urlscan.io logo urlscan.io
SecurityTrails logo

www.critch-comedy.de Open in urlscan Pro
78.46.10.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://213.178.155.9/
Effective URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Submission: On April 02 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 16 domains to perform 19 HTTP transactions. The main IP is 78.46.10.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.critch-comedy.de.
This is the only time www.critch-comedy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2 213.178.155.9 9002 (RETN-AS)
1 3 108.163.203.126 32475 (SINGLEHOP...)
1 3 107.6.174.196 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
1 2 109.123.118.67 13213 (UK2NET-AS)
1 31.170.100.126 201942 (SOLTIA)
1 31.170.100.125 201942 (SOLTIA)
1 3 62.212.87.141 60781 (LEASEWEB-...)
1 1 52.206.170.190 14618 (AMAZON-AES)
1 1 34.199.255.232 14618 (AMAZON-AES)
1 2 95.211.229.246 60781 (LEASEWEB-...)
2 2 78.46.155.195 24940 (HETZNER-AS)
3 78.46.10.196 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 104.244.42.5 13414 (TWITTER)
2 104.244.42.133 13414 (TWITTER)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
19 12
2    213.178.155.9 (United Kingdom)

ASN9002 (RETN-AS, EU)
213.178.155.9
3    108.163.203.126 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: server04.com-2.mobi
add.stringwood.icu
3    107.6.174.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US)
PTR: bigfish.setupcentral.network
up.trkgenius.com
1    205.147.93.131 (North Miami Beach, United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)
minently.com
2    109.123.118.67 (United Kingdom)

ASN13213 (UK2NET-AS, GB)
PTR: 118-67.topstaffsolutions.com
tr7ck.bruceleadx2.com
1    31.170.100.126 (None, )

ASN201942 (SOLTIA, ES)
mobi.limpres.com
1    31.170.100.125 (None, )

ASN201942 (SOLTIA, ES)
mobi.limpres.com
3    62.212.87.141 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
misctraff.com
1    52.206.170.190 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-170-190.compute-1.amazonaws.com
typrg.com
1    34.199.255.232 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-199-255-232.compute-1.amazonaws.com
enjrg.com
2    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
rtb.exoclick.com
2    78.46.155.195 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi3961.your-server.de
www1.lustich.de
3    78.46.10.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1996.your-server.de
www.critch-comedy.de
dirtyads.de
1    2a00:1450:4001:820::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    104.244.42.5 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
2    104.244.42.133 (San Francisco, United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    2606:4700:10::6814:db2a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tinyurl.com
2    2a00:1450:4001:81e::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
4 t.co 2 redirects www.critch-comedy.de
3 misctraff.com 1 redirects mobi.limpres.com
misctraff.com
3 up.trkgenius.com 1 redirects add.stringwood.icu
up.trkgenius.com
3 add.stringwood.icu 1 redirects add.stringwood.icu
2 www.google-analytics.com www.googletagmanager.com
www.critch-comedy.de
2 www.critch-comedy.de rtb.exoclick.com
www.critch-comedy.de
2 www1.lustich.de 2 redirects
2 rtb.exoclick.com 1 redirects misctraff.com
2 mobi.limpres.com tr7ck.bruceleadx2.com
mobi.limpres.com
2 tr7ck.bruceleadx2.com 1 redirects minently.com
1 dirtyads.de www.critch-comedy.de
1 tinyurl.com 1 redirects
1 www.googletagmanager.com www.critch-comedy.de
1 enjrg.com 1 redirects
1 typrg.com 1 redirects
1 minently.com
19 16

This site contains no links.

Subject Issuer Validity Valid
up.trkgenius.com
Let's Encrypt Authority X3		 2019-03-22 -
2019-06-20		 3 months crt.sh
minently.com
Let's Encrypt Authority X3		 2019-01-22 -
2019-04-22		 3 months crt.sh
ads.conscier.com
Let's Encrypt Authority X3		 2019-03-13 -
2019-06-11		 3 months crt.sh
trk.billysrv.com
Let's Encrypt Authority X3		 2019-03-25 -
2019-06-23		 3 months crt.sh
*.exoclick.com
Go Daddy Secure Certificate Authority - G2		 2018-08-03 -
2019-10-02		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-01 -
2019-05-24		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh

This page contains 4 frames:

Primary Page: http://www.critch-comedy.de/cxp/200-euro-gratis/
Frame ID: 37F8D089D0E480C1073691223F2CD364
Requests: 16 HTTP requests in this frame

Frame: https://t.co/HXFJWCUIIe
Frame ID: C03073D383A2ACA2F83EAB2BDAD43B21
Requests: 1 HTTP requests in this frame

Frame: https://t.co/x9tizX9PKq
Frame ID: ECA3E3029400229CDB0A85EC57BE9F45
Requests: 1 HTTP requests in this frame

Frame: http://dirtyads.de/ip-ad/
Frame ID: 2C8FD5391DC9F66C390D07C051A8AB39
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://213.178.155.9/ HTTP 302
    http://213.178.155.9/index/?mbR6DV HTTP 302
    http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848 Page URL
  2. http://add.stringwood.icu/?utm_term=6675403935722768522&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  3. http://add.stringwood.icu/proc.php?22f0f59e6b4eee5bebdf117cee73e730fd2a0ff4 HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=667540393572276... Page URL
  4. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768... Page URL
  5. https://up.trkgenius.com/out.php?v=0d3c274e6dad44d6dbebf4774d0a52e2 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
  6. http://tr7ck.bruceleadx2.com/ck.php?kp=kDE25PU20000V8100HIT19EBL05L1GWF0TPC26G85eYA04SS05L1G00&line_item_... Page URL
  7. http://tr7ck.bruceleadx2.com/ck_jump?id=cz02Njc1NTc0MDAyODQ1MTk5JnQ9MTU1NDIzODU5NiZoPTEzODY2NzE0NDM=&__if... HTTP 302
    https://mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f... Page URL
  8. https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source... Page URL
  9. https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source... HTTP 302
    https://misctraff.com/gw?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4N... Page URL
  10. https://typrg.com/dep.php?pid=7642&subid=15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&c... HTTP 302
    https://enjrg.com/dep.php?pid=7642&subid=15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&c... HTTP 302
    https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbV... Page URL
  11. https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbV... HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxp/200-euro-gratis/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Page Statistics

19
Requests

63 %
HTTPS

17 %
IPv6

16
Domains

16
Subdomains

12
IPs

6
Countries

68 kB
Transfer

154 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://213.178.155.9/ HTTP 302
    http://213.178.155.9/index/?mbR6DV HTTP 302
    http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848 Page URL
  2. http://add.stringwood.icu/?utm_term=6675403935722768522&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8 Page URL
  3. http://add.stringwood.icu/proc.php?22f0f59e6b4eee5bebdf117cee73e730fd2a0ff4 HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608 Page URL
  4. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608&m=hn5l4c5UhtoG4Nk-xM_57vsb3kP8NPK9q1tZsSw1aJqmOmHZHSHmOmtCHFDBO1OS7qqSHZauNbix3iW1tjOJDCO7Iou9NQKuxkouxAi-3QW-HSD8XQwbsP Page URL
  5. https://up.trkgenius.com/out.php?v=0d3c274e6dad44d6dbebf4774d0a52e2 HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=72cc12f3b807a9b99f2a48fb7ae19774&ext1=dvx Page URL
  6. http://tr7ck.bruceleadx2.com/ck.php?kp=kDE25PU20000V8100HIT19EBL05L1GWF0TPC26G85eYA04SS05L1G00&line_item_id=17820&subid_spx=185392-SQQD_12D2GHvmSm1I3nW& Page URL
  7. http://tr7ck.bruceleadx2.com/ck_jump?id=cz02Njc1NTc0MDAyODQ1MTk5JnQ9MTU1NDIzODU5NiZoPTEzODY2NzE0NDM=&__if=0&__pm=0&__wv=0&__type=unknown&__deviceid= HTTP 302
    https://mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822addb36/20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6 Page URL
  8. https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS Page URL
  9. https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&code2=Y3RtATE1NTQyMzg1OTc2NDIAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNgBhNDMBMDAwMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMABmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATEwMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgEAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBMABjZGcBMTExMTExMTEwMDAxMTAwMDExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMDEwMQB3dXQBAGtsbmcBZW4tVVMAcnR0ATAAbGFvAQBobHMBMA__ HTTP 302
    https://misctraff.com/gw?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%26cid%3Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%26ref%3DM2019040220-caf23c73ac14ece47bd83055e14001d5&vId=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&hash=4502857aa004e86d2a&ete=true Page URL
  10. https://typrg.com/dep.php?pid=7642&subid=15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&cid=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&ref=M2019040220-caf23c73ac14ece47bd83055e14001d5 HTTP 302
    https://enjrg.com/dep.php?pid=7642&subid=15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&cid=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&ref=M2019040220-caf23c73ac14ece47bd83055e14001d5 HTTP 302
    https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbVkxTVdJMU9HWXpOUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4My45Ny4yMy4xOXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDUyNjE5MHw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDIzNjMwNjB8MjAxNDU5NTR8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxMi41fDc1fFVTRHxFVVJ8MS4xMzQ0fDEuMTM0NHwyMnx8MXxERVV8ODMuOTcuMjMuMTl8MTB8MnwxfHw4Y2Y0OTllNGVlM2JjNjgzNmIzMzg0YWU3YmU0MjM4ZnwzZGI2MzBjNTM2YzM2Yjc0ZmZiODNhM2VlMDU5NTMwZHwxfDB8MzE2NS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3w3NWViMzY2Y2M2N2ExYmMzMTVjZDc3NDVmNzgxNTcxNA%3D%3D Page URL
  11. https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbVkxTVdJMU9HWXpOUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4My45Ny4yMy4xOXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDUyNjE5MHw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDIzNjMwNjB8MjAxNDU5NTR8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxMi41fDc1fFVTRHxFVVJ8MS4xMzQ0fDEuMTM0NHwyMnx8MXxERVV8ODMuOTcuMjMuMTl8MTB8MnwxfHw4Y2Y0OTllNGVlM2JjNjgzNmIzMzg0YWU3YmU0MjM4ZnwzZGI2MzBjNTM2YzM2Yjc0ZmZiODNhM2VlMDU5NTMwZHwxfDB8MzE2NS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3w3NWViMzY2Y2M2N2ExYmMzMTVjZDc3NDVmNzgxNTcxNA%3D%3D&p=https%3A%2F%2Fmisctraff.com%2Fl%2F4502857aa004e86d2a%3Fsub%3DM2019040220-caf23c73ac14ece47bd83055e14001d5%26source%3DUzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%26url%3Dhttps%253A%252F%252Ftyprg.com%252Fdep.php%253Fpid%253D7642%2526subid%253D15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%2526cid%253Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%2526ref%253DM2019040220-caf23c73ac14ece47bd83055e14001d5%26vId%3Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%26hash%3D4502857aa004e86d2a%26ete%3Dtrue&tested=1&check=632830863a5d46d6932ec1a031cee85c&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxp/200-euro-gratis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://213.178.155.9/ HTTP 302
  • http://213.178.155.9/index/?mbR6DV HTTP 302
  • http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848
Request Chain 2
  • http://add.stringwood.icu/proc.php?22f0f59e6b4eee5bebdf117cee73e730fd2a0ff4 HTTP 302
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608
Request Chain 4
  • https://up.trkgenius.com/out.php?v=0d3c274e6dad44d6dbebf4774d0a52e2 HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=72cc12f3b807a9b99f2a48fb7ae19774&ext1=dvx
Request Chain 6
  • http://tr7ck.bruceleadx2.com/ck_jump?id=cz02Njc1NTc0MDAyODQ1MTk5JnQ9MTU1NDIzODU5NiZoPTEzODY2NzE0NDM=&__if=0&__pm=0&__wv=0&__type=unknown&__deviceid= HTTP 302
  • https://mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822addb36/20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6
Request Chain 9
  • https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&code2=Y3RtATE1NTQyMzg1OTc2NDIAc3JjAWlvAHZlcgExOQBwbHQBTGludXggeDg2XzY0AHRjaAEAaXcBMTYwMABpaAExMjAwAGF3ATE2MDAAYWgBMTIwMAB0egEwAGJ1aWQBAGNrZQExAG9ybnQBAHZuZAFHb29nbGUgSW5jLgBoc2ZjAXRydWUAZnJtAWZhbHNlAHVhAU1vemlsbGEvNS4wIChNYWNpbnRvc2g7IEludGVsIE1hYyBPUyBYIDEwXzEzXzUpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS82Ny4wLjMzOTYuODcgU2FmYXJpLzUzNy4zNgBhNDMBMDAwMDAwAGE0NAEwMABzZgEwMDAwAGZmATExMABjaGQBMABmbHYBZmFsc2UAY2htATExMQBsbmcBMTAwMABzdHJnATEwMTExMTAAb3NjcHUBAHByZHN1YgEyMDAzMDEwNwBldmxuATMzAHJlZgEAcmJjYwExMDI1MTE1MwBjbnRwAQB3bm0BAHdnbHYBMABjZGcBMTExMTExMTEwMDAxMTAwMDExMTExMTExMTExMTExMTEwMTExMTExMTExMTEwMTExMTExMTExMTExMTExMDEwMQB3dXQBAGtsbmcBZW4tVVMAcnR0ATAAbGFvAQBobHMBMA__ HTTP 302
  • https://misctraff.com/gw?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%26cid%3Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%26ref%3DM2019040220-caf23c73ac14ece47bd83055e14001d5&vId=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&hash=4502857aa004e86d2a&ete=true
Request Chain 10
  • https://typrg.com/dep.php?pid=7642&subid=15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&cid=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&ref=M2019040220-caf23c73ac14ece47bd83055e14001d5 HTTP 302
  • https://enjrg.com/dep.php?pid=7642&subid=15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&cid=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&ref=M2019040220-caf23c73ac14ece47bd83055e14001d5 HTTP 302
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbVkxTVdJMU9HWXpOUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4My45Ny4yMy4xOXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDUyNjE5MHw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDIzNjMwNjB8MjAxNDU5NTR8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxMi41fDc1fFVTRHxFVVJ8MS4xMzQ0fDEuMTM0NHwyMnx8MXxERVV8ODMuOTcuMjMuMTl8MTB8MnwxfHw4Y2Y0OTllNGVlM2JjNjgzNmIzMzg0YWU3YmU0MjM4ZnwzZGI2MzBjNTM2YzM2Yjc0ZmZiODNhM2VlMDU5NTMwZHwxfDB8MzE2NS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3w3NWViMzY2Y2M2N2ExYmMzMTVjZDc3NDVmNzgxNTcxNA%3D%3D
Request Chain 13
  • http://t.co/HXFJWCUIIe HTTP 301
  • https://t.co/HXFJWCUIIe
Request Chain 14
  • http://t.co/x9tizX9PKq HTTP 301
  • https://t.co/x9tizX9PKq
Request Chain 15
  • http://tinyurl.com/y5psyqtv HTTP 301
  • http://dirtyads.de/ip-ad/

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
add.stringwood.icu/
Redirect Chain
  • http://213.178.155.9/
  • http://213.178.155.9/index/?mbR6DV
  • http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848
Protocol
HTTP/1.1
Server
108.163.203.126 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
0ff552ce6e9bdf2f8cbc3a1a0fbb500ca3b63b458b9ef62c3876bf1c0a0938b7

Request headers

Host
add.stringwood.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 02 Apr 2019 20:56:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
u=f5fc196d599a2973410b278f9c55f2dd; expires=Wed, 01-Apr-2020 20:56:35 GMT; Max-Age=31536000; path=/
Content-Encoding
gzip

Redirect headers

Server
nginx/1.12.2
Date
Tue, 02 Apr 2019 20:56:33 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.0.33
Expires
Thu, 21 Jul 1977 07:30:00 GMT
Last-Modified
Tue, 02 Apr 2019 20:56:35 GMT
Cache-Control
max-age=0
Pragma
no-cache
Set-Cookie
00831=%7B%22streams%22%3A%7B%2219%22%3A1554238595%7D%2C%22campaigns%22%3A%7B%2249%22%3A1554238595%7D%2C%22time%22%3A1554238595%7D; expires=Fri, 03-May-2019 20:56:35 GMT; Max-Age=2678400; path=/
Location
http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848
/
add.stringwood.icu/ 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://add.stringwood.icu/?utm_term=6675403935722768522&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8
Requested by
Host: add.stringwood.icu
URL: http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848
Protocol
HTTP/1.1
Server
108.163.203.126 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx /
Resource Hash
f634d15c7f2f58b0b261a9a1492bcacd132487280bec7a9702c2b7b92f8bbf10

Request headers

Host
add.stringwood.icu
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848
Accept-Encoding
gzip, deflate
Cookie
u=f5fc196d599a2973410b278f9c55f2dd
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://add.stringwood.icu/?utm_medium=4c23b9fecf7dfd895dfe0da99e857f3bee8e9d42&utm_campaign=80848

Response headers

Server
nginx
Date
Tue, 02 Apr 2019 20:56:35 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
in.html
up.trkgenius.com/
Redirect Chain
  • http://add.stringwood.icu/proc.php?22f0f59e6b4eee5bebdf117cee73e730fd2a0ff4
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608
6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608
Requested by
Host: add.stringwood.icu
URL: http://add.stringwood.icu/?utm_term=6675403935722768522&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.14.0 /
Resource Hash
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://add.stringwood.icu/?utm_term=6675403935722768522&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://add.stringwood.icu/?utm_term=6675403935722768522&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b08186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6a8

Response headers

status
200
server
nginx/1.14.0
date
Tue, 02 Apr 2019 20:56:36 GMT
content-type
text/html
last-modified
Sun, 27 Jan 2019 05:38:08 GMT
etag
W/"5c4d43c0-1605"
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 02 Apr 2019 20:56:36 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608
in.php
up.trkgenius.com/ 		1 KB
985 B 		Document
General
Check archive.org
Download Go to
Full URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608&m=hn5l4c5UhtoG4Nk-xM_57vsb3kP8NPK9q1tZsSw1aJqmOmHZHSHmOmtCHFDBO1OS7qqSHZauNbix3iW1tjOJDCO7Iou9NQKuxkouxAi-3QW-HSD8XQwbsP
Requested by
Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.14.0 /
Resource Hash
72f8c5dcdd61bf8a5fb928ed745e500610bb7cf0efd33bf100e1ff9426ffaab2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608&m=hn5l4c5UhtoG4Nk-xM_57vsb3kP8NPK9q1tZsSw1aJqmOmHZHSHmOmtCHFDBO1OS7qqSHZauNbix3iW1tjOJDCO7Iou9NQKuxkouxAi-3QW-HSD8XQwbsP
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608

Response headers

status
200
server
nginx/1.14.0
date
Tue, 02 Apr 2019 20:56:36 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
refresh
0; url=out.php?v=0d3c274e6dad44d6dbebf4774d0a52e2
set-cookie
t=8aa99cd3676b7d53
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://up.trkgenius.com/out.php?v=0d3c274e6dad44d6dbebf4774d0a52e2
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=72cc12f3b807a9b99f2a48fb7ae19774&ext1=dvx
5 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=72cc12f3b807a9b99f2a48fb7ae19774&ext1=dvx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 North Miami Beach, United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
21c27dbdb1763816e632bfdd4394bddec5837ed3baac4687dee6b85d704fd01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=72cc12f3b807a9b99f2a48fb7ae19774&ext1=dvx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608&m=hn5l4c5UhtoG4Nk-xM_57vsb3kP8NPK9q1tZsSw1aJqmOmHZHSHmOmtCHFDBO1OS7qqSHZauNbix3iW1tjOJDCO7Iou9NQKuxkouxAi-3QW-HSD8XQwbsP
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6675403935722768522&pubid=1608&m=hn5l4c5UhtoG4Nk-xM_57vsb3kP8NPK9q1tZsSw1aJqmOmHZHSHmOmtCHFDBO1OS7qqSHZauNbix3iW1tjOJDCO7Iou9NQKuxkouxAi-3QW-HSD8XQwbsP

Response headers

status
200
content-type
text/html;charset=utf-8
x-cache-status
NOTCACHED
x-zen-fury
06a5f858f217d50f6795985e115098b233a03a92
date
Tue, 02 Apr 2019 20:56:36 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=b3aebcc2625160f4e972da458607aba6_1554238596.4684; domain=minently.com; path=/; expires=Fri, 30-Mar-2029 20:56:36 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1554238596.4701; domain=minently.com; path=/; expires=Fri, 30-Mar-2029 20:56:36 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3VldYUnZVdzBzNHd6UkVjcGhwOEp6bzdxS0JuL0Z5bHI5OVNtWWhFbkxraw%3D%3D; domain=minently.com; path=/; expires=Fri, 30-Mar-2029 20:56:36 UTC; Secure b3aebcc2625160f4e972da458607aba6_1554238596.4684_ck=djJOVVh0MEZzb3RLZmo5QkxHQzZxQm4wdjdIblRId1JndGRvQ0lCZlg5bURNakJYdjFUSjNWUUk2a01ZV09mMitvMENCSktjMStoUVRmSGJCQThEWW5Sb1JVYmxSVVVzV2tHS1FveTBWYTJTS1R6YW9hSFFocFhia3lHVXp4NGRRMmx4WGJkSlptekdFbkY2Mk9HOGxWQzdsNTcvekQxcmU5eEVwelc0RHZjZnE4WjF4d1pMbHRoT1ZMb3dRSWpwMjBMZndsc0M1MzJGeVBzSmc4b3MvM0pmUGRhbkQxbE5SOWtjeDcydklYZllqaDFpVzNVVjlzVkQwSDdIa205blI3d0w0NVMyN2V2dURsKyt4dWp6SlAwOVVWWmticnFNUU5ZUE5iSFZLVDRoeHNwd0dtM1gvU2RYMlFhVlI2LzFsNVc0Y2xqcHdGVWJTSjAwdGJaMUNkSEJPSk1NZ2pjLzJDN1h5emlnYVIzQWE1N1ZjQ0QyZjN3SHhha1dUYTFXZmNmdkdoQ3QyZWo5YnFTa0sxUFpJOGFXMG8yM1NQd3I4NkZHU2ZLV1J6d09ZQVhiVHpNSWlOc21YQUN0czZ2aTdWclk5ZG5lSktWUmE1TFR5QUxkb2xsM2ExTlo3NFhCV2NVYkxXWWcvKytoOTJCRnNJNE1hMi9iNDVpWks1eXRQb1ZkMEN5amNPZUlENGZ4U3ZJY0k0ajhyQ0h6UnA2WnJhL1hLT3JnTUEvajM0YmxjckRGdVNMZnk0ZVo4UDg1WkxCaU1mK2lSVkd1T1VBYzZSMksxSEN6emtvYUUrTTRidWtPcFB4VWlhZU9qTXVCRFVEcjd5L3BFL1BqTHFHQmZEOVZsM2JVcytpQS9FTUNHenZEQWY2TkpaaDFrVHpzSXBXdEZ5OXdDUDgvMHlab2VtZzNzcGFEVjNJbnpYSDYxUWJQMzFOVUZEZTVJNU0zMm9tbEdTUzlMUzVzVmZXZjlvUHhTRTB4aGQwZHhDOGxlazViSEwvQko2N2JVU3JWOGkvR0g0ekxBQVdEVTM5em5rWjZkeVpqa3NBTVY3YjhJa1VGK0w4Z0hQdz0%3D; domain=minently.com; path=/; expires=Fri, 30-Mar-2029 20:56:36 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=TGlzQ3dWZ0d4UVZsZThLbHloOTRaeGxwcWVab2dsSjZYOGNtN1YvQk1zNkxYOG04NkhCMmludDJOWkl1UjIwL2orY1dmSmNPRHRBLzAzdldhZ2ZvdVZTYWZtQk5Ra3k2Q0hpSXNQeXB5cTg9; domain=minently.com; path=/; expires=Tue, 02-Apr-2019 22:01:36 UTC; Secure SERVERID=sfc12; path=/
vary
Accept-Encoding Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx/1.14.0
date
Tue, 02 Apr 2019 20:56:36 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=72cc12f3b807a9b99f2a48fb7ae19774&ext1=dvx
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
strict-transport-security
max-age=31536000; includeSubDomains
Cookie set ck.php
tr7ck.bruceleadx2.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tr7ck.bruceleadx2.com/ck.php?kp=kDE25PU20000V8100HIT19EBL05L1GWF0TPC26G85eYA04SS05L1G00&line_item_id=17820&subid_spx=185392-SQQD_12D2GHvmSm1I3nW&
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=72cc12f3b807a9b99f2a48fb7ae19774&ext1=dvx
Protocol
HTTP/1.1
Server
109.123.118.67 , United Kingdom, ASN13213 (UK2NET-AS, GB),
Reverse DNS
118-67.topstaffsolutions.com
Software
SpirooxPerformance-Server-1.0 /
Resource Hash

Request headers

Host
tr7ck.bruceleadx2.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://minently.com/

Response headers

Date
Tue, 02 Apr 2019 20:56:36 GMT
Server
SpirooxPerformance-Server-1.0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Expires
0
Pragma
no-cache
Content-Length
1172
Connection
close
Content-Type
text/html; charset=utf-8
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
session=20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6%7C6675574002845199%7C2019-04-02T20%3A56%3A36%2B0000%7C0%7C%7C17820%7C185392-SQQD_12D2GHvmSm1I3nW%7CkDE25PU20000V8100HIT19EBL05L1GWF0TPC26G85eYA04SS05L1G00%7C2806%7C4%7C1897%7C17820%7C2%7C2402%7C0%7C12657%7C10976%7C24535%7C2767%7C0%7C0%7C3%7C1%7CMac%7C67%7C%7C%7CChrome%7C%7CWIFI%7C83.97.23.0%2F24%7C83.97.23.19%7C0%7C185392-SQQD_12D2GHvmSm1I3nW%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7Cnull%7C%7C0.0%7C0.0%7C0.0%7C0.0%7C0%7Cminently.com%7C1554238596578%7C%7Cfalse%7Cfalse%7C43%7C0%7C27%7C%7C0%7C0%7C%7Ctr7ck.bruceleadx2.com%7Cww%7C%7C0.0%7C; domain=tr7ck.bruceleadx2.com; path=/; expires=Wed, 01 May 2019 20:56:36 GMT
20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6
mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822addb36/
Redirect Chain
  • http://tr7ck.bruceleadx2.com/ck_jump?id=cz02Njc1NTc0MDAyODQ1MTk5JnQ9MTU1NDIzODU5NiZoPTEzODY2NzE0NDM=&__if=0&__pm=0&__wv=0&__type=unknown&__deviceid=
  • https://mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822a...
1002 B
753 B 		Document
General
Check archive.org
Download Go to
Full URL
https://mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822addb36/20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6
Requested by
Host: tr7ck.bruceleadx2.com
URL: http://tr7ck.bruceleadx2.com/ck.php?kp=kDE25PU20000V8100HIT19EBL05L1GWF0TPC26G85eYA04SS05L1G00&line_item_id=17820&subid_spx=185392-SQQD_12D2GHvmSm1I3nW&
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.170.100.126 -, , ASN201942 (SOLTIA, ES),
Reverse DNS
Software
nginx /
Resource Hash
4657d82562f84f1e36bed91b1051c4b38ce23472134ffd0b15bbbf5ea212c52c

Request headers

:method
GET
:authority
mobi.limpres.com
:scheme
https
:path
/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822addb36/20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://tr7ck.bruceleadx2.com/ck.php?kp=kDE25PU20000V8100HIT19EBL05L1GWF0TPC26G85eYA04SS05L1G00&line_item_id=17820&subid_spx=185392-SQQD_12D2GHvmSm1I3nW&
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://tr7ck.bruceleadx2.com/ck.php?kp=kDE25PU20000V8100HIT19EBL05L1GWF0TPC26G85eYA04SS05L1G00&line_item_id=17820&subid_spx=185392-SQQD_12D2GHvmSm1I3nW&

Response headers

status
200
server
nginx
date
Tue, 02 Apr 2019 20:56:36 GMT
content-type
text/html; charset=UTF-8
content-length
484
access-control-allow-origin
*
access-control-allow-headers
Content-Type
referrer-policy
no-referrer
cache-control
no-cache, private
content-encoding
gzip
x-device
desktop
accept-ranges
bytes
age
0
tp-cache
MISS
vary
Accept-Encoding

Redirect headers

Date
Tue, 02 Apr 2019 20:56:36 GMT
Server
SpirooxPerformance-Server-1.0
Cache-Control
no-cache, no-store, must-revalidate, max-age=0
Expires
0
Pragma
no-cache
Connection
close
Location
https://mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822addb36/20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Set-Cookie
c24535=1 ; domain=tr7ck.bruceleadx2.com; path=/; expires=Wed, 03 Apr 2019 20:56:36 GMT l17820=1 ; domain=tr7ck.bruceleadx2.com; path=/; expires=Wed, 03 Apr 2019 20:56:36 GMT
offer.png
mobi.limpres.com/ 		95 B
431 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://mobi.limpres.com/offer.png
Requested by
Host: mobi.limpres.com
URL: https://mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822addb36/20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6
Protocol
HTTP/1.1
Server
31.170.100.125 -, , ASN201942 (SOLTIA, ES),
Reverse DNS
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:56:37 GMT
TP-Cache
HIT
Last-Modified
Mon, 18 Mar 2019 17:46:39 GMT
Age
1283701
ETag
"5c8fd97f-5f"
Content-Type
image/png
Cache-Control
max-age=315360000
X-Device
desktop
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
95
Expires
Thu, 31 Dec 2037 23:55:55 GMT
4502857aa004e86d2a
misctraff.com/l/ 		18 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS
Requested by
Host: mobi.limpres.com
URL: https://mobi.limpres.com/UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xSTNuVyxMOjE3ODIwLEM6MjQ1MzU%3D/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/ea1a938d-6742-4d09-b0b7-782822addb36/20190402_cdf50c92-5589-11e9-b9ee-c3b004328ca6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523

Request headers

Host
misctraff.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 02 Apr 2019 20:56:37 GMT
Content-Type
text/html
Last-Modified
Tue, 23 Oct 2018 13:25:19 GMT
Transfer-Encoding
chunked
ETag
W/"5bcf213f-4688"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip
gw
misctraff.com/
Redirect Chain
  • https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&code2=Y3RtATE1NTQyMzg1OTc2NDIAc3JjAWlvAHZlcgExOQBwbH...
  • https://misctraff.com/gw?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_Uzo...
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://misctraff.com/gw?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%26cid%3Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%26ref%3DM2019040220-caf23c73ac14ece47bd83055e14001d5&vId=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&hash=4502857aa004e86d2a&ete=true
Requested by
Host: misctraff.com
URL: https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b

Request headers

Host
misctraff.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS
Accept-Encoding
gzip, deflate, br
Cookie
BSESSID=trkecf7f094-f7b4-449b-8cdf-3190eebf2de7
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS

Response headers

Server
nginx
Date
Tue, 02 Apr 2019 20:56:37 GMT
Content-Type
text/html
Last-Modified
Wed, 14 Nov 2018 16:09:45 GMT
Transfer-Encoding
chunked
ETag
W/"5bec48c9-589"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 02 Apr 2019 20:56:37 GMT
Transfer-Encoding
chunked
Location
//misctraff.com/gw?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%26cid%3Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%26ref%3DM2019040220-caf23c73ac14ece47bd83055e14001d5&vId=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&hash=4502857aa004e86d2a&ete=true
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
Set-Cookie
BSESSID=trkecf7f094-f7b4-449b-8cdf-3190eebf2de7; Max-Age=63072000; Expires=Thu, 01 Apr 2021 20:56:37 GMT; Path=/
Cookie set cimp.php
rtb.exoclick.com/
Redirect Chain
  • https://typrg.com/dep.php?pid=7642&subid=15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&cid=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&ref=M2019040220-caf23c73ac14ece47bd83055e...
  • https://enjrg.com/dep.php?pid=7642&subid=15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&cid=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&ref=M2019040220-caf23c73ac14ece47bd83055e...
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbVkxTVdJMU9HWXpOUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4My45Ny4yMy4xOXxERVV8NTJ8YWRleG...
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbVkxTVdJMU9HWXpOUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4My45Ny4yMy4xOXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDUyNjE5MHw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDIzNjMwNjB8MjAxNDU5NTR8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxMi41fDc1fFVTRHxFVVJ8MS4xMzQ0fDEuMTM0NHwyMnx8MXxERVV8ODMuOTcuMjMuMTl8MTB8MnwxfHw4Y2Y0OTllNGVlM2JjNjgzNmIzMzg0YWU3YmU0MjM4ZnwzZGI2MzBjNTM2YzM2Yjc0ZmZiODNhM2VlMDU5NTMwZHwxfDB8MzE2NS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3w3NWViMzY2Y2M2N2ExYmMzMTVjZDc3NDVmNzgxNTcxNA%3D%3D
Requested by
Host: misctraff.com
URL: https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%26cid%3Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%26ref%3DM2019040220-caf23c73ac14ece47bd83055e14001d5&vId=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&hash=4502857aa004e86d2a&ete=true
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
8583305a9c49a99dcf6534a3e21615824f00f5ab94f0ed02050c6b06734b120d

Request headers

Host
rtb.exoclick.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%26cid%3Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%26ref%3DM2019040220-caf23c73ac14ece47bd83055e14001d5&vId=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&hash=4502857aa004e86d2a&ete=true
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://misctraff.com/l/4502857aa004e86d2a?sub=M2019040220-caf23c73ac14ece47bd83055e14001d5&source=UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS&url=https%3A%2F%2Ftyprg.com%2Fdep.php%3Fpid%3D7642%26subid%3D15465_UzoxODk3LFNCOjE4NTM5Mi1TUVFEXzEyRDJHSHZtU20xS%26cid%3Dbmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1%26ref%3DM2019040220-caf23c73ac14ece47bd83055e14001d5&vId=bmconv_20190402225637_cba4c7db_fcba_492f_a08e_e374d2e015c1&hash=4502857aa004e86d2a&ete=true

Response headers

Server
nginx
Date
Tue, 02 Apr 2019 20:56:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225ca3cc86c71bd8.259433012786888709%22%3B%7D; expires=Thu, 01-Apr-2021 20:56:38 GMT; Max-Age=63072000; domain=exoclick.com
Content-Encoding
gzip

Redirect headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Tue, 02 Apr 2019 20:56:38 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Location
https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbVkxTVdJMU9HWXpOUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4My45Ny4yMy4xOXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDUyNjE5MHw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDIzNjMwNjB8MjAxNDU5NTR8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxMi41fDc1fFVTRHxFVVJ8MS4xMzQ0fDEuMTM0NHwyMnx8MXxERVV8ODMuOTcuMjMuMTl8MTB8MnwxfHw4Y2Y0OTllNGVlM2JjNjgzNmIzMzg0YWU3YmU0MjM4ZnwzZGI2MzBjNTM2YzM2Yjc0ZmZiODNhM2VlMDU5NTMwZHwxfDB8MzE2NS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3w3NWViMzY2Y2M2N2ExYmMzMTVjZDc3NDVmNzgxNTcxNA%3D%3D
Server
nginx
Set-Cookie
uuid=15542385986975208357442171; expires=Thu, 02-May-2019 20:56:38 GMT; Max-Age=2592000
Content-Length
0
Connection
keep-alive
Primary Request /
www.critch-comedy.de/cxp/200-euro-gratis/
Redirect Chain
  • https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbVkxTVdJMU9HWXpOUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4My45Ny4yMy4xOXxERVV8NTJ8YWRleG...
  • http://www1.lustich.de/link
  • http://www1.lustich.de/link/
  • http://www.critch-comedy.de/cxp/200-euro-gratis/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.critch-comedy.de/cxp/200-euro-gratis/
Requested by
Host: rtb.exoclick.com
URL: https://rtb.exoclick.com/cimp.php?data=TVRVMU5ESXpPRFU1T0h4bFl6SXdNakUyWTJRMk16aGpOMkpsT0dObE9HTTJZbVkxTVdJMU9HWXpOUT09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3w4My45Ny4yMy4xOXxERVV8NTJ8YWRleGNoYW5nZS03NDkwMjAuY29tfDUyNjE5MHw1MzAzNDB8NzQ5MDIwfDMxMjIwNTB8NTEzfDIzNjMwNjB8MjAxNDU5NTR8MTZ8MnwwfDB8MTU1NDd8NzY0MnwxMi41fDc1fFVTRHxFVVJ8MS4xMzQ0fDEuMTM0NHwyMnx8MXxERVV8ODMuOTcuMjMuMTl8MTB8MnwxfHw4Y2Y0OTllNGVlM2JjNjgzNmIzMzg0YWU3YmU0MjM4ZnwzZGI2MzBjNTM2YzM2Yjc0ZmZiODNhM2VlMDU5NTMwZHwxfDB8MzE2NS5wZWFrYWR4LmNvbXwwfDB8MHwwLjAxfDF8MHxleGNoYW5nZV9saW5rfGJmNDg2ZjNhYmE0YzQzMjYzMmJkZWQwZjk5YTdiZDQyfDB8MHwwfDI5NTAxNTd8MHwwfDI5NTAxNTl8aG9zdGluZ3x2cG58MXwxNDQwfHwwfDB8MHxPS3w3NWViMzY2Y2M2N2ExYmMzMTVjZDc3NDVmNzgxNTcxNA%3D%3D
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
ca61e9f547a3af71d2243d5efd0d3fbe694af2e78ad91bf79cc012776c280d59

Request headers

Host
www.critch-comedy.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:56:38 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Access-Control-Allow-Headers
Authorization
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Fri, 29 Mar 2019 20:50:49 GMT
ETag
"55d-58541d35f03c6-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
780
Keep-Alive
timeout=15, max=100
Content-Type
text/html

Redirect headers

Date
Tue, 02 Apr 2019 20:56:38 GMT
Server
Apache
Location
http://www.critch-comedy.de/cxp/200-euro-gratis/
Content-Length
0
Keep-Alive
timeout=15, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
showads.js
www.critch-comedy.de/cxp/200-euro-gratis/ 		21 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.critch-comedy.de/cxp/200-euro-gratis/showads.js
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
www.critch-comedy.de
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
*/*
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 02 Apr 2019 20:56:39 GMT
Last-Modified
Wed, 27 Mar 2019 14:12:07 GMT
Server
Apache
ETag
"15-5851405d534cb"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization
Content-Length
21
Keep-Alive
timeout=15, max=99
js
www.googletagmanager.com/gtag/ 		63 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:820::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
d905b7b3860e8a0e0ec3c3f9537fc2bd4c19a9c9eae4f40de595b6b62bab60b7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Apr 2019 20:56:39 GMT
content-encoding
br
last-modified
Tue, 02 Apr 2019 17:35:14 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
24780
x-xss-protection
0
expires
Tue, 02 Apr 2019 20:56:39 GMT
HXFJWCUIIe
t.co/ Frame C030
Redirect Chain
  • http://t.co/HXFJWCUIIe
  • https://t.co/HXFJWCUIIe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/HXFJWCUIIe
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/HXFJWCUIIe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Tue, 02 Apr 2019 20:56:39 GMT
expires
Tue, 02 Apr 2019 21:01:39 GMT
server
tsa_f
set-cookie
muc=95d2b4e8-e706-4a90-a09e-4e4e88265d13; Max-Age=63072000; Expires=Thu, 1 Apr 2021 20:56:39 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
cdc54bb2c43bdef9da5e4b7f3378fb43
x-response-time
114
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Tue, 02 Apr 2019 20:56:39 GMT
location
https://t.co/HXFJWCUIIe
server
tsa_f
x-connection-hash
48b1ff4a5fb753c496b334287d3572b6
x-response-time
114
x9tizX9PKq
t.co/ Frame ECA3
Redirect Chain
  • http://t.co/x9tizX9PKq
  • https://t.co/x9tizX9PKq
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/x9tizX9PKq
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 San Francisco, United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/x9tizX9PKq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
186
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Tue, 02 Apr 2019 20:56:39 GMT
expires
Tue, 02 Apr 2019 21:01:39 GMT
referrer-policy
unsafe-url
server
tsa_f
set-cookie
muc=125834b6-9f6e-4b40-ac31-7cfc4636e64a; Max-Age=63072000; Expires=Thu, 1 Apr 2021 20:56:39 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
cdc54bb2c43bdef9da5e4b7f3378fb43
x-response-time
124
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Tue, 02 Apr 2019 20:56:39 GMT
location
https://t.co/x9tizX9PKq
server
tsa_f
x-connection-hash
b426bb0e0d6e0474009ecb457372b5ae
x-response-time
114
/
dirtyads.de/ip-ad/ Frame 2C8F
Redirect Chain
  • http://tinyurl.com/y5psyqtv
  • http://dirtyads.de/ip-ad/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://dirtyads.de/ip-ad/
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
dirtyads.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

Date
Tue, 02 Apr 2019 20:56:40 GMT
Server
Apache
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
239
Keep-Alive
timeout=15, max=100
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Tue, 02 Apr 2019 20:56:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d1eba949fc8998d10108016b5c07abd151554238599; expires=Wed, 01-Apr-20 20:56:39 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=ca3cc8b05c7d000000000000; expires=Wed, 01-Apr-2020 20:56:38 GMT; Max-Age=31536000; path=/; domain=.tinyurl.com
Location
http://dirtyads.de/ip-ad/
X-tiny
cache 0.0093319416046143
Server
cloudflare
CF-RAY
4c15b5ec1a67c2dd-FRA
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
4183
date
Tue, 02 Apr 2019 19:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 02 Apr 2019 21:46:56 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j73&aip=1&a=1590266834&t=pageview&_s=1&dl=http%3A%2F%2Fwww.critch-comedy.de%2Fcxp%2F200-euro-gratis%2F&ul=en-us&de=UTF-8&dt=200%20Euro%20gratis%20-%20Critch%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=935293915&gjid=655356317&cid=963691409.1554238599&tid=UA-117671757-2&_gid=244215890.1554238599&_r=1&gtm=2ou3i1&z=597769553
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81e::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 02 Apr 2019 20:56:39 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask boolean| canRunAds function| gtag object| dataLayer undefined| leave object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

7 Cookies

Domain/Path Name / Value
.stepstone.de/ Name: dtLatC
Value: 1
www.stepstone.de/ Name: ONLINE_CF
Value: 142-42
.stepstone.de/ Name: dtCookie
Value: 13$AFS7L3JBPL3RUQ261UGL20DO0K9IHPCV|9d8ef954bd9e252f|1
.stepstone.de/ Name: rxvt
Value: 1554240404569|1554238604522
.stepstone.de/ Name: dtPC
Value: -20$238601097_543h-vILYDWAKMSQGSXSHDFZMMEAISCTIUVWJX
.stepstone.de/ Name: rxVisitor
Value: 1554238601109Q0EQLOTHR7MDTSHVUQ1JI06PECSL34CA
.777.com/ Name: uid
Value: UA-377967-8__45487587025448

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

add.stringwood.icu
dirtyads.de
enjrg.com
minently.com
misctraff.com
mobi.limpres.com
rtb.exoclick.com
t.co
tinyurl.com
tr7ck.bruceleadx2.com
typrg.com
up.trkgenius.com
www.critch-comedy.de
www.google-analytics.com
www.googletagmanager.com
www1.lustich.de
104.244.42.133
104.244.42.5
107.6.174.196
108.163.203.126
109.123.118.67
205.147.93.131
213.178.155.9
2606:4700:10::6814:db2a
2a00:1450:4001:81e::200e
2a00:1450:4001:820::2008
31.170.100.125
31.170.100.126
34.199.255.232
52.206.170.190
62.212.87.141
78.46.10.196
78.46.155.195
95.211.229.246
0ff552ce6e9bdf2f8cbc3a1a0fbb500ca3b63b458b9ef62c3876bf1c0a0938b7
21c27dbdb1763816e632bfdd4394bddec5837ed3baac4687dee6b85d704fd01f
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4657d82562f84f1e36bed91b1051c4b38ce23472134ffd0b15bbbf5ea212c52c
72f8c5dcdd61bf8a5fb928ed745e500610bb7cf0efd33bf100e1ff9426ffaab2
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8583305a9c49a99dcf6534a3e21615824f00f5ab94f0ed02050c6b06734b120d
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316
b7806578c7b5de3f40d8e4696a84c3b0b4e686e0b7dea2e935af3df63404e523
ca61e9f547a3af71d2243d5efd0d3fbe694af2e78ad91bf79cc012776c280d59
d905b7b3860e8a0e0ec3c3f9537fc2bd4c19a9c9eae4f40de595b6b62bab60b7
e13ed77dfeaa6337766a94370d26a84f27097e38ef8aeb897f3cdcb5a39e2b4b
f634d15c7f2f58b0b261a9a1492bcacd132487280bec7a9702c2b7b92f8bbf10