urlscan.io logo urlscan.io
SecurityTrails logo

www.critch.de Open in urlscan Pro
78.46.10.196  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://sp.popcash.net/go/187031/400751
Effective URL: http://www.critch.de/nullstartkapital/
Submission: On July 09 via manual from TW
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 3 countries across 12 domains to perform 10 HTTP transactions. The main IP is 78.46.10.196, located in Germany and belongs to HETZNER-AS, DE. The main domain is www.critch.de.
This is the only time www.critch.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 107.21.36.248 14618 (AMAZON-AES)
1 1 216.172.60.242 50245 (SERVEREL-AS)
1 216.172.60.227 50245 (SERVEREL-AS)
1 34.197.168.203 14618 (AMAZON-AES)
1 1 54.173.88.151 14618 (AMAZON-AES)
1 2 64.111.199.222 23393 (NUCDN)
2 2 78.46.155.195 24940 (HETZNER-AS)
1 2 78.46.10.196 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 188.40.20.23 24940 (HETZNER-AS)
1 1 67.199.248.10 395224 (BITLY-AS)
2 2a00:1450:400... 15169 (GOOGLE)
10 8
2    107.21.36.248 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-107-21-36-248.compute-1.amazonaws.com
sp.popcash.net
1    216.172.60.242 (United States)

ASN50245 (SERVEREL-AS, NL)
PTR: 242.60.serverel.net
18007.adslaney.com
1    216.172.60.227 (United States)

ASN50245 (SERVEREL-AS, NL)
PTR: 227.60.serverel.net
3579874335.lighty.info
1    34.197.168.203 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-197-168-203.compute-1.amazonaws.com
sax.peakonspot.com
1    54.173.88.151 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-173-88-151.compute-1.amazonaws.com
kqufra.peak-serving.com
2    64.111.199.222 (Weehawken, United States)

ASN23393 (NUCDN - NuCDN LLC, US)
syndication.exdynsrv.com
2    78.46.155.195 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi3961.your-server.de
www1.lustich.de
2    78.46.10.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: dedi1996.your-server.de
www.critch.de
1    2a00:1450:400e:80a::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
4    188.40.20.23 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.23.20.40.188.clients.your-server.de
www.privatelink.de
1    67.199.248.10 (United States)

ASN395224 (BITLY-AS - Bitly Inc, US)
bit.ly
2    2a00:1450:4001:81c::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
Domain Requested by
4 www.privatelink.de 2 redirects www.critch.de
2 www.google-analytics.com www.googletagmanager.com
www.critch.de
2 www.critch.de 1 redirects syndication.exdynsrv.com
2 www1.lustich.de 2 redirects
2 syndication.exdynsrv.com 1 redirects sax.peakonspot.com
2 sp.popcash.net 1 redirects
1 bit.ly 1 redirects
1 www.googletagmanager.com www.critch.de
1 kqufra.peak-serving.com 1 redirects
1 sax.peakonspot.com 3579874335.lighty.info
1 3579874335.lighty.info sp.popcash.net
1 18007.adslaney.com 1 redirects
10 12

This site contains no links.

Subject Issuer Validity Valid
sax.peakonspot.com
COMODO RSA Domain Validation Secure Server CA		 2018-03-08 -
2019-03-08		 a year crt.sh
exdynsrv.com
Let's Encrypt Authority X3		 2018-05-07 -
2018-08-05		 3 months crt.sh
*.privatelink.de
COMODO RSA Domain Validation Secure Server CA		 2017-09-08 -
2020-09-07		 3 years crt.sh

This page contains 3 frames:

Primary Page: http://www.critch.de/nullstartkapital/
Frame ID: A7E2332465775239C2C96EB1BDE5DAA2
Requests: 8 HTTP requests in this frame

Frame: https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F4e8w176lgA
Frame ID: 8186FF8B86785789F5E5FE51B7370821
Requests: 1 HTTP requests in this frame

Frame: https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx
Frame ID: EF4A1DBE2485F4F5F4CC2428EC044EA4
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://sp.popcash.net/go/187031/400751 Page URL
  2. http://sp.popcash.net/sgo/ad?p=187031&w=400751&t=c4f2bd133b48e524&r=&vw=1600&vh=1200 HTTP 303
    http://18007.adslaney.com/d.php?campaing=18008&link_id=gXs4C&source=400751 HTTP 302
    http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785 Page URL
  3. https://sax.peakonspot.com/pops/filter.php?rd=kqufra.peak-serving.com&id=15311339283361325613223016&tid... Page URL
  4. http://kqufra.peak-serving.com/?&version=1&id=15311339283361325613223016&t=imp&tid=4798&filter=1&ftype=js&t... HTTP 302
    https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR0... Page URL
  5. https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR0... HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch.de/nullstartkapital HTTP 301
    http://www.critch.de/nullstartkapital/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Page Statistics

10
Requests

40 %
HTTPS

17 %
IPv6

12
Domains

12
Subdomains

8
IPs

3
Countries

49 kB
Transfer

117 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sp.popcash.net/go/187031/400751 Page URL
  2. http://sp.popcash.net/sgo/ad?p=187031&w=400751&t=c4f2bd133b48e524&r=&vw=1600&vh=1200 HTTP 303
    http://18007.adslaney.com/d.php?campaing=18008&link_id=gXs4C&source=400751 HTTP 302
    http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785 Page URL
  3. https://sax.peakonspot.com/pops/filter.php?rd=kqufra.peak-serving.com&id=15311339283361325613223016&tid=4798&t=imp&end=2 Page URL
  4. http://kqufra.peak-serving.com/?&version=1&id=15311339283361325613223016&t=imp&tid=4798&filter=1&ftype=js&trs=15311339291213252&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined HTTP 302
    https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR016TWpsa1ptSTNaZz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1OTY1ODJ8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjR8MS4xNjR8MjJ8fDF8REVVfHw2MHwyfDF8fDQ3NmQ1ZjhkMWNjOTlhOTEyMjNhMTA5MmYyNjZiNTUzfDlmNWE4OTYzOWQwMTY2OWY4NzYxOTBkNjNhNmExNmNhfDB8Mnw0Nzk4LTgxNTcwMDQwYTIyYTJlODgwOWQ3MDMyNmZmMzI3YjJjLnBlYWthZHguY29tfDB8MHwwfDB8MXwwfGV4Y2hhbmdlX2xpbmt8YmY0ODZmM2FiYTRjNDMyNjMyYmRlZDBmOTlhN2JkNDJ8MHwwfDB8MHwtMXwwfDB8aG9zdGluZ3x8MXwxNDQwfHwyfE9LfGMwNjIxYjZkZDBiMzIwMWE5ZTlmZDc2MDExZTc5MGVm Page URL
  5. https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR016TWpsa1ptSTNaZz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1OTY1ODJ8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjR8MS4xNjR8MjJ8fDF8REVVfHw2MHwyfDF8fDQ3NmQ1ZjhkMWNjOTlhOTEyMjNhMTA5MmYyNjZiNTUzfDlmNWE4OTYzOWQwMTY2OWY4NzYxOTBkNjNhNmExNmNhfDB8Mnw0Nzk4LTgxNTcwMDQwYTIyYTJlODgwOWQ3MDMyNmZmMzI3YjJjLnBlYWthZHguY29tfDB8MHwwfDB8MXwwfGV4Y2hhbmdlX2xpbmt8YmY0ODZmM2FiYTRjNDMyNjMyYmRlZDBmOTlhN2JkNDJ8MHwwfDB8MHwtMXwwfDB8aG9zdGluZ3x8MXwxNDQwfHwyfE9LfGMwNjIxYjZkZDBiMzIwMWE5ZTlmZDc2MDExZTc5MGVm&p=https%3A%2F%2Fadexchange-708354.com&tested=1&check=4aac90945af22701a235bc3636c0a0d2&screen_resolution=1600x1200&container_resolution=1600x1200&iframe=0 HTTP 302
    http://www1.lustich.de/link HTTP 301
    http://www1.lustich.de/link/ HTTP 302
    http://www.critch.de/nullstartkapital HTTP 301
    http://www.critch.de/nullstartkapital/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • http://sp.popcash.net/sgo/ad?p=187031&w=400751&t=c4f2bd133b48e524&r=&vw=1600&vh=1200 HTTP 303
  • http://18007.adslaney.com/d.php?campaing=18008&link_id=gXs4C&source=400751 HTTP 302
  • http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785
Request Chain 3
  • http://kqufra.peak-serving.com/?&version=1&id=15311339283361325613223016&t=imp&tid=4798&filter=1&ftype=js&trs=15311339291213252&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined HTTP 302
  • https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR016TWpsa1ptSTNaZz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1OTY1ODJ8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjR8MS4xNjR8MjJ8fDF8REVVfHw2MHwyfDF8fDQ3NmQ1ZjhkMWNjOTlhOTEyMjNhMTA5MmYyNjZiNTUzfDlmNWE4OTYzOWQwMTY2OWY4NzYxOTBkNjNhNmExNmNhfDB8Mnw0Nzk4LTgxNTcwMDQwYTIyYTJlODgwOWQ3MDMyNmZmMzI3YjJjLnBlYWthZHguY29tfDB8MHwwfDB8MXwwfGV4Y2hhbmdlX2xpbmt8YmY0ODZmM2FiYTRjNDMyNjMyYmRlZDBmOTlhN2JkNDJ8MHwwfDB8MHwtMXwwfDB8aG9zdGluZ3x8MXwxNDQwfHwyfE9LfGMwNjIxYjZkZDBiMzIwMWE5ZTlmZDc2MDExZTc5MGVm
Request Chain 5
  • https://www.privatelink.de/sf/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F4e8w176lgA HTTP 301
  • https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F4e8w176lgA
Request Chain 6
  • http://bit.ly/2oHl00R HTTP 301
  • https://www.privatelink.de/sf/?http://privatelink.de/%3Fhttps://t.co/z7rulNZ8zx HTTP 301
  • https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx

10 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
400751
sp.popcash.net/go/187031/ 		427 B
468 B 		Document
General
Check archive.org
Download Go to
Full URL
http://sp.popcash.net/go/187031/400751
Protocol
HTTP/1.1
Server
107.21.36.248 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-107-21-36-248.compute-1.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
b2178b8a175e1d3245abe7053dc79f0e8180bf591349d556e0c159df46b79397

Request headers

Host
sp.popcash.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
A7E2332465775239C2C96EB1BDE5DAA2

Response headers

Content-Encoding
gzip
Content-Type
text/html
Date
Mon, 09 Jul 2018 10:58:47 GMT
Server
nginx/1.12.2
Vary
Accept-Encoding
Content-Length
273
Connection
keep-alive
go.php
3579874335.lighty.info/
Redirect Chain
  • http://sp.popcash.net/sgo/ad?p=187031&w=400751&t=c4f2bd133b48e524&r=&vw=1600&vh=1200
  • http://18007.adslaney.com/d.php?campaing=18008&link_id=gXs4C&source=400751
  • http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785
2 KB
977 B 		Document
General
Check archive.org
Download Go to
Full URL
http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785
Requested by
Host: sp.popcash.net
URL: http://sp.popcash.net/go/187031/400751
Protocol
HTTP/1.1
Server
216.172.60.227 , United States, ASN50245 (SERVEREL-AS, NL),
Reverse DNS
227.60.serverel.net
Software
nginx / PHP/5.6.30
Resource Hash
4dfa6af40e6e5f81989d35ebc3c5267d53c379efd5fdcc39dffe4199bcb57a18

Request headers

Host
3579874335.lighty.info
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://sp.popcash.net/go/187031/400751
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
A7E2332465775239C2C96EB1BDE5DAA2
Referer
http://sp.popcash.net/go/187031/400751

Response headers

Server
nginx
Date
Mon, 09 Jul 2018 10:58:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Expires
Mon, 09 Jul 2018 10:58:48 GMT
Last-Modified
Mon, 09 Jul 2018 10:58:48 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 09 Jul 2018 10:58:48 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Powered-By
PHP/5.6.30
Expires
Mon, 09 Jul 2018 10:58:48 GMT
Last-Modified
Mon, 09 Jul 2018 10:58:48 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785
filter.php
sax.peakonspot.com/pops/ 		7 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sax.peakonspot.com/pops/filter.php?rd=kqufra.peak-serving.com&id=15311339283361325613223016&tid=4798&t=imp&end=2
Requested by
Host: 3579874335.lighty.info
URL: http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.168.203 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-34-197-168-203.compute-1.amazonaws.com
Software
nginx /
Resource Hash
78a47d8990d6a97a1f8022a79ee6e4e1a2af2228f3ce97adaeec185b8772336d

Request headers

Host
sax.peakonspot.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
A7E2332465775239C2C96EB1BDE5DAA2
Referer
http://3579874335.lighty.info/go.php?aid=5b433fe8121218.68916785

Response headers

Cache-Control
no-store, no-cache, must-revalidate
Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Jul 2018 10:58:49 GMT
Expires
Sat, 26 Jul 1997 05:00:00 GMT
Server
nginx
Content-Length
7142
Connection
keep-alive
cimp.php
syndication.exdynsrv.com/
Redirect Chain
  • http://kqufra.peak-serving.com/?&version=1&id=15311339283361325613223016&t=imp&tid=4798&filter=1&ftype=js&trs=15311339291213252&end=1&fwidth=1600&fheight=1200&fiframe=false&fiframesandbox=undefined
  • https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR016TWpsa1ptSTNaZz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERV...
3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR016TWpsa1ptSTNaZz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1OTY1ODJ8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjR8MS4xNjR8MjJ8fDF8REVVfHw2MHwyfDF8fDQ3NmQ1ZjhkMWNjOTlhOTEyMjNhMTA5MmYyNjZiNTUzfDlmNWE4OTYzOWQwMTY2OWY4NzYxOTBkNjNhNmExNmNhfDB8Mnw0Nzk4LTgxNTcwMDQwYTIyYTJlODgwOWQ3MDMyNmZmMzI3YjJjLnBlYWthZHguY29tfDB8MHwwfDB8MXwwfGV4Y2hhbmdlX2xpbmt8YmY0ODZmM2FiYTRjNDMyNjMyYmRlZDBmOTlhN2JkNDJ8MHwwfDB8MHwtMXwwfDB8aG9zdGluZ3x8MXwxNDQwfHwyfE9LfGMwNjIxYjZkZDBiMzIwMWE5ZTlmZDc2MDExZTc5MGVm
Requested by
Host: sax.peakonspot.com
URL: https://sax.peakonspot.com/pops/filter.php?rd=kqufra.peak-serving.com&id=15311339283361325613223016&tid=4798&t=imp&end=2
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.111.199.222 Weehawken, United States, ASN23393 (NUCDN - NuCDN LLC, US),
Reverse DNS
Software
nginx /
Resource Hash
d459a96666eb2f525f66cebae0758ba7e95738045279a77db18cf43f26d80e3e

Request headers

Host
syndication.exdynsrv.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
A7E2332465775239C2C96EB1BDE5DAA2

Response headers

Server
nginx
Date
Mon, 09 Jul 2018 10:58:50 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip

Redirect headers

Content-Type
text/html; charset=UTF-8
Date
Mon, 09 Jul 2018 10:58:50 GMT
Location
https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR016TWpsa1ptSTNaZz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1OTY1ODJ8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjR8MS4xNjR8MjJ8fDF8REVVfHw2MHwyfDF8fDQ3NmQ1ZjhkMWNjOTlhOTEyMjNhMTA5MmYyNjZiNTUzfDlmNWE4OTYzOWQwMTY2OWY4NzYxOTBkNjNhNmExNmNhfDB8Mnw0Nzk4LTgxNTcwMDQwYTIyYTJlODgwOWQ3MDMyNmZmMzI3YjJjLnBlYWthZHguY29tfDB8MHwwfDB8MXwwfGV4Y2hhbmdlX2xpbmt8YmY0ODZmM2FiYTRjNDMyNjMyYmRlZDBmOTlhN2JkNDJ8MHwwfDB8MHwtMXwwfDB8aG9zdGluZ3x8MXwxNDQwfHwyfE9LfGMwNjIxYjZkZDBiMzIwMWE5ZTlmZDc2MDExZTc5MGVm
Server
nginx
Content-Length
0
Connection
keep-alive
Primary Request /
www.critch.de/nullstartkapital/
Redirect Chain
  • https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR016TWpsa1ptSTNaZz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERV...
  • http://www1.lustich.de/link
  • http://www1.lustich.de/link/
  • http://www.critch.de/nullstartkapital
  • http://www.critch.de/nullstartkapital/
851 B
841 B 		Document
General
Check archive.org
Download Go to
Full URL
http://www.critch.de/nullstartkapital/
Requested by
Host: syndication.exdynsrv.com
URL: https://syndication.exdynsrv.com/cimp.php?data=TVRVek1URXpNemt5T0h3NFpXWXhNV1ZpWVRZNU56RmhNMlU0TlRZMk9XTTBaR016TWpsa1ptSTNaZz09fGh0dHA6Ly93d3cxLmx1c3RpY2guZGUvbGlua3xodHRwc3wxNDguMjUxLjQ1LjI1NHxERVV8NDF8YWRleGNoYW5nZS03MDgzNTQuY29tfDUyNjE5MHw1MzAzNDB8NzA4MzU0fDI4NjIzNDJ8NTEzfDIzNTg3MzB8MjAwNjczODZ8MTZ8MnwwfDB8MzM1OTY1ODJ8MHwxMS4xfDgwfFVTRHxFVVJ8MS4xNjR8MS4xNjR8MjJ8fDF8REVVfHw2MHwyfDF8fDQ3NmQ1ZjhkMWNjOTlhOTEyMjNhMTA5MmYyNjZiNTUzfDlmNWE4OTYzOWQwMTY2OWY4NzYxOTBkNjNhNmExNmNhfDB8Mnw0Nzk4LTgxNTcwMDQwYTIyYTJlODgwOWQ3MDMyNmZmMzI3YjJjLnBlYWthZHguY29tfDB8MHwwfDB8MXwwfGV4Y2hhbmdlX2xpbmt8YmY0ODZmM2FiYTRjNDMyNjMyYmRlZDBmOTlhN2JkNDJ8MHwwfDB8MHwtMXwwfDB8aG9zdGluZ3x8MXwxNDQwfHwyfE9LfGMwNjIxYjZkZDBiMzIwMWE5ZTlmZDc2MDExZTc5MGVm
Protocol
HTTP/1.1
Server
78.46.10.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
dedi1996.your-server.de
Software
Apache /
Resource Hash
978cb2529f18f0753d371f9333ca146d8f29d3af037a12288452d543b31cdff5

Request headers

Host
www.critch.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
A7E2332465775239C2C96EB1BDE5DAA2

Response headers

Date
Mon, 09 Jul 2018 10:58:51 GMT
Server
Apache
Last-Modified
Sun, 24 Jun 2018 10:29:49 GMT
ETag
"353-56f60bea0febc-gzip"
Accept-Ranges
bytes
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
520
Keep-Alive
timeout=15, max=99
Connection
Keep-Alive
Content-Type
text/html

Redirect headers

Date
Mon, 09 Jul 2018 10:58:51 GMT
Server
Apache
Location
http://www.critch.de/nullstartkapital/
Content-Length
309
Keep-Alive
timeout=15, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=iso-8859-1
js
www.googletagmanager.com/gtag/ 		69 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Requested by
Host: www.critch.de
URL: http://www.critch.de/nullstartkapital/
Protocol
SPDY
Server
2a00:1450:400e:80a::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
1fd259f055f8efadde95a31bc1d046ad3e12bb931a01125f8763c537525d61f5
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
http://www.critch.de/nullstartkapital/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 09 Jul 2018 10:58:51 GMT
content-encoding
gzip
server
Google Tag Manager (scaffolding)
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
24842
x-xss-protection
1; mode=block
expires
Mon, 09 Jul 2018 10:58:51 GMT
/
www.privatelink.de/ Frame 8186
Redirect Chain
  • https://www.privatelink.de/sf/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F4e8w176lgA
  • https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F4e8w176lgA
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F4e8w176lgA
Requested by
Host: www.critch.de
URL: http://www.critch.de/nullstartkapital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.20.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.23.20.40.188.clients.your-server.de
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
www.privatelink.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
JSESSIONID=8A58E514229016AD6D4A9838EA322473
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
A7E2332465775239C2C96EB1BDE5DAA2

Response headers

Server
Apache-Coyote/1.1
Referrer-Policy
no-referrer
Content-Type
text/html;charset=UTF-8
Content-Language
en
Content-Length
5005
Date
Mon, 09 Jul 2018 10:58:50 GMT

Redirect headers

Server
Apache-Coyote/1.1
Set-Cookie
JSESSIONID=8A58E514229016AD6D4A9838EA322473; Path=/; Secure; HttpOnly
Referrer-Policy
no-referrer
Location
/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2F4e8w176lgA
Content-Length
0
Date
Mon, 09 Jul 2018 10:58:50 GMT
/
www.privatelink.de/ Frame EF4A
Redirect Chain
  • http://bit.ly/2oHl00R
  • https://www.privatelink.de/sf/?http://privatelink.de/%3Fhttps://t.co/z7rulNZ8zx
  • https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.privatelink.de/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx
Requested by
Host: www.critch.de
URL: http://www.critch.de/nullstartkapital/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.40.20.23 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.23.20.40.188.clients.your-server.de
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
www.privatelink.de
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Cookie
JSESSIONID=8A58E514229016AD6D4A9838EA322473
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
A7E2332465775239C2C96EB1BDE5DAA2

Response headers

Server
Apache-Coyote/1.1
Referrer-Policy
no-referrer
Content-Type
text/html;charset=UTF-8
Content-Language
en
Content-Length
5005
Date
Mon, 09 Jul 2018 10:58:50 GMT

Redirect headers

Server
Apache-Coyote/1.1
Referrer-Policy
no-referrer
Location
/?http%3A%2F%2Fprivatelink.de%2F%3Fhttps%3A%2F%2Ft.co%2Fz7rulNZ8zx
Content-Length
0
Date
Mon, 09 Jul 2018 10:58:50 GMT
analytics.js
www.google-analytics.com/ 		34 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-117671757-2
Protocol
SPDY
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3fab1c883847e4b5a02f3749a9f4d9eab15cd4765873d3b2904a1a4c8755fba3
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch.de/nullstartkapital/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 18 May 2018 01:10:24 GMT
server
Golfe2
age
3088
date
Mon, 09 Jul 2018 10:07:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
14386
expires
Mon, 09 Jul 2018 12:07:23 GMT
collect
www.google-analytics.com/r/ 		35 B
111 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j68&a=1481933231&t=pageview&_s=1&dl=http%3A%2F%2Fwww.critch.de%2Fnullstartkapital%2F&ul=en-us&de=UTF-8&dt=Buch%20geschenkt%20-%20Critch%20Bonus&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAUAB~&jid=511231241&gjid=1143516414&cid=2023781800.1531133931&tid=UA-117671757-2&_gid=935254073.1531133931&_r=1&gtm=u6c&z=1499670783
Requested by
Host: www.critch.de
URL: http://www.critch.de/nullstartkapital/
Protocol
SPDY
Server
2a00:1450:4001:81c::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://www.critch.de/nullstartkapital/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 09 Jul 2018 10:58:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

8 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| gtag object| dataLayer object| google_tag_manager string| GoogleAnalyticsObject function| ga object| gaplugins object| gaGlobal object| gaData

4 Cookies

Domain/Path Name / Value
www.privatelink.de/ Name: JSESSIONID
Value: 8A58E514229016AD6D4A9838EA322473
.critch.de/ Name: _gid
Value: GA1.2.935254073.1531133931
.critch.de/ Name: _gat_gtag_UA_117671757_2
Value: 1
.critch.de/ Name: _ga
Value: GA1.2.2023781800.1531133931