vfc4.ekwvzi.live - urlscan.io

Summary

This website contacted 5 IPs in 5 countries across 6 domains to perform 6 HTTP transactions. The main IP is 154.16.205.144, located in Los Angeles, United States and belongs to NEXEON - Nexeon Technologies, Inc., US. The main domain is vfc4.ekwvzi.live.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 29th 2019. Valid for: 3 months.

This is the only time vfc4.ekwvzi.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.162.69.134 192.162.69.134	16347 (RMI-FITECH) (RMI-FITECH)
1	65.98.48.235 65.98.48.235	25653 (FORTRESSITX) (FORTRESSITX - FortressITX)
2 3	23.229.68.134 23.229.68.134	55286 (SERVER-MANIA) (SERVER-MANIA - B2 Net Solutions Inc.)
1	95.140.40.88 95.140.40.88	43711 (SZERVERNE...) (SZERVERNET-HU-AS)
1 1	193.56.28.211 193.56.28.211	197226 (SPRINT-SDC) (SPRINT-SDC)
1	154.16.205.144 154.16.205.144	20278 (NEXEON) (NEXEON - Nexeon Technologies)
6	5

1 192.162.69.134 (France) 1 redirects

ASN16347 (RMI-FITECH, FR)
PTR: bestdeals-shopping.com

deals-discounts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.98.48.235 (United States)

ASN25653 (FORTRESSITX - FortressITX, US)

carblck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.229.68.134 (Stoney Creek, Canada) 2 redirects

ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA)
PTR: ultramarathon.businesscircle.pw

carblck.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 95.140.40.88 (Hungary)

ASN43711 (SZERVERNET-HU-AS, HU)
PTR: 95-140-40-88.szervernet.hu

laudypauty.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.56.28.211 (United Kingdom) 1 redirects

ASN197226 (SPRINT-SDC, PL)

m1o6.safesslredir.company	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 154.16.205.144 (Los Angeles, United States)

ASN20278 (NEXEON - Nexeon Technologies, Inc., US)

vfc4.ekwvzi.live	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	carblck.com 2 redirects carblck.com	3 KB
1	ekwvzi.live vfc4.ekwvzi.live	9 KB
1	safesslredir.company 1 redirects m1o6.safesslredir.company	478 B
1	laudypauty.com laudypauty.com	351 B
1	deals-discounts.com 1 redirects deals-discounts.com	280 B
0	iredirect.net Failed promo.iredirect.net Failed
6	6

	Domain	Requested by
4	carblck.com	2 redirects carblck.com
1	vfc4.ekwvzi.live	laudypauty.com
1	m1o6.safesslredir.company	1 redirects
1	laudypauty.com	carblck.com
1	deals-discounts.com	1 redirects
0	promo.iredirect.net Failed	vfc4.ekwvzi.live
6	6

This site contains no links.

Subject Issuer	Validity	Valid
carblck.com Let's Encrypt Authority X3	`2019-04-23` - `2019-07-22`	3 months	crt.sh
www.laudypauty.com Go Daddy Secure Certificate Authority - G2	`2018-04-29` - `2019-06-28`	a year	crt.sh
*.ekwvzi.live Let's Encrypt Authority X3	`2019-05-29` - `2019-08-27`	3 months	crt.sh

This page contains 1 frames:

Frame: https://promo.iredirect.net/rea/pop/de/cos/1/
Frame ID: 2E68DD7D6249AAF7A87EEC0DB101C42F
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://deals-discounts.com/5407ub14768894dt7106js22475lx1507ng1992rr HTTP 302
http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894 Page URL
https://carblck.com/r2/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894/dac924be-b059-4dde-... HTTP 302
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924... Page URL
https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894/4e208e7a-dbad-4305-... HTTP 302
https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa Page URL
https://m1o6.safesslredir.company/?s1=830955448&s2=472125&kw=472125 HTTP 302
https://vfc4.ekwvzi.live/?sov=350726539&hid=bnjrlnjtnhtrpfjl&&cntrl=00000&pid=10044&redid=75393&gsid=... Page URL

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

6
Requests

50 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

5
Countries

11 kB
Transfer

3 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://deals-discounts.com/5407ub14768894dt7106js22475lx1507ng1992rr HTTP 302
http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894 Page URL
https://carblck.com/r2/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894/dac924be-b059-4dde-b2a4-386ff14feaf6/?fctr=0 HTTP 302
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6 Page URL
https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa/?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6&red_param_1=http%3A%2F%2Fcarblck.com%2Fr%2F8b0abd5e-bdf7-4de4-b80b-64c54e5e9797%2F54%2F5407%2F14768894&fctr=1 HTTP 302
https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa Page URL
https://m1o6.safesslredir.company/?s1=830955448&s2=472125&kw=472125 HTTP 302
https://vfc4.ekwvzi.live/?sov=350726539&hid=bnjrlnjtnhtrpfjl&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.830955448%3A%3A472125-r75393-t488&impid=819cb062-884c-11e9-b981-cae258990218 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://deals-discounts.com/5407ub14768894dt7106js22475lx1507ng1992rr HTTP 302
http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894

Request Chain 1

https://carblck.com/r2/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894/dac924be-b059-4dde-b2a4-386ff14feaf6/?fctr=0 HTTP 302
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6

Request Chain 2

https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa/?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6&red_param_1=http%3A%2F%2Fcarblck.com%2Fr%2F8b0abd5e-bdf7-4de4-b80b-64c54e5e9797%2F54%2F5407%2F14768894&fctr=1 HTTP 302
https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa

Request Chain 3

https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=350726539&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.830955448%3A%3A472125-r75393-t488&impid=819cb062-884c-11e9-b981-cae258990218&tov=680782 HTTP 302
https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-75393|350726539|8215c1c8-884c-11e9-aaf4-d91f8e56a467|8215c1c8-884c-11e9-aaf4-d91f8e56a467| HTTP 301
https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393|350726539|8215c1c8-884c-11e9-aaf4-d91f8e56a467|8215c1c8-884c-11e9-aaf4-d91f8e56a467|&pop_up=1&url=/rea/pop/de/cos/1&v=2&seg=49266&lid=215864 HTTP 301
https://promo.iredirect.net/rea/pop/de/cos/1/

6 HTTP transactions
-1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	14768894 carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/ Redirect Chain http://deals-discounts.com/5407ub14768894dt7106js22475lx1507ng1992rr http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894	691 B 853 B	298ms 167ms	Document text/html	65.98.48.235 FortressITX
General Check archive.org Show headers Download Go to Full URL http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894 Protocol HTTP/1.1 Server 65.98.48.235 , United States, ASN25653 (FORTRESSITX - FortressITX, US), Reverse DNS Software nginx / Resource Hash Request headers Host carblck.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Server nginx Date Thu, 06 Jun 2019 11:16:15 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive set-cookie 022ec69b-e489-49f8-bc0a-4b0539e67718=dac924be-b059-4dde-b2a4-386ff14feaf6; Version=1; Expires=Fri, 07-Jun-2019 11:16:15 GMT; Max-Age=86400; Domain=carblck.com; Path=/ 022ec69b-e489-49f8-bc0a-4b0539e67718-check=dac924be-b059-4dde-b2a4-386ff14feaf6; Version=1; Expires=Thu, 06-Jun-2019 11:26:15 GMT; Max-Age=600; Domain=carblck.com; Path=/ Cache-Control no-cache Expires Thu, 06 Jun 2019 11:16:15 GMT Content-Encoding gzip Redirect headers Date Thu, 06 Jun 2019 11:16:14 GMT Server Apache/2.2.15 (CentOS) X-Powered-By PHP/5.3.3 location http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894 Content-Length 0 Connection close Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	/ carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894// Redirect Chain https://carblck.com/r2/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894/dac924be-b059-4dde-b2a4-386ff14feaf6/?fctr=0 https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6	843 B 951 B	132ms 131ms	Document text/html	23.229.68.134 B2 Net Solutions ...
General Check archive.org Show headers Download Go to Full URL https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6 Requested by Host: carblck.com URL: http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 23.229.68.134 Stoney Creek, Canada, ASN55286 (SERVER-MANIA - B2 Net Solutions Inc., CA), Reverse DNS ultramarathon.businesscircle.pw Software nginx / Resource Hash Request headers Host carblck.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5407/14768894 Response headers Server nginx Date Thu, 06 Jun 2019 11:16:16 GMT Content-Type text/html Transfer-Encoding chunked Connection keep-alive set-cookie 8e4d8882-511a-4735-b38f-b657767e925e=4e208e7a-dbad-4305-9d8d-2c660ad2a0aa; Version=1; Expires=Sat, 06-Jul-2019 11:16:16 GMT; Max-Age=2592000; Domain=carblck.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=4e208e7a-dbad-4305-9d8d-2c660ad2a0aa; Version=1; Expires=Thu, 06-Jun-2019 11:26:16 GMT; Max-Age=600; Domain=carblck.com; Path=/ Cache-Control no-cache Expires Thu, 06 Jun 2019 11:16:16 GMT Content-Encoding gzip Redirect headers Server nginx Date Thu, 06 Jun 2019 11:16:16 GMT Content-Length 149 Connection keep-alive Location https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6 Cache-Control no-cache Expires Thu, 06 Jun 2019 11:16:16 GMT
GET H/1.1	200 OK	Cookie set 4e208e7a-dbad-4305-9d8d-2c660ad2a0aa laudypauty.com/fff0852e2b321b3800/100/ Redirect Chain https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa/?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6&red_param_1=http%3A%2F%2Fcarblck.... https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa	130 B 351 B	654ms 557ms	Document text/html	95.140.40.88 SZERVERNET-HU-AS
General Check archive.org Show headers Download Go to Full URL https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa Requested by Host: carblck.com URL: https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 95.140.40.88 , Hungary, ASN43711 (SZERVERNET-HU-AS, HU), Reverse DNS 95-140-40-88.szervernet.hu Software Apache / Resource Hash Request headers Host laudypauty.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5407/14768894//?fctr=1&ptid=dac924be-b059-4dde-b2a4-386ff14feaf6 Response headers Date Thu, 06 Jun 2019 11:16:18 GMT Content-Type text/html; charset=UTF-8 Content-Length 130 Server Apache Set-Cookie uid3546=830955448-20190606061618-d7fbf5f46bf47d86452532b502097749-; path=/ Redirect headers Server nginx Date Thu, 06 Jun 2019 11:16:17 GMT Content-Length 105 Connection keep-alive set-cookie 8e4d8882-511a-4735-b38f-b657767e925e=4e208e7a-dbad-4305-9d8d-2c660ad2a0aa; Version=1; Expires=Sat, 06-Jul-2019 11:16:17 GMT; Max-Age=2592000; Domain=carblck.com; Path=/ Location https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa Cache-Control no-cache Expires Thu, 06 Jun 2019 11:16:17 GMT
GET H/1.1	200 OK	Primary Request Cookie set / vfc4.ekwvzi.live/ Redirect Chain https://m1o6.safesslredir.company/?s1=830955448&s2=472125&kw=472125 https://vfc4.ekwvzi.live/?sov=350726539&hid=bnjrlnjtnhtrpfjl&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.830955448%3A%3A472125-r75393-t488&impid=819cb062-884c-11...	1 KB 9 KB	593ms 206ms	Document text/html	154.16.205.144 Nexeon Technologies
General Check archive.org Show headers Download Go to Full URL https://vfc4.ekwvzi.live/?sov=350726539&hid=bnjrlnjtnhtrpfjl&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.830955448%3A%3A472125-r75393-t488&impid=819cb062-884c-11e9-b981-cae258990218 Requested by Host: laudypauty.com URL: https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 154.16.205.144 Los Angeles, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US), Reverse DNS Software / Resource Hash Request headers Host vfc4.ekwvzi.live Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://laudypauty.com/fff0852e2b321b3800/100/4e208e7a-dbad-4305-9d8d-2c660ad2a0aa Response headers Date Thu, 06 Jun 2019 11:16:19 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Set-Cookie ci_session=DzLk5yBmbsQbPyrkpqeP8jJqKjwgIiZ6tt%2BLDII8E4E55Pinax5y%2BI6eD0WOCTAKOmwLaYjIeYAGcnkPCWw3E%2Bf%2F%2B4GHgVNyrT%2BUIZe40CD96fo%2BMLC0%2FbuTa6tUhl0PEnTtHaBhHPXndDvwA%2BU%2FdpYc3X1wyYnkN8qIaDiRoEWS%2F97cAc25SgrUyYeQWZu9ux6%2Fq760kuhWJmU9gjjI5Ofg%2Bcdc50xZgKG1QYtoNVvbDtMi0sIUsIJBmt2jr2Z5tvPjfvaRN0DZkbd3NPw3XDl2NCNQkOz7qZz2ihQR2uO1DeJfwEB%2FHHMmHdXfcr%2FnVXCHsv96ipznCPJyueRrRxmPc2jturbIgDUrDlaHZ2caOSIIf9Mc6tRsCQQn00EQiCfDsuLciSlwZLf575V%2B5MLTJ807tAQFjJMEgPp82zRZO42UzfUiC%2FM6es4m4r74ATuX6DZFCLFy6mY9BRhfSA%3D%3D; expires=Fri, 07-Jun-2019 11:16:19 GMT; Max-Age=86400; path=/; domain=.vfc4.ekwvzi.live click_id_819cb062-884c-11e9-b981-cae258990218=8215c1c8-884c-11e9-aaf4-d91f8e56a467 id=XNSX.830955448%3A%3A472125-r75393-t488; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live SITE_ID=350726539; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live sov=350726539; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live mov=noprelanders.mini; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live redid=75393; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live campaign_id=1228; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live gsid=488; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live pid=10044; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live impid=819cb062-884c-11e9-b981-cae258990218; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live URI=sov%3D350726539%26hid%3Dbnjrlnjtnhtrpfjl%26%26cntrl%3D00000%26pid%3D10044%26redid%3D75393%26gsid%3D488%26campaign_id%3D1228%26p_id%3D10044%26id%3DXNSX.830955448%253A%253A472125-r75393-t488%26impid%3D819cb062-884c-11e9-b981-cae258990218; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live templateid=3329; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live path=redirect; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live version=680782; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][expand_enable]=-1; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][alert_enable]=0; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][audio_enable]=0; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][pop_enable]=0; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][expand_enable]=-1; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][alert_enable]=0; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][audio_enable]=0; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][pop_enable]=0; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live content=680782; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live token=eb883485c91f1af0494b0696e09f6383; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live rpm=37; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live log_350726539=1; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live token=eb883485c91f1af0494b0696e09f6383; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live rpm=37; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live payload=9a88141c3ba7495b6c470f0150bffa1522dcf199030369a0ce3d81dd57877e115b9a0fdb79a7c0790eb32d28e3186797cfed9942bf1771c81e3898ee24656c757921846dafdde816e31e54f7b16b65ce78c320e449aeb85b5b242875060e5d6dd30595f5c3d27ffeebb30f3471f74a26a4c5083cfa898200ad302ccadabbf6300b3d1cdd8c68b40890f9c24e4aabcac8d8a7fd6a67099b0ebf9b3894ae5c803ea77c3ef9fa88b6d5dfdc30c347d25f2097688df8d009eec49a32f1945a9b6ff4c5fab3245161e966498e53de33e9ad424f4294922479b2b6ed0090a9eba76ad85ddda33cf6bb3f42d70298357823db3da4f55946e2e7a57f2e29dcc0fd7382816b8b6d3a6af618040107a62993fadc7e7cd27822791f351260adeb7b4d62cc3d99691900ce5cfe5c37abdf0be281d6ae503987bea32df36235d4a6657d759137b394702077c814a28744194c6257b7da85f24dba49e5a06b2da346b6bb1a4d1a7b13b1b5c10035105dc61a6b1fd1e14a44b7579e0efe674f2a55af61350df8fb49844dcd522e1d8b189243ab7e7c024d382e7d2d7fffc7f6522db093fbc8c0280a1721343c127d7d2eef96b75384e33b333b461aecdebeb0373757bf39c7ebadcd47b868fb39f1fdfe6bef832144a2f34e8624b0c437ee3ed470525c39e81c89dc3a252fc598645e74ff7cf04582253ed61619431154b6b5856646ecc921b37df88c7ad52f7b703ffb6ca3da92da0649a512e5fce5651b9447b260a0ea24ad7b440d4c5b0b195dd1cba6058a2ad5e720ad407bb5dac5409226d8711ffd4b0db939cbdcc1b06f58c7207528004fda0060da550b67bbd06613fe0835e0ed280350cb0ee76552f59d021df62cda7ec9715360de83d0a2cd1abaa582dbf7d550d865094279eb35c53c91e1fcbf0fd50b9fb82afe1ab8bcfc45910e1c07ed80ce4d77d0078da2788a29c1d462361b0f3fe661ee4b7e55b523d6829d14c807ee5b9f23738e1160c1ba4ac52638c0b552840d826e3f7534c5844f4b9f2a3af196812c3c07899758b2507754a0220864eafad3d39906586e977d6d3e9a2f84eeb00e186a92f1e3fcfc9bec51e6d6a33f3a64cbbde7a3098deaf74ea1fb38db8f6e8a76a85da6f9ef7600b4d891a1d26e37920bc34805d0a1cfa15ca8463fe1685a3895a1e3d9f9cad82f8a2221f2078f3276ee7344480d0b2902cf6574c5fc40bbfa299fd623acc58fc6057f7049a9d2d1bc6de72b3a8229a93f1c5ad653da572d1eef93ac1aa4eaf6577883979d987f9ab01f42e7856379c236619a59906c3450f3501dafbb72237bcb0805b238ec879c42db6273224841f75466e14a952a6b120298581b7b31bc02cb8e80510c9238895d2db0aca57bdf6825b609567b1f6d2c4c52ce81c2d3acf4e494015be2d2f6452a00d830fa39a03b08a4e00f72b996644f9e20e8162a3ac003327ec03a5bffb5c8066dbf75be6be4a7994ffe1aeb404165e96fff92fa39137decad9eb7d66640cdd7518cb197d5a116809ef7866c3a6d2aee933a60104cb07ecbdaeeb87c39c85557a02a8b77060ae381ae0af43febc1e9bd1bddfae0f7320a848388d444a00d80e13da7c54885bad6384f14c8faf4581eb49357e0e7fa8968b2ad43635f725e76641039b181ceef57736b914a1c9fadf20d4b583e0475a7f3c39e87c0f21a6715; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live payloadIV=c37e8b1e0fafd45f18cf6480e61c5592; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live init_ev=0; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live id=XNSX.830955448%3A%3A472125-r75393-t488; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live SITE_ID=350726539; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live sov=350726539; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tov=680782; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live mov=noprelanders.mini; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live redid=75393; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live campaign_id=1228; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live gsid=488; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live pid=10044; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live impid=819cb062-884c-11e9-b981-cae258990218; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][iframe_enable]=0; expires=Fri, 07-Jun-2019 11:17:59 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/ X-Source Mini X-Rot 680782 X-Sov 350726539 Expires Mon, 01 Jan 2001 00:00:00 GMT Cache-Control no-cache Pragma no-cache Content-Encoding gzip Redirect headers Date Thu, 06 Jun 2019 11:16:18 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked X-ImpID 819cb062-884c-11e9-b981-cae258990218 Location https://vfc4.ekwvzi.live/?sov=350726539&hid=bnjrlnjtnhtrpfjl&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.830955448%3A%3A472125-r75393-t488&impid=819cb062-884c-11e9-b981-cae258990218 Set-Cookie redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
GET		/ promo.iredirect.net/rea/pop/de/cos/1/ Redirect Chain https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=350726539&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.830955448%3A%3A472125-r75393-t488&impid=819cb062-884c-... https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-75393\|350726539\|8215c1c8-884c-11e9-aaf4-d91f8e56a467\|82... https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393\|350726539\|8215c1c8-884c-11e9-aaf4-d91f8e56a467\|8215c1c8-884c-11e9-aaf4-d91f8e56a467\|&pop_up=1&url=/rea/pop/de/... https://promo.iredirect.net/rea/pop/de/cos/1/	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			promo.iredirect.net/	1969-12-31 23:59:59	Name: ASPSESSIONIDCWQCRBBD Value: ADJCODBAELMPOJECFDMLFIHJ

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carblck.com
deals-discounts.com
laudypauty.com
m1o6.safesslredir.company
promo.iredirect.net
vfc4.ekwvzi.live
promo.iredirect.net
154.16.205.144
192.162.69.134
193.56.28.211
23.229.68.134
65.98.48.235
95.140.40.88
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

vfc4.ekwvzi.live Open in urlscan Pro 154.16.205.144 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

6 Requests

50 %HTTPS

0 %IPv6

6 Domains

6 Subdomains

5 IPs

5 Countries

11 kBTransfer

3 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

6 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Failed requests

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

1 Cookies

Indicators

vfc4.ekwvzi.live Open in urlscan Pro
154.16.205.144 Public Scan

Screenshot
Live screenshot

Full Image

6
Requests

50 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

5
IPs

5
Countries

11 kB
Transfer

3 kB
Size

1
Cookies

6 HTTP transactions
-1 data transactions