Submitted URL: http://redirect.forbiddendance.net/u/cUZ3aKfXQ1G8Mnq1er0dZw
Effective URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Submission: On May 31 via api from BE

Summary

This website contacted 11 IPs in 4 countries across 13 domains to perform 17 HTTP transactions. The main IP is 78.46.10.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.critch-comedy.de.
This is the only time www.critch-comedy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 51.38.230.43 16276 (OVH)
1 3 198.143.165.221 32475 (SINGLEHOP...)
1 3 107.6.174.196 32475 (SINGLEHOP...)
1 205.147.93.131 393676 (ZENEDGE)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 54.85.224.136 14618 (AMAZON-AES)
1 2 95.211.229.245 60781 (LEASEWEB-...)
2 2 78.46.155.195 24940 (HETZNER-AS)
3 78.46.10.196 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 104.244.42.5 13414 (TWITTER)
2 104.244.42.69 13414 (TWITTER)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
17 11
Domain Requested by
4 t.co 2 redirects www.critch-comedy.de
3 up.trkgenius.com 1 redirects links.securedark.com
up.trkgenius.com
3 links.securedark.com 1 redirects redirect.forbiddendance.net
links.securedark.com
2 www.google-analytics.com www.googletagmanager.com
www.critch-comedy.de
2 www.critch-comedy.de syndication.exdynsrv.com
www.critch-comedy.de
2 www1.lustich.de 2 redirects
2 syndication.exdynsrv.com 1 redirects ps.popcash.net
2 ps.popcash.net 1 redirects minently.com
2 redirect.forbiddendance.net 1 redirects
1 dirtyads.de www.critch-comedy.de
1 tinyurl.com 1 redirects
1 www.googletagmanager.com www.critch-comedy.de
1 popcash.net minently.com
1 minently.com
17 14

This site contains no links.

Subject Issuer Validity Valid
up.trkgenius.com
Let's Encrypt Authority X3
2019-05-22 -
2019-08-20
3 months crt.sh
minently.com
Let's Encrypt Authority X3
2019-04-16 -
2019-07-15
3 months crt.sh
exdynsrv.com
Let's Encrypt Authority X3
2019-04-29 -
2019-07-28
3 months crt.sh
*.google-analytics.com
Google Internet Authority G3
2019-05-14 -
2019-08-06
3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA
2019-03-07 -
2020-03-07
a year crt.sh

This page contains 4 frames:

Primary Page: http://www.critch-comedy.de/cxp/200-euro-gratis/
Frame ID: 92D10D01EC06E4646B6C24E0205A5C2D
Requests: 14 HTTP requests in this frame

Frame: https://t.co/HXFJWCUIIe
Frame ID: 3FB962A546A24E6605895CABACE709F5
Requests: 1 HTTP requests in this frame

Frame: https://t.co/x9tizX9PKq
Frame ID: 8A04690628136C5648DCF0707F48EEDB
Requests: 1 HTTP requests in this frame

Frame: http://dirtyads.de/ip-ad/
Frame ID: 155445754957978FE1D81EAB7FE5C621
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://redirect.forbiddendance.net/u/cUZ3aKfXQ1G8Mnq1er0dZw HTTP 302
    http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=... Page URL
  2. http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
  3. http://links.securedark.com/?utm_term=6697217533453272059&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  4. http://links.securedark.com/proc.php?37e6f493c7ab1da4a89ab52e46bdc5a8aa7ac124 HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=669721753345327... Page URL
  5. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272... Page URL
  6. https://up.trkgenius.com/out.php?v=2a0045a0e669f723d70ba0d5a6c9fdba HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=W... Page URL
  7. http://popcash.net/world/go/216668/462082 HTTP 301
    http://ps.popcash.net/go/216668/462082 Page URL
  8. http://ps.popcash.net/ad/ad?p=216668&w=462082&t=556a9292eb82b89e&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5... HTTP 303
    https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8 Page URL
  9. https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8&p=http%3A%2F%2Fps.popcash.net%2F... HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxp/200-euro-gratis/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Page Statistics

17
Requests

53 %
HTTPS

29 %
IPv6

13
Domains

14
Subdomains

11
IPs

4
Countries

57 kB
Transfer

131 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://redirect.forbiddendance.net/u/cUZ3aKfXQ1G8Mnq1er0dZw HTTP 302
    http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=nl_BE&e=e:X2nq80cAAK4EnzxUN9uYTBREXRN9OkM6T6-q4_0SUa4 Page URL
  2. http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72 Page URL
  3. http://links.securedark.com/?utm_term=6697217533453272059&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b78186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6af Page URL
  4. http://links.securedark.com/proc.php?37e6f493c7ab1da4a89ab52e46bdc5a8aa7ac124 HTTP 302
    https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704 Page URL
  5. https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704&m=.fl895lR903.Pl6xd2eBFlQXVDfm_L4E1x1xlwvdjeURQe9Xlw95Qe9xls1pQ613Q0TRQdV3dV3nW2boB-1fTWVfTgvGmxAtdp3Qdpend2baGw9poDQsVHw Page URL
  6. https://up.trkgenius.com/out.php?v=2a0045a0e669f723d70ba0d5a6c9fdba HTTP 302
    https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6228700c50ae5b92e444d41d36d4f15e&ext1=dvx Page URL
  7. http://popcash.net/world/go/216668/462082 HTTP 301
    http://ps.popcash.net/go/216668/462082 Page URL
  8. http://ps.popcash.net/ad/ad?p=216668&w=462082&t=556a9292eb82b89e&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
    https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8 Page URL
  9. https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8&p=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tested=1&check=0a2bcdf63d7e5365d3c63c3e3488d1d4&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxp/200-euro-gratis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://redirect.forbiddendance.net/u/cUZ3aKfXQ1G8Mnq1er0dZw HTTP 302
  • http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=nl_BE&e=e:X2nq80cAAK4EnzxUN9uYTBREXRN9OkM6T6-q4_0SUa4
Request Chain 3
  • http://links.securedark.com/proc.php?37e6f493c7ab1da4a89ab52e46bdc5a8aa7ac124 HTTP 302
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704
Request Chain 5
  • https://up.trkgenius.com/out.php?v=2a0045a0e669f723d70ba0d5a6c9fdba HTTP 302
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6228700c50ae5b92e444d41d36d4f15e&ext1=dvx
Request Chain 7
  • http://popcash.net/world/go/216668/462082 HTTP 301
  • http://ps.popcash.net/go/216668/462082
Request Chain 8
  • http://ps.popcash.net/ad/ad?p=216668&w=462082&t=556a9292eb82b89e&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200 HTTP 303
  • https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8
Request Chain 11
  • http://t.co/HXFJWCUIIe HTTP 301
  • https://t.co/HXFJWCUIIe
Request Chain 12
  • http://t.co/x9tizX9PKq HTTP 301
  • https://t.co/x9tizX9PKq
Request Chain 13
  • http://tinyurl.com/y5psyqtv HTTP 301
  • http://dirtyads.de/ip-ad/

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
unsubscribe
redirect.forbiddendance.net/c/
Redirect Chain
  • http://redirect.forbiddendance.net/u/cUZ3aKfXQ1G8Mnq1er0dZw
  • http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=nl_BE&e=e:X2nq80cAAK4EnzxUN9uYTBREXRN9OkM6T6-q4_0SUa4
825 B
820 B
Document
General
Full URL
http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=nl_BE&e=e:X2nq80cAAK4EnzxUN9uYTBREXRN9OkM6T6-q4_0SUa4
Protocol
HTTP/1.1
Server
51.38.230.43 , France, ASN16276 (OVH, FR),
Reverse DNS
1-43.forbiddendance.net
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
7590fcedaadab4f6f03763b2444c86df150b13c0fbe44ac6736976438cf1a7cc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Host
redirect.forbiddendance.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 31 May 2019 15:44:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Content-Encoding
gzip

Redirect headers

Server
nginx/1.14.0 (Ubuntu)
Date
Fri, 31 May 2019 15:44:27 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Location
http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=nl_BE&e=e:X2nq80cAAK4EnzxUN9uYTBREXRN9OkM6T6-q4_0SUa4
Cookie set /
links.securedark.com/
3 KB
2 KB
Document
General
Full URL
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Requested by
Host: redirect.forbiddendance.net
URL: http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=nl_BE&e=e:X2nq80cAAK4EnzxUN9uYTBREXRN9OkM6T6-q4_0SUa4
Protocol
HTTP/1.1
Server
198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.3
Resource Hash
6ba63412c0d0f0d04cd2a2a77cd4ae4aa9948432cae3e27972b7c4c2c6663e94

Request headers

Host
links.securedark.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=nl_BE&e=e:X2nq80cAAK4EnzxUN9uYTBREXRN9OkM6T6-q4_0SUa4
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://redirect.forbiddendance.net/c/unsubscribe?email=jose.vanimpe%40gmail.com&list=forbiddendance.net&locale=nl_BE&e=e:X2nq80cAAK4EnzxUN9uYTBREXRN9OkM6T6-q4_0SUa4

Response headers

Server
nginx
Date
Fri, 31 May 2019 15:44:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.3
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Set-Cookie
u=927cebe32c68e85470406e8985b46aa9; expires=Sat, 30-May-2020 15:44:29 GMT; Max-Age=31536000; path=/
Content-Encoding
gzip
/
links.securedark.com/
5 KB
2 KB
Document
General
Full URL
http://links.securedark.com/?utm_term=6697217533453272059&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b78186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6af
Requested by
Host: links.securedark.com
URL: http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Protocol
HTTP/1.1
Server
198.143.165.221 Chicago, United States, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
server04.com-2.mobi
Software
nginx / PHP/7.3.3
Resource Hash
5b120bc3cbbd0d1890e050f336d3ebb0553b6fc992dc0f884a7b2876ed6782e1

Request headers

Host
links.securedark.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72
Accept-Encoding
gzip, deflate
Cookie
u=927cebe32c68e85470406e8985b46aa9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://links.securedark.com/?utm_medium=1825f7f8626bf29d7f48c762c1de1fbab4f0fd72

Response headers

Server
nginx
Date
Fri, 31 May 2019 15:44:29 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
X-Powered-By
PHP/7.3.3
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Content-Encoding
gzip
in.html
up.trkgenius.com/
Redirect Chain
  • http://links.securedark.com/proc.php?37e6f493c7ab1da4a89ab52e46bdc5a8aa7ac124
  • https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704
6 KB
3 KB
Document
General
Full URL
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704
Requested by
Host: links.securedark.com
URL: http://links.securedark.com/?utm_term=6697217533453272059&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b78186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6af
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.17.0 /
Resource Hash
7e11348d49a8eb6e7584fca5405c42b697353d4c8b6946ac4d57c4e17b0e0eaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://links.securedark.com/?utm_term=6697217533453272059&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b78186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6af
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://links.securedark.com/?utm_term=6697217533453272059&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8db283b78186b684859af7f9f7faecfffce2f6bde1e4fef9f49892e8d8eea88382858f85c1af8987cbfac9ccf9cccbfcfdf287828493f7f4c4cafafef9fecffdfff2f3c0c1c6af

Response headers

status
200
server
nginx/1.17.0
date
Fri, 31 May 2019 15:44:29 GMT
content-type
text/html
last-modified
Sun, 27 Jan 2019 05:38:08 GMT
etag
W/"5c4d43c0-1605"
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip

Redirect headers

Server
nginx
Date
Fri, 31 May 2019 15:44:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/7.3.3
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Location
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704
in.php
up.trkgenius.com/
1 KB
983 B
Document
General
Full URL
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704&m=.fl895lR903.Pl6xd2eBFlQXVDfm_L4E1x1xlwvdjeURQe9Xlw95Qe9xls1pQ613Q0TRQdV3dV3nW2boB-1fTWVfTgvGmxAtdp3Qdpend2baGw9poDQsVHw
Requested by
Host: up.trkgenius.com
URL: https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
107.6.174.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC - SingleHop LLC, US),
Reverse DNS
bigfish.setupcentral.network
Software
nginx/1.17.0 /
Resource Hash
c94650eb534a498f66f64c3df21f67b02c3272b2da7e29d6b359db2748043536
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
GET
:authority
up.trkgenius.com
:scheme
https
:path
/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704&m=.fl895lR903.Pl6xd2eBFlQXVDfm_L4E1x1xlwvdjeURQe9Xlw95Qe9xls1pQ613Q0TRQdV3dV3nW2boB-1fTWVfTgvGmxAtdp3Qdpend2baGw9poDQsVHw
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://up.trkgenius.com/in.html?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704

Response headers

status
200
server
nginx/1.17.0
date
Fri, 31 May 2019 15:44:30 GMT
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
refresh
0; url=out.php?v=2a0045a0e669f723d70ba0d5a6c9fdba
set-cookie
t=c81923ba82cdc20f
strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ
minently.com/RnSda/rDN3/ojdn/
Redirect Chain
  • https://up.trkgenius.com/out.php?v=2a0045a0e669f723d70ba0d5a6c9fdba
  • https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6228700c50ae5b92e444d41d36d4f15e&ext1=dvx
4 KB
3 KB
Document
General
Full URL
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6228700c50ae5b92e444d41d36d4f15e&ext1=dvx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
3f16c7ce720027021b8551315f10f2f7779b173e0f03c614c4514e7baf03d828
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
minently.com
:scheme
https
:path
/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6228700c50ae5b92e444d41d36d4f15e&ext1=dvx
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704&m=.fl895lR903.Pl6xd2eBFlQXVDfm_L4E1x1xlwvdjeURQe9Xlw95Qe9xls1pQ613Q0TRQdV3dV3nW2boB-1fTWVfTgvGmxAtdp3Qdpend2baGw9poDQsVHw
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://up.trkgenius.com/in.php?campaign=58500fec724faa9b59248365d547186e&s1=dvx&cid=6697217533453272059&pubid=2704&m=.fl895lR903.Pl6xd2eBFlQXVDfm_L4E1x1xlwvdjeURQe9Xlw95Qe9xls1pQ613Q0TRQdV3dV3nW2boB-1fTWVfTgvGmxAtdp3Qdpend2baGw9poDQsVHw

Response headers

status
200
content-type
text/html;charset=utf-8
x-cache-status
NOTCACHED
x-zen-fury
f434b8dc161b27c24c5edd6aca8a03c9cff75752
date
Fri, 31 May 2019 15:44:30 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
set-cookie
MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D=2d6ad7a141929b661fe2a9aab03b221f_1559317470.2495; domain=minently.com; path=/; expires=Mon, 28-May-2029 15:44:30 UTC; Secure x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D=1559317470.2523; domain=minently.com; path=/; expires=Mon, 28-May-2029 15:44:30 UTC; Secure FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3ZmJpakl0ZmY1RFlOZWd4WW1iT2JlZGxJNkJoVmw4Q0NQeUNmUWorUGJEOQ%3D%3D; domain=minently.com; path=/; expires=Mon, 28-May-2029 15:44:30 UTC; Secure 2d6ad7a141929b661fe2a9aab03b221f_1559317470.2495_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bnZEc0kzbHpMem9zQnQxUTE4UkJTc3pwSFlKY3BWM212TCt6Rldsb0p6U2NHNGJ1SFJUUzRSN1VkWlhETFVwT2hLRVdSeFYra2JUeGpyUjZjOFpsdUd1L0JHTG8vbU9sblQ2QThsTkV3d1dXU04rQkRsdUhNYmtPQXZmOFRBRjF3aktDdEI2Ukc2TDRhNnRURVU2VTF5T003YzlTM1lKUWRHOWFsRU52eVpqQTl2RkM1SkJoZGNlMDZ3Ujg1Q3J2ZkVwUEQrSlFxL2tXWEJ0RzIrRWEwUFE0RllSamRwd3ZzOVFyVWIxYS9UZElnSGljL042UTN1dDl2dEM2NXV3N1hjTzhsM3JKcGZ1SnFWWlljNXpnL1J1dkxjS0t1dkZzQUVKbVJqVFQxdkRKbXBVcm1lcUlQMkhzd3hYVUNkNjgwNWRuZlNpUk9abDFZV09ZZEQrSDFIRUtubTJuaTFRRHhCSE8rYm1VMWRyVk45NHU4WW9KRVNjVEMzTzhNR25vZVVONjdKMVAwWDJTK3BRbzdabzVaNzFlMG1keHY5WVlrSVJZalFwNlBERjJtTlFoZUhXbGNTYmFybi92cnFOa1dVdGk1UHNYRFVtYjdlYXhoanlYa0lVWTRRM2svckNiZkRMVnhiTzlkam9jTjh5RDNjSFVpV3BvbEVRZEZRQWoveTdtdjBFUnRpQWhHQ1p1QmM4cGRyY1dHZ0lROVZHb3JmaWJ3OTRHOHJHN0QvRTVOSUkyalQ1VEJCWkszeVUxME5zWExkMFdvemcxaXpBQWZDa0xpeG45Nm1SVEVBUy9wbllyVm55Znc1YklFeUpMWXJhZjRoQmtQakw4a0ZXRGNZN3B0N0xGYmlLd3lHaGtVMU5LYU9BWUl3dGN2K0cvMEo1RytSeHhyRnUyalRTcXNPZFZLaElnb2EvV2JMQnhZTWR2dWtMTWI4ZGF5dzR1UFYxd3JDUDNVTWo5VnZ3V3oyQU5wZWN1T1lxOTFlRjY4N1NZYXJqZ2hYekJ1ZWdrb3VKMlc4YlcrY2s0UTdrVTFGTElvenBUbmNjd0RxdnBaK2Jwd0FkVHBsRVR4MUd1a1RZcVpYMUY4OUczRlQ2MnpFdjlzWU1ZckQ1akZNRmhDc0hvSlRzN3RORlZpWXNFRzNMbW4wdnR0a3g%3D; domain=minently.com; path=/; expires=Mon, 28-May-2029 15:44:30 UTC; Secure 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D=OG9CcGR2V29yano5bEtEOVcvSk81cHhkOGJLQVpTMGZWOEVJM3lGTiswT3JEV3FOWEg4cXJzSFZHWUFzNzFpK2FSK25XaW5HWlRCUWlxL1NjUVJ2V1V2U3dPSzBpZXE0dlYvQXRLU25kZHM9; domain=minently.com; path=/; expires=Fri, 31-May-2019 16:49:30 UTC; Secure SERVERID=sfc8; path=/
vary
Accept-Encoding Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
ZENEDGE
x-cdn
Served-By-Zenedge

Redirect headers

status
302
server
nginx/1.17.0
date
Fri, 31 May 2019 15:44:30 GMT
content-type
text/html; charset=UTF-8
location
https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6228700c50ae5b92e444d41d36d4f15e&ext1=dvx
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
pragma
no-cache
expires
0
surrogate-control
no-store
strict-transport-security
max-age=31536000; includeSubDomains
462082
popcash.net/world/go/216668/
0
0

462082
ps.popcash.net/go/216668/
Redirect Chain
  • http://popcash.net/world/go/216668/462082
  • http://ps.popcash.net/go/216668/462082
466 B
512 B
Document
General
Full URL
http://ps.popcash.net/go/216668/462082
Requested by
Host: minently.com
URL: https://minently.com/RnSda/rDN3/ojdn/-nsy66txxVnGc0ElKPrtTzsMg30bj4cJhDxLx7UbqKtnp3qUggtUPQ?qDo=WW_MS&subid=6228700c50ae5b92e444d41d36d4f15e&ext1=dvx
Protocol
HTTP/1.1
Server
54.85.224.136 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-85-224-136.compute-1.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Host
ps.popcash.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://minently.com/
Accept-Encoding
gzip, deflate
Cookie
__cfduid=d9e6d9db58df77b4e40f9d951abddfc031559317470
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://minently.com/

Response headers

Date
Fri, 31 May 2019 15:44:30 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
Server
nginx
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Date
Fri, 31 May 2019 15:44:30 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Set-Cookie
__cfduid=d9e6d9db58df77b4e40f9d951abddfc031559317470; expires=Sat, 30-May-20 15:44:30 GMT; path=/; domain=.popcash.net; HttpOnly
Location
http://ps.popcash.net/go/216668/462082
Server
cloudflare
CF-RAY
4dfa11ce2c4097a2-FRA
Cookie set splash.php
syndication.exdynsrv.com/
Redirect Chain
  • http://ps.popcash.net/ad/ad?p=216668&w=462082&t=556a9292eb82b89e&r=aHR0cHMlM0ElMkYlMkZtaW5lbnRseS5jb20lMkY=&vw=1600&vh=1200
  • https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8
1 KB
941 B
Document
General
Full URL
https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8
Requested by
Host: ps.popcash.net
URL: http://ps.popcash.net/go/216668/462082
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.245 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
bbb3b79666cf90038cfcbe842af2f54d6162970568f71ecb0638b5028bdfd368

Request headers

Host
syndication.exdynsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://ps.popcash.net/go/216668/462082
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://ps.popcash.net/go/216668/462082

Response headers

Server
nginx
Date
Fri, 31 May 2019 15:44:31 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%225cf14bdf7ad183.44929534411045545%22%3B%7D; expires=Sun, 30-May-2021 15:44:31 GMT; Max-Age=63072000; domain=exdynsrv.com
Content-Encoding
gzip

Redirect headers

Date
Fri, 31 May 2019 15:44:31 GMT
Content-Type
text/html; charset=utf-8
Content-Length
111
Connection
keep-alive
Server
nginx
Location
https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8
Primary Request /
www.critch-comedy.de/cxp/200-euro-gratis/
Redirect Chain
  • https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8&p=http%3A%2F%2Fps.popcash.net%2Fgo%2F216668%2F462082&tested=1&check=0a2bcdf63d7e5365d3c63c3e3488d1d4&screen_resolution=1...
  • http://www1.lustich.de/link
  • http://www1.lustich.de/link/
  • http://www.critch-comedy.de/cxp/200-euro-gratis/
1 KB
1 KB
Document
General
Full URL
http://www.critch-comedy.de/cxp/200-euro-gratis/
Requested by
Host: syndication.exdynsrv.com
URL: https://syndication.exdynsrv.com/splash.php?idzone=3207861&sub=462082&type=8
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
ca61e9f547a3af71d2243d5efd0d3fbe694af2e78ad91bf79cc012776c280d59

Request headers

Host
www.critch-comedy.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 31 May 2019 15:44:31 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Access-Control-Allow-Headers
Authorization
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Sat, 06 Apr 2019 17:05:13 GMT
ETag
"55d-585df9b534e09-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
780
Keep-Alive
timeout=15, max=100
Content-Type
text/html

Redirect headers

Date
Fri, 31 May 2019 15:44:31 GMT
Server
Apache
Location
http://www.critch-comedy.de/cxp/200-euro-gratis/
Content-Length
0
Keep-Alive
timeout=15, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
showads.js
www.critch-comedy.de/cxp/200-euro-gratis/
21 B
400 B
Script
General
Full URL
http://www.critch-comedy.de/cxp/200-euro-gratis/showads.js
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Fri, 31 May 2019 15:44:31 GMT
Last-Modified
Wed, 27 Mar 2019 14:12:07 GMT
Server
Apache
ETag
"15-5851405d534cb"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization
Content-Length
21
Keep-Alive
timeout=15, max=99
js
www.googletagmanager.com/gtag/
64 KB
25 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
4e18b38317b35b54d5da219577ec6120a97962b913b82cb30dc45945b5c2d02c
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Fri, 31 May 2019 15:44:31 GMT
content-encoding
br
last-modified
Thu, 30 May 2019 16:41:01 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25345
x-xss-protection
0
expires
Fri, 31 May 2019 15:44:31 GMT
HXFJWCUIIe
t.co/ Frame 3FB9
Redirect Chain
  • http://t.co/HXFJWCUIIe
  • https://t.co/HXFJWCUIIe
0
0
Document
General
Full URL
https://t.co/HXFJWCUIIe
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/HXFJWCUIIe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Fri, 31 May 2019 15:44:32 GMT
expires
Fri, 31 May 2019 15:49:32 GMT
server
tsa_f
set-cookie
muc=129c081e-0029-489d-b282-6bb98bd97250; Max-Age=63072000; Expires=Sun, 30 May 2021 15:44:32 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
e7afcb2c0a5af043cdeb52c1b95e7dd2
x-response-time
118
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Fri, 31 May 2019 15:44:31 GMT
location
https://t.co/HXFJWCUIIe
server
tsa_f
x-connection-hash
3ac736fac924e8655ee780a732e79376
x-response-time
116
x9tizX9PKq
t.co/ Frame 8A04
Redirect Chain
  • http://t.co/x9tizX9PKq
  • https://t.co/x9tizX9PKq
0
0
Document
General
Full URL
https://t.co/x9tizX9PKq
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/x9tizX9PKq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
186
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Fri, 31 May 2019 15:44:32 GMT
expires
Fri, 31 May 2019 15:49:32 GMT
referrer-policy
unsafe-url
server
tsa_f
set-cookie
muc=23b5c020-ea0a-4747-9653-19fbf9df8877; Max-Age=63072000; Expires=Sun, 30 May 2021 15:44:32 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
e7afcb2c0a5af043cdeb52c1b95e7dd2
x-response-time
122
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Fri, 31 May 2019 15:44:31 GMT
location
https://t.co/x9tizX9PKq
server
tsa_f
x-connection-hash
be9083dfc6b426faaa42e2747f20e343
x-response-time
114
/
dirtyads.de/ip-ad/ Frame 1554
Redirect Chain
  • http://tinyurl.com/y5psyqtv
  • http://dirtyads.de/ip-ad/
0
0
Document
General
Full URL
http://dirtyads.de/ip-ad/
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
dirtyads.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

Date
Fri, 31 May 2019 15:44:32 GMT
Server
Apache
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
259
Keep-Alive
timeout=15, max=100
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Fri, 31 May 2019 15:44:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d7d161718a8e7ec1a1e0a5c71da6b390a1559317471; expires=Sat, 30-May-20 15:44:31 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=cf14be414495000000000000; expires=Sat, 30-May-2020 15:44:31 GMT; Max-Age=31536000; path=/; domain=.tinyurl.com
Location
http://dirtyads.de/ip-ad/
X-tiny
cache 0.01301097869873
Server
cloudflare
CF-RAY
4dfa11d69d9196b0-FRA
analytics.js
www.google-analytics.com/
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
718
date
Fri, 31 May 2019 15:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Fri, 31 May 2019 17:32:33 GMT
collect
www.google-analytics.com/r/
35 B
101 B
Image
General
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=1774462753&t=pageview&_s=1&dl=http%3A%2F%2Fwww.critch-comedy.de%2Fcxp%2F200-euro-gratis%2F&ul=en-us&de=UTF-8&dt=200%20Euro%20gratis%20-%20Critch%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=1171247164&gjid=1297826498&cid=1274201032.1559317472&tid=UA-117671757-2&_gid=854731176.1559317472&_r=1&gtm=2ou5m0&z=1943573578
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 31 May 2019 15:44:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
popcash.net
URL
http://popcash.net/world/go/216668/462082?

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask boolean| canRunAds function| gtag object| dataLayer undefined| leave object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

6 Cookies

Domain/Path Name / Value
minently.com/ Name: SERVERID
Value: sfc8
.minently.com/ Name: 5yP2I5NjObrcSXI1%2BbNNiDWvZ1NybmTNXZVxpNr4NvY%3D
Value: OG9CcGR2V29yano5bEtEOVcvSk81cHhkOGJLQVpTMGZWOEVJM3lGTiswT3JEV3FOWEg4cXJzSFZHWUFzNzFpK2FSK25XaW5HWlRCUWlxL1NjUVJ2V1V2U3dPSzBpZXE0dlYvQXRLU25kZHM9
.minently.com/ Name: MQJLpFul5AcCMY1iVl5kuloC9CGeR6nEgJyALuo04f0%3D
Value: 2d6ad7a141929b661fe2a9aab03b221f_1559317470.2495
.minently.com/ Name: 2d6ad7a141929b661fe2a9aab03b221f_1559317470.2495_ck
Value: ck1JbktjM2d5ZHdqZ0pMbmNTTC83bnZEc0kzbHpMem9zQnQxUTE4UkJTc3pwSFlKY3BWM212TCt6Rldsb0p6U2NHNGJ1SFJUUzRSN1VkWlhETFVwT2hLRVdSeFYra2JUeGpyUjZjOFpsdUd1L0JHTG8vbU9sblQ2QThsTkV3d1dXU04rQkRsdUhNYmtPQXZmOFRBRjF3aktDdEI2Ukc2TDRhNnRURVU2VTF5T003YzlTM1lKUWRHOWFsRU52eVpqQTl2RkM1SkJoZGNlMDZ3Ujg1Q3J2ZkVwUEQrSlFxL2tXWEJ0RzIrRWEwUFE0RllSamRwd3ZzOVFyVWIxYS9UZElnSGljL042UTN1dDl2dEM2NXV3N1hjTzhsM3JKcGZ1SnFWWlljNXpnL1J1dkxjS0t1dkZzQUVKbVJqVFQxdkRKbXBVcm1lcUlQMkhzd3hYVUNkNjgwNWRuZlNpUk9abDFZV09ZZEQrSDFIRUtubTJuaTFRRHhCSE8rYm1VMWRyVk45NHU4WW9KRVNjVEMzTzhNR25vZVVONjdKMVAwWDJTK3BRbzdabzVaNzFlMG1keHY5WVlrSVJZalFwNlBERjJtTlFoZUhXbGNTYmFybi92cnFOa1dVdGk1UHNYRFVtYjdlYXhoanlYa0lVWTRRM2svckNiZkRMVnhiTzlkam9jTjh5RDNjSFVpV3BvbEVRZEZRQWoveTdtdjBFUnRpQWhHQ1p1QmM4cGRyY1dHZ0lROVZHb3JmaWJ3OTRHOHJHN0QvRTVOSUkyalQ1VEJCWkszeVUxME5zWExkMFdvemcxaXpBQWZDa0xpeG45Nm1SVEVBUy9wbllyVm55Znc1YklFeUpMWXJhZjRoQmtQakw4a0ZXRGNZN3B0N0xGYmlLd3lHaGtVMU5LYU9BWUl3dGN2K0cvMEo1RytSeHhyRnUyalRTcXNPZFZLaElnb2EvV2JMQnhZTWR2dWtMTWI4ZGF5dzR1UFYxd3JDUDNVTWo5VnZ3V3oyQU5wZWN1T1lxOTFlRjY4N1NZYXJqZ2hYekJ1ZWdrb3VKMlc4YlcrY2s0UTdrVTFGTElvenBUbmNjd0RxdnBaK2Jwd0FkVHBsRVR4MUd1a1RZcVpYMUY4OUczRlQ2MnpFdjlzWU1ZckQ1akZNRmhDc0hvSlRzN3RORlZpWXNFRzNMbW4wdnR0a3g%3D
.minently.com/ Name: FCF1c%2FmvMMVE2i1baMN4rzKRFAbORG7ssZe3urRjefQ%3D
Value: WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3ZmJpakl0ZmY1RFlOZWd4WW1iT2JlZGxJNkJoVmw4Q0NQeUNmUWorUGJEOQ%3D%3D
.minently.com/ Name: x4L5QUolttjJJPxB3IWQEpmJGUfARuShNFYBPvkirT0%3D
Value: 1559317470.2523

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Frame-Options SAMEORIGIN