urlscan.io logo urlscan.io
SecurityTrails logo

www.critch-comedy.de Open in urlscan Pro
78.46.10.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://salinaspuretzo.com/rnd/track?axwu=WaK60IEcisyR4wb7PPY1TQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDm...
Effective URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Submission: On May 30 via api from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 4 countries across 15 domains to perform 14 HTTP transactions. The main IP is 78.46.10.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.critch-comedy.de.
This is the only time www.critch-comedy.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 1 23.20.57.65 14618 (AMAZON-AES)
1 2 62.212.87.141 60781 (LEASEWEB-...)
1 52.208.172.46 16509 (AMAZON-02)
1 205.147.93.131 393676 (ZENEDGE)
1 104.25.186.102 13335 (CLOUDFLAR...)
1 1 173.239.53.17 27257 (WEBAIR-IN...)
1 2 95.211.229.246 60781 (LEASEWEB-...)
2 2 78.46.155.195 24940 (HETZNER-AS)
3 78.46.10.196 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 104.244.42.197 13414 (TWITTER)
2 104.244.42.133 13414 (TWITTER)
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
14 10
1    2606:4700:20::6818:1d51 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
salinaspuretzo.com
1    23.20.57.65 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-23-20-57-65.compute-1.amazonaws.com
madagty.com
2    62.212.87.141 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
bidstraff.com
1    52.208.172.46 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-208-172-46.eu-west-1.compute.amazonaws.com
1d6168aa654.traffic-c.com
1    205.147.93.131 (United States)

ASN393676 (ZENEDGE - Oracle Corporation, US)
durasser.com
1    104.25.186.102 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
botudeso.com
1    173.239.53.17 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.adxfactory.com
2    95.211.229.246 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
syndication.dynsrvtbg.com
2    78.46.155.195 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi3961.your-server.de
www1.lustich.de
3    78.46.10.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1996.your-server.de
www.critch-comedy.de
dirtyads.de
1    2a00:1450:4001:81f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
2    104.244.42.197 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
2    104.244.42.133 (United States)

ASN13414 (TWITTER - Twitter Inc., US)
t.co
1    2606:4700:10::6814:da2a (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
tinyurl.com
2    2a00:1450:4001:814::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
4 t.co 2 redirects www.critch-comedy.de
2 www.google-analytics.com www.googletagmanager.com
www.critch-comedy.de
2 www.critch-comedy.de syndication.dynsrvtbg.com
www.critch-comedy.de
2 www1.lustich.de 2 redirects
2 syndication.dynsrvtbg.com 1 redirects botudeso.com
2 bidstraff.com 1 redirects salinaspuretzo.com
1 dirtyads.de www.critch-comedy.de
1 tinyurl.com 1 redirects
1 www.googletagmanager.com www.critch-comedy.de
1 xml.adxfactory.com 1 redirects
1 botudeso.com
1 durasser.com
1 1d6168aa654.traffic-c.com salinaspuretzo.com
1 madagty.com 1 redirects
1 salinaspuretzo.com
14 15

This site contains no links.

Subject Issuer Validity Valid
trk.billysrv.com
Let's Encrypt Authority X3		 2019-05-24 -
2019-08-22		 3 months crt.sh
traffic-c.com
Let's Encrypt Authority X3		 2019-04-19 -
2019-07-18		 3 months crt.sh
durasser.com
Let's Encrypt Authority X3		 2019-04-16 -
2019-07-15		 3 months crt.sh
ssl375931.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-05-21 -
2019-11-27		 6 months crt.sh
dynsrvtbg.com
Let's Encrypt Authority X3		 2019-04-29 -
2019-07-28		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-05-07 -
2019-07-30		 3 months crt.sh
t.co
DigiCert SHA2 High Assurance Server CA		 2019-03-07 -
2020-03-07		 a year crt.sh

This page contains 4 frames:

Primary Page: http://www.critch-comedy.de/cxp/200-euro-gratis/
Frame ID: 84033C5394D9AC36D076AD72918E39DF
Requests: 11 HTTP requests in this frame

Frame: https://t.co/HXFJWCUIIe
Frame ID: C4C72411F65858244D37ADD26996C94D
Requests: 1 HTTP requests in this frame

Frame: https://t.co/x9tizX9PKq
Frame ID: 9586B5DFDD897832F1A0141B996C0845
Requests: 1 HTTP requests in this frame

Frame: http://dirtyads.de/ip-ad/
Frame ID: 4A14CD9F6CA6FA8F6BF22283EA1D1B03
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://salinaspuretzo.com/rnd/track?axwu=WaK60IEcisyR4wb7PPY1TQ==&af=11908_072c0f96ce4famp&ssp_info=Tb... Page URL
  2. http://madagty.com/bsaui13ezuasyand78?adTagId=e2915ca0-51f7-11e9-8595-0a15cb739170&cpm=0.05&fal... HTTP 302
    https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f... Page URL
  3. https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f... HTTP 302
    https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4... Page URL
  4. https://durasser.com/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Main... Page URL
  5. https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc1... Page URL
  6. http://xml.adxfactory.com/click?i=dcBlzNswCVc_0 HTTP 302
    https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229 Page URL
  7. https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229&p=https%3A%2F%2Fbotudeso.com%2F&... HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxp/200-euro-gratis/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Page Statistics

14
Requests

71 %
HTTPS

27 %
IPv6

15
Domains

15
Subdomains

10
IPs

4
Countries

63 kB
Transfer

157 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://salinaspuretzo.com/rnd/track?axwu=WaK60IEcisyR4wb7PPY1TQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmIb46DVNJpq6LgcupF6NdZJztASq6A20B1jb0W87SoX8VlD5AHjnlrd+hi4YdjvacoLUY2tbmHBA5G3mDw+KGQk6pIxShcXt0JjE7ON9dkHnNjHxy7TsfWn6uiqIqpCnIqlsd8e2ngdxRxRe/lt/+gqOa8RNVL8b+7GvUzwzMJnQgzLYpFatR+wsskb/dk+7A== Page URL
  2. http://madagty.com/bsaui13ezuasyand78?adTagId=e2915ca0-51f7-11e9-8595-0a15cb739170&cpm=0.05&fallbackUrl=https%3A%2F%2Fbidstraff.com%2Fl%2F21367515bcdfaf81e2d9%3Fsource%3Dfb_msa HTTP 302
    https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e Page URL
  3. https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e&code=2cY3VvBDU6O0A6PD9BQkVCQUgRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3dpb3d7JH0.PWc-PguAcHYQEHqJFEVLRkcYgoIcTU9OTyCCmSRVW1ZXKIqSLDEzMjMEeYAIOAlsgHVxDw9zfHcURRV5gnsaShuLj4yTISGYkYgmbZaXkJaQIEpwZjIFbnpubAt-foJzD3aDfxR6doKKfRmPfB1qjZmJjY6EU1pUV0hRd4xjanB3c3huQihSeH9xeS5ccXQyYmc1bjdJSXlMUHxTSEBikpOQin2MinSTny82NToyODwnMFRSX1lZOi98en14NFx7eoOIQztfhZCOjYZRWlhTVlVbYFxkLjI4PCRYZ21pe3M6QUBFPUNHEnSKFk4XfIYbUxx.UlIhUVJUVFVWJ4ldXiwwMQJ2agY2Nzg5CnFyDj9AQBF1e3gWRhd.hZAcgn6KkoUhhYuRJldYWSmWmWcCMzM0NQZ6fHtxDD09P0BBQkITg4h5h40aGouOgZGUgiJUU1RYVlhYYCqQdm1wBDc4BnltbwtzgIF.ST9AhXSAfoR4i4mPjYGRmI5OhJGQUyWYiYuMK1wwMzc0NTo5B2t3fnsNDYV9fRISinuBjBhIGX1-gx5PUFFSU1RVVlZXWFpbWzAxMzQ1Njc4OTo7PD0.P0BBQkJERUZHSElKS0xNTk5QUVJTVFVWV1hZWltcMTIyNDQ2Bmpxfgs8PT4-QEFCQ0RFRkdISEpLS01NT1BRUVMjm5qaKJ9Xg2FWVz16Mnc6dXZ3eEaDO3pDfn.AgU.MRItOjlWSSmJpjFh3Io6Qk40ojZdXgFMBdHd4BjYHdGp5DAx1eoIRQRKBiBZHSEhKS0xMTk4fl4UjVFVWiFkojJyjAQF1ZmgGODsIfHpvDT9CD3SBhBRFFYR6fBpLSxyKko8hUlc_&_tdf=18 HTTP 302
    https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4b5b_966d_08dc55dae387&pi=117082_fb_msa Page URL
  4. https://durasser.com/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Mainstream_2&tracker=5iz12l5g7695mkpoo35wksokc,13057486,5,2827&af=2827&ctrack=1559235668.92646811 Page URL
  5. https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbvcPxyIccH60Vu5%252B8kG8er0s%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2 Page URL
  6. http://xml.adxfactory.com/click?i=dcBlzNswCVc_0 HTTP 302
    https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229 Page URL
  7. https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229&p=https%3A%2F%2Fbotudeso.com%2F&tested=1&check=1773cbeac41fbe562da4e71cf69eb281&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch-comedy.de/cxp/200-euro-gratis/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://madagty.com/bsaui13ezuasyand78?adTagId=e2915ca0-51f7-11e9-8595-0a15cb739170&cpm=0.05&fallbackUrl=https%3A%2F%2Fbidstraff.com%2Fl%2F21367515bcdfaf81e2d9%3Fsource%3Dfb_msa HTTP 302
  • https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e
Request Chain 2
  • https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e&code=2cY3VvBDU6O0A6PD9BQkVCQUgRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3dpb3d7JH0.PWc-PguAcHYQEHqJFEVLRkcYgoIcTU9OTyCCmSRVW1ZXKIqSLDEzMjMEeYAIOAlsgHVxDw9zfHcURRV5gnsaShuLj4yTISGYkYgmbZaXkJaQIEpwZjIFbnpubAt-foJzD3aDfxR6doKKfRmPfB1qjZmJjY6EU1pUV0hRd4xjanB3c3huQihSeH9xeS5ccXQyYmc1bjdJSXlMUHxTSEBikpOQin2MinSTny82NToyODwnMFRSX1lZOi98en14NFx7eoOIQztfhZCOjYZRWlhTVlVbYFxkLjI4PCRYZ21pe3M6QUBFPUNHEnSKFk4XfIYbUxx.UlIhUVJUVFVWJ4ldXiwwMQJ2agY2Nzg5CnFyDj9AQBF1e3gWRhd.hZAcgn6KkoUhhYuRJldYWSmWmWcCMzM0NQZ6fHtxDD09P0BBQkITg4h5h40aGouOgZGUgiJUU1RYVlhYYCqQdm1wBDc4BnltbwtzgIF.ST9AhXSAfoR4i4mPjYGRmI5OhJGQUyWYiYuMK1wwMzc0NTo5B2t3fnsNDYV9fRISinuBjBhIGX1-gx5PUFFSU1RVVlZXWFpbWzAxMzQ1Njc4OTo7PD0.P0BBQkJERUZHSElKS0xNTk5QUVJTVFVWV1hZWltcMTIyNDQ2Bmpxfgs8PT4-QEFCQ0RFRkdISEpLS01NT1BRUVMjm5qaKJ9Xg2FWVz16Mnc6dXZ3eEaDO3pDfn.AgU.MRItOjlWSSmJpjFh3Io6Qk40ojZdXgFMBdHd4BjYHdGp5DAx1eoIRQRKBiBZHSEhKS0xMTk4fl4UjVFVWiFkojJyjAQF1ZmgGODsIfHpvDT9CD3SBhBRFFYR6fBpLSxyKko8hUlc_&_tdf=18 HTTP 302
  • https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4b5b_966d_08dc55dae387&pi=117082_fb_msa
Request Chain 5
  • http://xml.adxfactory.com/click?i=dcBlzNswCVc_0 HTTP 302
  • https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229
Request Chain 8
  • http://t.co/HXFJWCUIIe HTTP 301
  • https://t.co/HXFJWCUIIe
Request Chain 9
  • http://t.co/x9tizX9PKq HTTP 301
  • https://t.co/x9tizX9PKq
Request Chain 10
  • http://tinyurl.com/y5psyqtv HTTP 301
  • http://dirtyads.de/ip-ad/

14 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set track
salinaspuretzo.com/rnd/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://salinaspuretzo.com/rnd/track?axwu=WaK60IEcisyR4wb7PPY1TQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmIb46DVNJpq6LgcupF6NdZJztASq6A20B1jb0W87SoX8VlD5AHjnlrd+hi4YdjvacoLUY2tbmHBA5G3mDw+KGQk6pIxShcXt0JjE7ON9dkHnNjHxy7TsfWn6uiqIqpCnIqlsd8e2ngdxRxRe/lt/+gqOa8RNVL8b+7GvUzwzMJnQgzLYpFatR+wsskb/dk+7A==
Protocol
HTTP/1.1
Server
2606:4700:20::6818:1d51 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
c83dc660f0bab2137cc1dd30d58af2c776485049338eeb666db1f293d0cde472

Request headers

Host
salinaspuretzo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 May 2019 17:01:07 GMT
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=db45f02872210341c7b0bd044b00f6fb81559235667; expires=Fri, 29-May-20 17:01:07 GMT; path=/; domain=.salinaspuretzo.com; HttpOnly
Referrer-Policy
origin
Cache-control
no-store, no-cache
Vary
Accept-Encoding
Server
cloudflare
CF-RAY
4df244aa2d3b97ea-FRA
Content-Encoding
gzip
21367515bcdfaf81e2d9
bidstraff.com/l/
Redirect Chain
  • http://madagty.com/bsaui13ezuasyand78?adTagId=e2915ca0-51f7-11e9-8595-0a15cb739170&cpm=0.05&fallbackUrl=https%3A%2F%2Fbidstraff.com%2Fl%2F21367515bcdfaf81e2d9%3Fsource%3Dfb_msa
  • https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e
36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e
Requested by
Host: salinaspuretzo.com
URL: http://salinaspuretzo.com/rnd/track?axwu=WaK60IEcisyR4wb7PPY1TQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmIb46DVNJpq6LgcupF6NdZJztASq6A20B1jb0W87SoX8VlD5AHjnlrd+hi4YdjvacoLUY2tbmHBA5G3mDw+KGQk6pIxShcXt0JjE7ON9dkHnNjHxy7TsfWn6uiqIqpCnIqlsd8e2ngdxRxRe/lt/+gqOa8RNVL8b+7GvUzwzMJnQgzLYpFatR+wsskb/dk+7A==
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
62.212.87.141 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
72d6afd038754d8c8199a647b2070f16fe34d0c7c9cfae35c2eeee16dcd606a8

Request headers

Host
bidstraff.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://salinaspuretzo.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://salinaspuretzo.com/

Response headers

Server
nginx
Date
Thu, 30 May 2019 17:01:08 GMT
Content-Type
text/html
Last-Modified
Mon, 27 May 2019 14:42:35 GMT
Transfer-Encoding
chunked
ETag
W/"5cebf75b-8f0f"
Expires
Thu, 31 Dec 2037 23:55:55 GMT
Cache-Control
max-age=315360000
Content-Encoding
gzip

Redirect headers

Date
Thu, 30 May 2019 17:01:08 GMT
Content-Length
0
Connection
keep-alive
Cache-Control
no-store, no-cache, pre-check=0, post-check=0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP
default-src 'self'; script-src 'self' 'unsafe-inline'
Location
https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e
Server
ZeroPark-Traffic
/
1d6168aa654.traffic-c.com/
Redirect Chain
  • https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e&code=2cY3VvBDU6O0A6PD9BQkVCQUgRhYV3Fn.GGI9-jR1PVB.JhYMkVVYml5SdK3dpb3d7JH0.PWc-PguAcHYQEHqJFE...
  • https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4b5b_966d_08dc55dae387&pi=117082_fb_msa
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4b5b_966d_08dc55dae387&pi=117082_fb_msa
Requested by
Host: salinaspuretzo.com
URL: http://salinaspuretzo.com/rnd/track?axwu=WaK60IEcisyR4wb7PPY1TQ==&af=11908_072c0f96ce4famp&ssp_info=TbFApx4nNgks14z41YFGDmIb46DVNJpq6LgcupF6NdZJztASq6A20B1jb0W87SoX8VlD5AHjnlrd+hi4YdjvacoLUY2tbmHBA5G3mDw+KGQk6pIxShcXt0JjE7ON9dkHnNjHxy7TsfWn6uiqIqpCnIqlsd8e2ngdxRxRe/lt/+gqOa8RNVL8b+7GvUzwzMJnQgzLYpFatR+wsskb/dk+7A==
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.208.172.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-208-172-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
768f40a89d0295c9310a7b204865b98d8acddaeaa1e8dcea7b0d1b0e191f900f

Request headers

:method
GET
:authority
1d6168aa654.traffic-c.com
:scheme
https
:path
/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4b5b_966d_08dc55dae387&pi=117082_fb_msa
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://bidstraff.com/l/21367515bcdfaf81e2d9?source=fb_msa&clickid=847a7c64-82fc-11e9-a8d7-128046f6e44e

Response headers

status
200
date
Thu, 30 May 2019 17:01:08 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
traffic-back=ok; expires=Thu, 30-May-2019 17:01:38 GMT; Max-Age=30; path=/; domain=.traffic-c.com t-uuid=5iz12l5gb3bid8fsphj400wc8; expires=Wed, 30-May-2029 17:01:08 GMT; Max-Age=315619200; path=/; domain=.traffic-c.com traffic-visited-offers=20509%7C1559235668%7C20509%7Cunspecified; expires=Fri, 31-May-2019 17:01:08 GMT; Max-Age=86400; path=/; domain=.traffic-c.com rts-trck=1; expires=Thu, 30-May-2019 17:11:08 GMT; Max-Age=600; path=/; domain=1d6168aa654.traffic-c.com
last-modified
Thu, 30 May 2019 17:01:08 GMT
expires
Thu, 30 May 2019 17:01:08 GMT
cache-control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
pragma
no-cache
x-robots-tag
noindex, nofollow
content-encoding
gzip

Redirect headers

Server
nginx
Date
Thu, 30 May 2019 17:01:08 GMT
Transfer-Encoding
chunked
Location
https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4b5b_966d_08dc55dae387&pi=117082_fb_msa
Cache-Control
private, max-age=0, no-cache, no-store, must-revalidate
Pragma
no-cache
Set-Cookie
BSESSID=trk74ea20cc-396b-49f3-a468-61448efedf55; Max-Age=63072000; Expires=Sat, 29 May 2021 17:01:08 GMT; Path=/
Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4
durasser.com/2iWEs/S4Gt/RYW9/ 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://durasser.com/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Mainstream_2&tracker=5iz12l5g7695mkpoo35wksokc,13057486,5,2827&af=2827&ctrack=1559235668.92646811
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.147.93.131 , United States, ASN393676 (ZENEDGE - Oracle Corporation, US),
Reverse DNS
Software
ZENEDGE /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

:method
GET
:authority
durasser.com
:scheme
https
:path
/2iWEs/S4Gt/RYW9/Hcnse1U2_5IkZ5ZAs5bZgj3LhywhRcAUrhkjpYYEAgYrtZ-XCA4?T4g=Mainstream_2&tracker=5iz12l5g7695mkpoo35wksokc,13057486,5,2827&af=2827&ctrack=1559235668.92646811
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4b5b_966d_08dc55dae387&pi=117082_fb_msa
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://1d6168aa654.traffic-c.com/?p=2827&media_type=mainstream&click_id=bmconv_20190530190108_31cd5f41_aba8_4b5b_966d_08dc55dae387&pi=117082_fb_msa

Response headers

status
200
content-type
text/html;charset=utf-8
x-cache-status
NOTCACHED
x-zen-fury
f434b8dc161b27c24c5edd6aca8a03c9cff75752
date
Thu, 30 May 2019 17:01:08 GMT
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
set-cookie
NfFkRdM4lqwgbiG78%2BUJDvgwlnV3Ym319a2jbdOC07o%3D=267e28956022e5834bb5d7f584781102_1559235668.6825; domain=durasser.com; path=/; expires=Sun, 27-May-2029 17:01:08 UTC; Secure %2F5ylJ4SeJomlZC%2F8FmSETlHltYW5Xc1j6HMR3SwHSQ4%3D=1559235668.6854; domain=durasser.com; path=/; expires=Sun, 27-May-2029 17:01:08 UTC; Secure 4NCpywJlw38q9nRCrV2iYepvFUnAVtQvrb%2FABG5b6ZI%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3U2UwWHJ0eDNnOXFabFRLTkJ6VUsyRllzRVJWYVErZFhLUi9PR2R2akozTQ%3D%3D; domain=durasser.com; path=/; expires=Sun, 27-May-2029 17:01:08 UTC; Secure 267e28956022e5834bb5d7f584781102_1559235668.6825_ck=ck1JbktjM2d5ZHdqZ0pMbmNTTC83bnZEc0kzbHpMem9zQnQxUTE4UkJTc3pwSFlKY3BWM212TCt6Rldsb0p6U2NHNGJ1SFJUUzRSN1VkWlhETFVwT2ttUFlxZFdvS1JaWGxHUjhsMDJCNXN2ZmlZRVVOYnpGR29YYzJUNGlSS2RwK2U4bUE2Z3ozd0VQWDBFZzZwQkJGaEFCSTd5dVNaS2FsUWRycGZack5NejZyRTNKVVdiaks1a0dlTGlvYjR6bHZGZnVXSFhZalVMZXFWL1YvWnU5cWNYbkpUTzdkVE8vWWNsL2RNcE9GNnF4a05zb1pjYktGeXQxN1ppK29rZjF3dUNSaU5jdDlaYUJlMWpJQlZuYVh0OUhKUlJKdTRrV2JzcHo4RDcybjZTWGRpd1pwMGhEbjhTdmN5bnp6ME84NG1IUktQck4vN2huMUNodHdUSDlFdTZqa2NpOXlxZlhwSkVkcStBdXdBNVEvQzlGOHpNMjdYWlJEYldKZDA4NDZReWw1Q2prem8yQ0pEeDBKeExTVnNZQSswRGtzZTU0OCtsd1BQOXRMTmJKREZmak1yMDF4OWY3N0RoUFlpdFNHQlRNUXZOWlBnTFpweS94bFVhY1YrNXVwN3pEVklYc1QyS2xpcTIyamQya3VWclpLMENZaGdPWFJrTzlSbXFwMmsydit2N1hWSWR3RDFyazlDWmFCSHJnZzlONFFCNkladlRsSklrUnJvZUNacGYwL21jUFlIWHR5cjEwUHFoM244VVp0MHFIbzFvNW5iKzdNNk10MnlwRnFxY1NTVUQ0aHVybzhBdHB0L240amZsc0VXRFJpMWQwbHFEVkRlNjBOWVpBT0pGM3hZWkxiNkpYcFZ0bzNoMUgvQjZlYktLWGVGeCtGVXlDMXpadmMycjA5bTFQOExGamUwbEVDdEl0VG9DT3UvRmMyQkNxRHVBSlErVllTdVRoR25NNFJZK1VlOFdXSS9TYXRZWUxadXcxQm1qQUdwMTliY3lDekdOOE5xSVBpQVFjRlZCaDUyY2NKek9MWFhBSi9WdDBSSWpYNmZpTU9hNGFyQnJyRlFUckpyNE9pdVc1cnhQWWxoTis2dEgwSmxjaFdWVU5WT3FUd05YL3VPWUg4eDV0NlVsRVBvY1lBamg5OG45RFhad01oWCt4SjVNdVBBVEo5Yjg%3D; domain=durasser.com; path=/; expires=Sun, 27-May-2029 17:01:08 UTC; Secure uLXq6amEJTkDhRGEX2qUh2211wruvx4pLD2lR6ntGOw%3D=ckJxY3FzODcxZVU1ZGhHUjNlNlRwMzVIeXZnNFh5NnRvWW1DU1Z6Qjd2dnRzb3JaTUx0YklnZ0F5U0RQSGJ5VVNycjk0ZEJHajJwSUxuQStjWEdSbGpkL29PTkkvMEdpbFhlOFdVS0xpQnc9; domain=durasser.com; path=/; expires=Thu, 30-May-2019 18:06:08 UTC; Secure SERVERID=sfc41; path=/
vary
Accept-Encoding Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
ZENEDGE
x-cdn
Served-By-Zenedge
auction
botudeso.com/ 		3 KB
1017 B 		Document
General
Check archive.org
Download Go to
Full URL
https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbvcPxyIccH60Vu5%252B8kG8er0s%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.25.186.102 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f2f5cc5b5ca749a949d048b96f8d353862bf0f533b98ffdd01994b5b0b16a7d

Request headers

:method
GET
:authority
botudeso.com
:scheme
https
:path
/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbvcPxyIccH60Vu5%252B8kG8er0s%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://durasser.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://durasser.com/

Response headers

status
200
date
Thu, 30 May 2019 17:01:09 GMT
content-type
text/html;charset=ISO-8859-1
set-cookie
__cfduid=d809b51519e5d1e1f3956f10d4e019caf1559235668; expires=Fri, 29-May-20 17:01:08 GMT; path=/; domain=.botudeso.com; HttpOnly
cache-control
no-store, no-cache
vary
Accept-Encoding
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4df244b1af64d8fd-AMS
content-encoding
br
Cookie set splash.php
syndication.dynsrvtbg.com/
Redirect Chain
  • http://xml.adxfactory.com/click?i=dcBlzNswCVc_0
  • https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229
1 KB
932 B 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229
Requested by
Host: botudeso.com
URL: https://botudeso.com/auction?info=imoSvZ5PR%252Fw0i9YbG5K28IqCXHv4GAgqtCSDoJ64XxxishHRQGYqu74Ggc12WvY9fvlFsJ0HF1ActoN7bQRbvcPxyIccH60Vu5%252B8kG8er0s%253D&sid=2IHskw9IH890twQercOCfxTks7Ax8uUQJj7NkxFl12o8FvoTUMYCAIaDvuBJqmMo&id=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.211.229.246 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
nginx /
Resource Hash
58ae6a0139bf070bec5b180b0716ac199782ba7bf34b8ca1fcdab751229e5fb6

Request headers

Host
syndication.dynsrvtbg.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://botudeso.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://botudeso.com/

Response headers

Server
nginx
Date
Thu, 30 May 2019 17:01:09 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__uvt=a%3A1%3A%7Bi%3A0%3Bs%3A33%3A%225cf00c557d1dc0.540220101580507118%22%3B%7D; expires=Sat, 29-May-2021 17:01:09 GMT; Max-Age=63072000; domain=dynsrvtbg.com
Content-Encoding
gzip

Redirect headers

Location
https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229
Connection
keep-alive
Content-Length
0
Primary Request /
www.critch-comedy.de/cxp/200-euro-gratis/
Redirect Chain
  • https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229&p=https%3A%2F%2Fbotudeso.com%2F&tested=1&check=1773cbeac41fbe562da4e71cf69eb281&screen_resolution=1600x1200&container_r...
  • http://www1.lustich.de/link
  • http://www1.lustich.de/link/
  • http://www.critch-comedy.de/cxp/200-euro-gratis/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.critch-comedy.de/cxp/200-euro-gratis/
Requested by
Host: syndication.dynsrvtbg.com
URL: https://syndication.dynsrvtbg.com/splash.php?idzone=3213889&type=8&sub=161229
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
ca61e9f547a3af71d2243d5efd0d3fbe694af2e78ad91bf79cc012776c280d59

Request headers

Host
www.critch-comedy.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 May 2019 17:01:09 GMT
Server
Apache
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Access-Control-Allow-Headers
Authorization
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Last-Modified
Sat, 06 Apr 2019 17:05:13 GMT
ETag
"55d-585df9b534e09-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
780
Keep-Alive
timeout=15, max=100
Content-Type
text/html

Redirect headers

Date
Thu, 30 May 2019 17:01:09 GMT
Server
Apache
Location
http://www.critch-comedy.de/cxp/200-euro-gratis/
Content-Length
0
Keep-Alive
timeout=15, max=99
Connection
Keep-Alive
Content-Type
text/html; charset=utf-8
showads.js
www.critch-comedy.de/cxp/200-euro-gratis/ 		21 B
400 B 		Script
General
Check archive.org
Download Go to
Full URL
http://www.critch-comedy.de/cxp/200-euro-gratis/showads.js
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
abd9155ac0fe0e62fdb9e2c1c333357cd33107972a57eff5224b0f3d0d2df316

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Thu, 30 May 2019 17:01:09 GMT
Last-Modified
Wed, 27 Mar 2019 14:12:07 GMT
Server
Apache
ETag
"15-5851405d534cb"
Access-Control-Allow-Methods
GET, POST, PUT, DELETE
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
Authorization
Content-Length
21
Keep-Alive
timeout=15, max=99
js
www.googletagmanager.com/gtag/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
6cf90713e5ab3156a7beb19f9aca74e7d0fae1f9730d33008fa3140021c6f12d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 May 2019 17:01:09 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
25280
x-xss-protection
0
expires
Thu, 30 May 2019 17:01:09 GMT
HXFJWCUIIe
t.co/ Frame C4C7
Redirect Chain
  • http://t.co/HXFJWCUIIe
  • https://t.co/HXFJWCUIIe
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/HXFJWCUIIe
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/HXFJWCUIIe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
215
content-type
text/html; charset=utf-8
date
Thu, 30 May 2019 17:01:10 GMT
expires
Thu, 30 May 2019 17:06:10 GMT
server
tsa_f
set-cookie
muc=7e88e78e-9d84-4518-aac1-5345eacd01f0; Max-Age=63072000; Expires=Sat, 29 May 2021 17:01:10 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
c82a1e491511496868a5099444f9eed4
x-response-time
121
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Thu, 30 May 2019 17:01:09 GMT
location
https://t.co/HXFJWCUIIe
server
tsa_f
x-connection-hash
e4ea237122f3476ee17cb328fc748d79
x-response-time
113
x9tizX9PKq
t.co/ Frame 9586
Redirect Chain
  • http://t.co/x9tizX9PKq
  • https://t.co/x9tizX9PKq
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/x9tizX9PKq
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER - Twitter Inc., US),
Reverse DNS
Software
tsa_f /
Resource Hash
Security Headers
Name Value
Content-Security-Policy referrer always;
Strict-Transport-Security max-age=0
X-Xss-Protection 1; mode=block; report=https://twitter.com/i/xss_report

Request headers

:method
GET
:authority
t.co
:scheme
https
:path
/x9tizX9PKq
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

status
200
cache-control
private,max-age=300
content-encoding
gzip
content-length
186
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Thu, 30 May 2019 17:01:10 GMT
expires
Thu, 30 May 2019 17:06:10 GMT
referrer-policy
unsafe-url
server
tsa_f
set-cookie
muc=d006f49b-7d99-49aa-88ec-8bd46d46ef8c; Max-Age=63072000; Expires=Sat, 29 May 2021 17:01:10 GMT; Domain=t.co
strict-transport-security
max-age=0
vary
Origin
x-connection-hash
c82a1e491511496868a5099444f9eed4
x-response-time
122
x-xss-protection
1; mode=block; report=https://twitter.com/i/xss_report

Redirect headers

content-length
0
date
Thu, 30 May 2019 17:01:09 GMT
location
https://t.co/x9tizX9PKq
server
tsa_f
x-connection-hash
72b1817133aed90d209723c141488157
x-response-time
113
/
dirtyads.de/ip-ad/ Frame 4A14
Redirect Chain
  • http://tinyurl.com/y5psyqtv
  • http://dirtyads.de/ip-ad/
0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://dirtyads.de/ip-ad/
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash

Request headers

Host
dirtyads.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/

Response headers

Date
Thu, 30 May 2019 17:01:10 GMT
Server
Apache
Upgrade
h2c
Connection
Upgrade, Keep-Alive
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
259
Keep-Alive
timeout=15, max=100
Content-Type
text/html; charset=utf-8

Redirect headers

Date
Thu, 30 May 2019 17:01:10 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=dcb6bd3ca26a12b9d4a278f2abf3bef001559235669; expires=Fri, 29-May-20 17:01:09 GMT; path=/; domain=.tinyurl.com; HttpOnly tinyUUID=cf00c5a0735c000000000000; expires=Fri, 29-May-2020 17:01:09 GMT; Max-Age=31536000; path=/; domain=.tinyurl.com
Location
http://dirtyads.de/ip-ad/
X-tiny
cache 0.0096828937530518
Server
cloudflare
CF-RAY
4df244b848a0c2c7-FRA
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
5316
date
Thu, 30 May 2019 15:32:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Thu, 30 May 2019 17:32:33 GMT
collect
www.google-analytics.com/r/ 		35 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j76&aip=1&a=362889986&t=pageview&_s=1&dl=http%3A%2F%2Fwww.critch-comedy.de%2Fcxp%2F200-euro-gratis%2F&ul=en-us&de=UTF-8&dt=200%20Euro%20gratis%20-%20Critch%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=911624859&gjid=1114645443&cid=1930661257.1559235670&tid=UA-117671757-2&_gid=1718380258.1559235670&_r=1&gtm=2ou5f2&z=643871325
Requested by
Host: www.critch-comedy.de
URL: http://www.critch-comedy.de/cxp/200-euro-gratis/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:814::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch-comedy.de/cxp/200-euro-gratis/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 30 May 2019 17:01:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask boolean| canRunAds function| gtag object| dataLayer undefined| leave object| google_tag_manager string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData

1 Cookies

Domain/Path Name / Value
.botudeso.com/ Name: __cfduid
Value: d809b51519e5d1e1f3956f10d4e019caf1559235668