=63072000; Expires=Thu, 25 Mar 2021 19:34:14 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
4ea69de2f2886296c0dfadd5f3d2e46a
x-response-time
130
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Tue, 26 Mar 2019 19:34:14 GMT
location
https://t.co/x9tizX9PKq
server
tsa_f
x-connection-hash
096f064ee8182a19769d365dd8246e90
x-response-time
118
z7rulNZ8zx
t.co/ Frame F7BD
Redirect Chain
  • http://t.co/z7rulNZ8zx
  • https://t.co/z7rulNZ8zx
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/z7rulNZ8zx
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxa/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.197 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/z7rulNZ8zx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
204
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Tue, 26 Mar 2019 19:34:14 GMT
expires
Tue, 26 Mar 2019 19:39:14 GMT
referrer-policy
unsafe-url
server
tsa_f
set-cookie
muc=ba59c5ec-af33-4d4a-9330-ef16bad44789; Max-Age=63072000; Expires=Thu, 25 Mar 2021 19:34:14 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
4ea69de2f2886296c0dfadd5f3d2e46a
x-response-time
126
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Tue, 26 Mar 2019 19:34:14 GMT
location
https://t.co/z7rulNZ8zx
server
tsa_f
x-connection-hash
475e447bbb7774f14470e3939c9f0d03
x-response-time
114
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
6438
date
Tue, 26 Mar 2019 17:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 26 Mar 2019 19:46:56 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=1388797367&t=pageview&_s=1&dl=http%3A%2F%2Fwww.critch-comedy.de%2Fcxa%2F200-euro-gratis%2F&ul=en-us&de=UTF-8&dt=200%20Euro%20gratis%20-%20Critch%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=941645649&gjid=433190630&cid=1167764204.1553628855&tid=UA-117671757-2&_gid=1284089773.1553628855&_r=1&gtm=2ou3i1&z=1263188209
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxa/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxa/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 26 Mar 2019 19:34:14 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask boolean| canRunAds function| gtag object| dataLayer undefined| leave object| _pcq object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| PC object| VWO object| _vwo_exp_ids object| _vwo_exp string| _vwo_server_url object| _vis_opt_queue function| bowser object| __pc object| _pushcrewDebuggingQueue undefined| $ undefined| jQuery object| _pc_u boolean| ecomEventsInit

4 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: c37a4e5a-a6b1-481d-89b3-6dad3239f2bc
.critch-comedy.de/ Name: _gat_gtag_UA_117671757_2
Value: 1
.critch-comedy.de/ Name: _gid
Value: GA1.2.1284089773.1553628855
.critch-comedy.de/ Name: _ga
Value: GA1.2.1167764204.1553628855

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.pushcrew.com
enjrg.com
misctraff.com
mobi.mativers.com
positiveinventive.com
rtb.exoclick.com
sau.simpleberg.com
sl.zbengi.com
t.co
typrg.com
www.critch-comedy.de
www.google-analytics.com
www.googletagmanager.com
www1.lustich.de
104.244.42.133
104.244.42.197
162.144.213.102
174.128.224.199
2606:4700:10::6814:3677
2a00:1450:4001:81a::2008
2a00:1450:4001:821::200e
31.170.100.125
31.170.100.126
34.193.160.81
52.206.38.50
62.212.87.140
78.46.10.196
78.46.155.195
94.237.86.133
94.237.86.183
95.211.229.247
0ffd6b29bed1afd2bcddfd165ccbdd48af4dd35190dcbc2601ba8a601deb70eb
1543ccdd40edc03cbb3ae91389441f19aee996851973200c272308685b56b3a7
160e305b22d541b65739b0a7a07f0b1d9c5cccdfd71e426d2ccfc22bc492deee
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
6698dc51018556397fe25819bde089c5d96143ac1230829e23b6baf6c2124d34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
97f86be962ca2de0d4f5c8ce8bfa66c4170d366a80c7d9a59c3587460d8d81bc
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523
d905b7b3860e8a0e0ec3c3f9537fc2bd4c19a9c9eae4f40de595b6b62bab60b7
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b
ec12d10b5dcfe1b27827e1017930d611510679fe23689fe362878292007b5412
f993e0ba0a984c49d7903252867896b1c8affffe6307f5033a9b42161708f998