urlscan.io logo urlscan.io
SecurityTrails logo

promo.iredirect.net Open in urlscan Pro
66.212.229.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://discountsforshopping.com/5416xr14742734db7106fj22475zc1507dv1999rr
Effective URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Submission: On July 07 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 6 countries across 14 domains to perform 45 HTTP transactions. The main IP is 66.212.229.139, located in United States and belongs to CL-1379-14537 - Continent 8 LLC, US. The main domain is promo.iredirect.net.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 1st 2018. Valid for: 2 years.
This is the only time promo.iredirect.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 192.162.69.134 16347 (RMI-FITECH)
2 4 65.98.48.235 25653 (FORTRESSITX)
1 1 193.56.28.211 197226 (SPRINT-SDC)
1 2 154.16.205.144 20278 (NEXEON)
1 1 66.212.229.144 14537 (CL-1379-1...)
1 7 66.212.229.139 14537 (CL-1379-1...)
2 2a04:4e42:1b:... 54113 (FASTLY)
29 66.212.229.189 14537 (CL-1379-1...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
45 9
1    192.162.69.134 (France)

ASN16347 (RMI-FITECH, FR)
PTR: bestdeals-shopping.com
discountsforshopping.com
4    65.98.48.235 (United States)

ASN25653 (FORTRESSITX - FortressITX, US)
carblck.com
1    193.56.28.211 (United Kingdom)

ASN197226 (SPRINT-SDC, PL)
m1o6.safesslredir.company
2    154.16.205.144 (Los Angeles, United States)

ASN20278 (NEXEON - Nexeon Technologies, Inc., US)
vfc4.ekwvzi.live
1    66.212.229.144 (United States)

ASN14537 (CL-1379-14537 - Continent 8 LLC, US)
click.cr-brands.net
7    66.212.229.139 (United States)

ASN14537 (CL-1379-14537 - Continent 8 LLC, US)
promo.iredirect.net
2    2a04:4e42:1b::621 (Ascension Island)

ASN54113 (FASTLY - Fastly, US)
cdn.jsdelivr.net
29    66.212.229.189 (United States)

ASN14537 (CL-1379-14537 - Continent 8 LLC, US)
cdn.iredirect.net
img.iredirect.net
cdn.zxcdn.com
3    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
Domain Requested by
22 cdn.iredirect.net promo.iredirect.net
7 promo.iredirect.net 1 redirects vfc4.ekwvzi.live
promo.iredirect.net
5 cdn.zxcdn.com promo.iredirect.net
4 carblck.com 2 redirects carblck.com
3 www.google-analytics.com 1 redirects promo.iredirect.net
2 img.iredirect.net promo.iredirect.net
2 cdn.jsdelivr.net promo.iredirect.net
2 vfc4.ekwvzi.live 1 redirects carblck.com
1 www.google.de promo.iredirect.net
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com promo.iredirect.net
1 click.cr-brands.net 1 redirects
1 m1o6.safesslredir.company 1 redirects
1 discountsforshopping.com 1 redirects
0 code.jquery.com Failed promo.iredirect.net
45 16
Subject Issuer Validity Valid
carblck.com
Let's Encrypt Authority X3		 2019-04-23 -
2019-07-22		 3 months crt.sh
*.ekwvzi.live
Let's Encrypt Authority X3		 2019-05-29 -
2019-08-27		 3 months crt.sh
*.iredirect.net
COMODO RSA Domain Validation Secure Server CA		 2018-03-01 -
2020-02-29		 2 years crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-29 -
2020-04-23		 a year crt.sh
*.zxcdn.com
COMODO ECC Domain Validation Secure Server CA		 2017-08-30 -
2019-09-06		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
www.google.de
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Frame ID: 3DFCDF7AE55B3C79F04A96B60D56B415
Requests: 45 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://discountsforshopping.com/5416xr14742734db7106fj22475zc1507dv1999rr HTTP 302
    http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734 Page URL
  2. https://carblck.com/r2/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734/afd1d593-2163-422a-... HTTP 302
    https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d5... Page URL
  3. https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734/3a1aa54b-1f7a-43c6-... HTTP 302
    https://m1o6.safesslredir.company/?s1=3a1aa54b-1f7a-43c6-87a6-353e80632307&s2=&kw= HTTP 302
    https://vfc4.ekwvzi.live/?sov=3198834616&hid=dfvvlhdldjhtfh&&cntrl=00000&pid=10044&redid=75393&gsid=4... Page URL
  4. https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=3198834616&cntrl=00000&pid=10044&redid=75393&gs... HTTP 302
    https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&af... HTTP 301
    https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|efcba5... HTTP 301
    https://promo.iredirect.net/rea/pop/de/cos/1/?v=2 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?/i

Page Statistics

45
Requests

96 %
HTTPS

46 %
IPv6

14
Domains

16
Subdomains

9
IPs

6
Countries

3136 kB
Transfer

3544 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://discountsforshopping.com/5416xr14742734db7106fj22475zc1507dv1999rr HTTP 302
    http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734 Page URL
  2. https://carblck.com/r2/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734/afd1d593-2163-422a-9adc-f312754c4724/?fctr=0 HTTP 302
    https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724 Page URL
  3. https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734/3a1aa54b-1f7a-43c6-87a6-353e80632307/?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724&red_param_1=http%3A%2F%2Fcarblck.com%2Fr%2F8b0abd5e-bdf7-4de4-b80b-64c54e5e9797%2F54%2F5416%2F14742734&fctr=1 HTTP 302
    https://m1o6.safesslredir.company/?s1=3a1aa54b-1f7a-43c6-87a6-353e80632307&s2=&kw= HTTP 302
    https://vfc4.ekwvzi.live/?sov=3198834616&hid=dfvvlhdldjhtfh&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-r75393-t488&impid=ef93a11a-a08a-11e9-acc1-cae258990218 Page URL
  4. https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=3198834616&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-r75393-t488&impid=ef93a11a-a08a-11e9-acc1-cae258990218&tov=680782 HTTP 302
    https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|efcba59c-a08a-11e9-bddc-93963b7dcfa4|efcba59c-a08a-11e9-bddc-93963b7dcfa4| HTTP 301
    https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|efcba59c-a08a-11e9-bddc-93963b7dcfa4|efcba59c-a08a-11e9-bddc-93963b7dcfa4|&pop_up=1&url=/rea/pop/de/cos/1&v=2&seg=49266&lid=215864 HTTP 301
    https://promo.iredirect.net/rea/pop/de/cos/1/?v=2 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://discountsforshopping.com/5416xr14742734db7106fj22475zc1507dv1999rr HTTP 302
  • http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734
Request Chain 1
  • https://carblck.com/r2/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734/afd1d593-2163-422a-9adc-f312754c4724/?fctr=0 HTTP 302
  • https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724
Request Chain 2
  • https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734/3a1aa54b-1f7a-43c6-87a6-353e80632307/?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724&red_param_1=http%3A%2F%2Fcarblck.com%2Fr%2F8b0abd5e-bdf7-4de4-b80b-64c54e5e9797%2F54%2F5416%2F14742734&fctr=1 HTTP 302
  • https://m1o6.safesslredir.company/?s1=3a1aa54b-1f7a-43c6-87a6-353e80632307&s2=&kw= HTTP 302
  • https://vfc4.ekwvzi.live/?sov=3198834616&hid=dfvvlhdldjhtfh&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-r75393-t488&impid=ef93a11a-a08a-11e9-acc1-cae258990218
Request Chain 42
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=75103445&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F%3Fv%3D2&dr=https%253A%252F%252Fvfc4.ekwvzi.live%252F&ul=en-us&de=UTF-8&dt=Cosmo%20Casino!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEABC~&jid=1485435242&gjid=1586656004&cid=194444115.1562485422&tid=UA-85618867-1&_gid=1705415832.1562485422&_r=1&cd9=23635&cd34=de&cd83=R11wL1ek1N6rLmkZ1aAteN%2F3Oru3Oabm5BXdI%2FwsbfQ%3D&cd85=5359_49266_22173_4408_57_23634_3-75393%7C3198834616%7Cefcba59c-a08a-11e9-bddc-93963b7dcfa4%7Cefcba59c-a08a-11e9-bddc-93963b7dcfa4%7C&cd89=wizfulladdress_https&cd90=pop_cos_1_2&cd91=wizfulladdress&cd124=catch_cos&cd125=1&cd126=1&cd127=2&cd128=COS&cd129=&cd130=&cd131=EMPTY&z=2104533258 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=194444115.1562485422&jid=1485435242&_gid=1705415832.1562485422&gjid=1586656004&_v=j77&z=2104533258 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=194444115.1562485422&jid=1485435242&_v=j77&z=2104533258 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=194444115.1562485422&jid=1485435242&_v=j77&z=2104533258&slf_rd=1&random=2242183920

45 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
14742734
carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/
Redirect Chain
  • http://discountsforshopping.com/5416xr14742734db7106fj22475zc1507dv1999rr
  • http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734
691 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734
Protocol
HTTP/1.1
Server
65.98.48.235 , United States, ASN25653 (FORTRESSITX - FortressITX, US),
Reverse DNS
Software
nginx /
Resource Hash
3a8ab60a6952cca759c1b24c4e51e31d79feb840a7f9fb4d3b5f79fab2a6131f

Request headers

Host
carblck.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Sun, 07 Jul 2019 07:43:38 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
022ec69b-e489-49f8-bc0a-4b0539e67718=afd1d593-2163-422a-9adc-f312754c4724; Version=1; Expires=Mon, 08-Jul-2019 07:43:38 GMT; Max-Age=86400; Domain=carblck.com; Path=/ 022ec69b-e489-49f8-bc0a-4b0539e67718-check=afd1d593-2163-422a-9adc-f312754c4724; Version=1; Expires=Sun, 07-Jul-2019 07:53:38 GMT; Max-Age=600; Domain=carblck.com; Path=/
Cache-Control
no-cache
Expires
Sun, 07 Jul 2019 07:43:38 GMT
Content-Encoding
gzip

Redirect headers

Date
Sun, 07 Jul 2019 07:43:37 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
location
http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734
Content-Length
0
Connection
close
Content-Type
text/html; charset=UTF-8
/
carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//
Redirect Chain
  • https://carblck.com/r2/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734/afd1d593-2163-422a-9adc-f312754c4724/?fctr=0
  • https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724
843 B
952 B 		Document
General
Check archive.org
Download Go to
Full URL
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724
Requested by
Host: carblck.com
URL: http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.98.48.235 , United States, ASN25653 (FORTRESSITX - FortressITX, US),
Reverse DNS
Software
nginx /
Resource Hash
2d994387267cc5922734569dcdbfd96c773e644425abdca7b265b296903d8c0d

Request headers

Host
carblck.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734
Accept-Encoding
gzip, deflate, br
Cookie
022ec69b-e489-49f8-bc0a-4b0539e67718=afd1d593-2163-422a-9adc-f312754c4724; 022ec69b-e489-49f8-bc0a-4b0539e67718-check=afd1d593-2163-422a-9adc-f312754c4724
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://carblck.com/r/8b0abd5e-bdf7-4de4-b80b-64c54e5e9797/54/5416/14742734

Response headers

Server
nginx
Date
Sun, 07 Jul 2019 07:43:39 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
8e4d8882-511a-4735-b38f-b657767e925e=3a1aa54b-1f7a-43c6-87a6-353e80632307; Version=1; Expires=Tue, 06-Aug-2019 07:43:39 GMT; Max-Age=2592000; Domain=carblck.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=3a1aa54b-1f7a-43c6-87a6-353e80632307; Version=1; Expires=Sun, 07-Jul-2019 07:53:39 GMT; Max-Age=600; Domain=carblck.com; Path=/
Cache-Control
no-cache
Expires
Sun, 07 Jul 2019 07:43:39 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Sun, 07 Jul 2019 07:43:39 GMT
Content-Length
149
Connection
keep-alive
Location
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724
Cache-Control
no-cache
Expires
Sun, 07 Jul 2019 07:43:39 GMT
Cookie set /
vfc4.ekwvzi.live/
Redirect Chain
  • https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734/3a1aa54b-1f7a-43c6-87a6-353e80632307/?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724&red_param_1=http%3A%2F%2Fcarblck....
  • https://m1o6.safesslredir.company/?s1=3a1aa54b-1f7a-43c6-87a6-353e80632307&s2=&kw=
  • https://vfc4.ekwvzi.live/?sov=3198834616&hid=dfvvlhdldjhtfh&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-...
2 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vfc4.ekwvzi.live/?sov=3198834616&hid=dfvvlhdldjhtfh&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-r75393-t488&impid=ef93a11a-a08a-11e9-acc1-cae258990218
Requested by
Host: carblck.com
URL: https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.16.205.144 Los Angeles, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash
329769be6fda6fc143cc628d080b2681c889aabc94bc60439259081b6676a550

Request headers

Host
vfc4.ekwvzi.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5416/14742734//?fctr=1&ptid=afd1d593-2163-422a-9adc-f312754c4724

Response headers

Date
Sun, 07 Jul 2019 07:43:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=d1Uxc%2B5nF%2F%2Bgnr8oon559YPNTcznx1etjy5da9GQ4dKZ34925DHg2YDSFmdLcP1WT7AsBeF%2FeB%2FylcVL72BIue6z7%2B8egqkymFFxZWx%2BwB6C%2B4qSas1bVSSSuSLhkWZB8VuQTnR0tyzTvz%2F%2F73uhJOS4YSoduInYlTB2pra2cQfIfhiHEgHOrYTbcWilxMAXpStrH0wU797l0MVa0DlJCOFfjFDEybJMpRr7gmseg1iLkrYWpAWBrHZK2XdL1q0OAiR8UOwomKymnVW6FHimInea0e4e59jO0%2BjYOAvaFIZShaeuLDnmcNCZcNJO%2F2bs464cV7OfO7d9h4Mf3z%2B5diKDHFAjDSylWmMoOV1qCYJg%2BFVtmRIJoWeuA%2FekwF0U69Y9d%2Bp5ADMKtroc3zzBEJkJH0j1oER4F27AS%2BXXl2fnh4SFZXwf8QWUrvfVN%2BAz8RHgkQxcWwcD0Fhu3%2B3U6A%3D%3D; expires=Mon, 08-Jul-2019 07:43:40 GMT; Max-Age=86400; path=/; domain=.vfc4.ekwvzi.live click_id_ef93a11a-a08a-11e9-acc1-cae258990218=efcba59c-a08a-11e9-bddc-93963b7dcfa4 id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-r75393-t488; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live SITE_ID=3198834616; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live sov=3198834616; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live mov=noprelanders.mini; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live redid=75393; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live campaign_id=1228; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live gsid=488; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live pid=10044; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live impid=ef93a11a-a08a-11e9-acc1-cae258990218; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live URI=sov%3D3198834616%26hid%3Ddfvvlhdldjhtfh%26%26cntrl%3D00000%26pid%3D10044%26redid%3D75393%26gsid%3D488%26campaign_id%3D1228%26p_id%3D10044%26id%3DXNSX.3a1aa54b%257C%257C1f7a%257C%257C43c6%257C%257C87a6%257C%257C353e80632307-r75393-t488%26impid%3Def93a11a-a08a-11e9-acc1-cae258990218; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live templateid=3329; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live path=redirect; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live version=680782; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][expand_enable]=-1; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][alert_enable]=0; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][audio_enable]=0; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][pop_enable]=0; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][expand_enable]=-1; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][alert_enable]=0; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][audio_enable]=0; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][pop_enable]=0; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live content=680782; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live token=1acaefd79109db75804ebe6b1d817928; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live rpm=76; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live log_3198834616=1; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live token=1acaefd79109db75804ebe6b1d817928; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live rpm=76; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live payload=5579cc2870a0345b73813d86f86f7bd638b0267f2e5395ffa20bb6a2de195b118bf1a6363078d7deec29eca3c81286d556239a897d59416f63cc4d9a1b8227ce0100718145e4879b0d14fe0c3d47742a548228f0c3fc6d1913e2d97eabb55f20464b27289500008e1a8f84f55dff987a7c8b23d77a0156f9265010c8d21e891767cfa2e7743d51324914db5515c3e363220c3658ef12aa8ddd4498150a778c28edf817cf6f655ffa5e35b96dad2db690d30e0b3c478d480a9dd424e64ba72a0f628590314b6fad135806448943533b3f37d153cc38ac32961415d882d48713d02586a85537388cb5f10cec7b87bedf392438b2c0633bf66bf09602e5f4342c0ab127e490bcd3d40db57fd11f65b5a8ca9f05f155c72be254940d8a45a042a2f1688f66f7b633de99f3ad753eeb7fdda64ecabeda931b58af887ede7a4e6d868cb690c7f003a0eb530e5820ce6e72127a3da9ab8cb3c2620cde1d99ed59c683bbf9eacc889262d78b3d4c318818ca02dd7d2a37a4b5a5ae75bec09baf6f39e8729c7814710d433eef87c452fd3a25ed0a12d90196ca9c043edcb58b9c9ad3abb1af34f8b0224ae5b2bd9c31c0ca1111f3b9e461cf0c00e7d934c7cec8a79349878dc23a43923cc7b34d4dba2bef93aefbbae6a05b54ce6306956656dec633f5fa921f01c0a0e36b28e8121c5133e0a5e0338660aa46e9be43ee9ca15a085b8c8253c8a6ad05b4aae13f923685f92fe757d6592e719591e1c62d11619fccf2cd0d527f9b8157cb9812005d783fcc5ceb812c7692199108925ca8d6a319d92bcb15e97f8136cd812ccc1023cc30b65a18d5b27b536cdebf0352fd3bc597cc15f8c88c848397b3479115b3d1b1065503c49182dd13d60fe597a6559d9410151f69fceef3a2e0367efdb523631849edc8d906c9706e667012cf326840841e82bb6cd52ca5be24b4896901efcd73c162fa525d12ebddb43419a6c138260fddc2955dde1fb8205eb30d338b0f2a983f8dc7f163afe57383b8b69ffb80fdaa80ca487557ae121743c7ab4bc53e09f1aa8ca734a91b1868229d7d90691f338bd921c865c743f1890ec81c340d6c975409e2e0b11842f1f7d65d105b880905726e73c5a136e2365f1d5f16b7980e74a697e90b78ab3e68ed46e83b5dbaaaf453f29d3b385b91787500f6c91eb1df4ec07d4753ebe889e6e23d497028127e7d9d9632d3ffccda614f219054747042f9a08b8e2b539b31db188b193158234c613d467c1fda3cc1b3d1682c8885e10cbfd9ff1a0b14876776f016262daec229bfbd3dc8d927f764fb4c1359611cc643ac49d6206efc1e53d3a1d620eb0e1a2e9073578bee3d7aef99fc79b909c0aaf4b1821a5db3ca474b593881d5d59cab350d320e92910bf2810326f2179e16a54569812b8ad65c2d22683853ccff1beae84df091252603ac5824207d0a7145465d9140462393495a06bf166a474b7c9b9b43648a3a88ed85225bec9256cad2bb4d5606532ec1974ea8bed5296e2b0709c4eba58601903c0d1e634105b2e1192b7dc51ae6aa25274debbcddf088b0333a1b83a3144d8973b6dfe94450d22159b348aab0bee7f6da38edda74d36a2cd2ecf928e4e9446ac61e1d3a1040a2647c83df05c38a7f09c8eff760899d3e6cbbd17b4e851f7bcb24a135b577783bfa66a40b5aaae9f1310cbc8f0cca397dc4249d614c99869406c0698dc2028a8ac3013df09a3596bbf94ae223a9a69d74307dbcad5ee877dab9f77d817d8f6cc2e83a60; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live payloadIV=05e877f57aa516a4af41f1721ea5128e; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live init_ev=0; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-r75393-t488; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live SITE_ID=3198834616; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live sov=3198834616; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tov=680782; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live mov=noprelanders.mini; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live redid=75393; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live campaign_id=1228; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live gsid=488; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live pid=10044; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live impid=ef93a11a-a08a-11e9-acc1-cae258990218; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][iframe_enable]=0; expires=Mon, 08-Jul-2019 07:45:20 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Source
Mini
X-Rot
680782
X-Sov
3198834616
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Sun, 07 Jul 2019 07:43:39 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
ef93a11a-a08a-11e9-acc1-cae258990218
Location
https://vfc4.ekwvzi.live/?sov=3198834616&hid=dfvvlhdldjhtfh&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-r75393-t488&impid=ef93a11a-a08a-11e9-acc1-cae258990218
Set-Cookie
redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Primary Request /
promo.iredirect.net/rea/pop/de/cos/1/
Redirect Chain
  • https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=3198834616&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632...
  • https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|efcba59c-a08a-11e9-bddc-93963b7dcfa4|e...
  • https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|efcba59c-a08a-11e9-bddc-93963b7dcfa4|efcba59c-a08a-11e9-bddc-93963b7dcfa4|&pop_up=1&url=/rea/pop/de...
  • https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
106 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Requested by
Host: vfc4.ekwvzi.live
URL: https://vfc4.ekwvzi.live/?sov=3198834616&hid=dfvvlhdldjhtfh&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.3a1aa54b%7C%7C1f7a%7C%7C43c6%7C%7C87a6%7C%7C353e80632307-r75393-t488&impid=ef93a11a-a08a-11e9-acc1-cae258990218
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c96a95287c81b96d432b90c4b58f89c1c7bda1665e5f41ef250842e7c9ee13a

Request headers

:method
GET
:authority
promo.iredirect.net
:scheme
https
:path
/rea/pop/de/cos/1/?v=2
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://vfc4.ekwvzi.live/
accept-encoding
gzip, deflate, br
cookie
ASPSESSIONIDAERTTCDA=MONFFJMAMIBPJPGEDGOGLKLM
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://vfc4.ekwvzi.live/

Response headers

status
200
cache-control
no-store
content-type
text/html; Charset=UTF-8
content-encoding
gzip
expires
Sat, 15 May 1999 18:00:00 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-nid
W04
p3p
CP="CAO PSA OUR"
referrer-policy
origin
date
Sun, 07 Jul 2019 07:43:41 GMT
content-length
41837

Redirect headers

status
301
cache-control
no-store
content-type
text/html
expires
Sat, 15 May 1999 18:00:00 GMT
location
/rea/pop/de/cos/1/?v=2
server
Microsoft-IIS/10.0
set-cookie
ASPSESSIONIDAERTTCDA=MONFFJMAMIBPJPGEDGOGLKLM; secure; path=/
x-nid
W04
p3p
CP="CAO PSA OUR"
referrer-policy
origin
date
Sun, 07 Jul 2019 07:43:41 GMT
content-length
0
style.css
promo.iredirect.net/rea/pop/de/cos/1/inc/ 		43 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.iredirect.net/rea/pop/de/cos/1/inc/style.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
b9c751a6d954eb98febe6e8065b8d181b0249d01fb5b6a2da161e17f0c17f839

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Mon, 24 Jun 2019 00:59:02 GMT
server
Microsoft-IIS/10.0
etag
"0f513282ad51:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
accept-ranges
bytes
content-type
text/css
content-length
6643
jquery.min.js
cdn.jsdelivr.net/npm/jquery@1.11.3/dist/ 		94 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Sun, 07 Jul 2019 07:43:41 GMT
content-length
33342
x-served-by
cache-ams21035-AMS, cache-hhn4052-HHN
etag
W/"176f8-N7HbiLV0OPEHKo68dVnJCcnTpoI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery-migrate.min.js
cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:1b::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Sun, 07 Jul 2019 07:43:41 GMT
content-length
4014
x-served-by
cache-ams21035-AMS, cache-hhn4052-HHN
etag
W/"2748-kFMq/21BIZVCVM3wSZTYNPfsFps"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
common.js
promo.iredirect.net/rea/shared/ 		83 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.iredirect.net/rea/shared/common.js?1648-7
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7f04427e198b626a2e07b3f34eb3951d43af997ac4bd5aafacf3cfcebf683d34

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 22 Mar 2019 06:11:12 GMT
server
Microsoft-IIS/10.0
etag
"0c06fc76e0d41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
accept-ranges
bytes
content-type
application/javascript
content-length
22057
vjs-chat.js
cdn.iredirect.net/webcdn/js/ 		703 B
564 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.iredirect.net/webcdn/js/vjs-chat.js?1283-7
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
395248fa2a0de2257903418d5cf5c40d36a9e2ec04a5c5f3d9f8ca9b67ef7028

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2017 01:40:54 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d74bda6720d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
481
shared.css
cdn.iredirect.net/webcdn/css/rea/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.iredirect.net/webcdn/css/rea/shared.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f91da1ed13eea40a9f415c77d9ba31b3ead2912055194d0cae1620d02d78be5c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
last-modified
Thu, 06 Dec 2018 01:26:34 GMT
server
Microsoft-IIS/10.0
etag
"0415eb928dd41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=300
accept-ranges
bytes
content-type
text/css
content-length
3344
modal.js
cdn.iredirect.net/webcdn/js/rea/shared/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.iredirect.net/webcdn/js/rea/shared/modal.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
last-modified
Thu, 24 Aug 2017 03:46:10 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0ad1d868b1cd31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
2686
cookieConsentCr.min.js
cdn.iredirect.net/webcdn/js/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.iredirect.net/webcdn/js/cookieConsentCr.min.js?1283-7
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78060cb1b910e5c758b7c3d2817679577f278e20f36c231abf8751b154d5ad65

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
last-modified
Tue, 11 Dec 2018 21:49:52 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"00d729b91d41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
12355
slick.css
promo.iredirect.net/rea/pop/en/cos/1/inc/slick/ 		2 KB
785 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:50 GMT
server
Microsoft-IIS/10.0
etag
"fa3cb092d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
accept-ranges
bytes
content-type
text/css
content-length
745
slick-theme.css
promo.iredirect.net/rea/pop/en/cos/1/inc/slick/ 		3 KB
910 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick-theme.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:49 GMT
server
Microsoft-IIS/10.0
etag
"80c0a591d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
accept-ranges
bytes
content-type
text/css
content-length
870
spacer.gif
img.iredirect.net/webCDN/img/shared/ 		43 B
160 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.iredirect.net/webCDN/img/shared/spacer.gif
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 18 Jun 2012 08:15:06 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"021f3772a4dcd1:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
43
spacer.gif
cdn.zxcdn.com/webcdn/img/rea/shared/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/spacer.gif
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 27 Jun 2016 06:48:58 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"069d1fa3fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
1095
jquery-migrate-1.2.1.min.js
code.jquery.com/ 		0
0
slick.min.js
promo.iredirect.net/rea/pop/en/cos/1/inc/slick/ 		42 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:53 GMT
server
Microsoft-IIS/10.0
etag
"801a894d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
accept-ranges
bytes
content-type
application/javascript
content-length
10401
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
4564
date
Sun, 07 Jul 2019 06:27:38 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17707
expires
Sun, 07 Jul 2019 08:27:38 GMT
gtm.js
www.googletagmanager.com/ 		118 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5DCX9V
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcda7f7614ba232c4843a661d646cfc330623b34861e37b7a473fa08d154bb01
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:42 GMT
content-encoding
br
last-modified
Sun, 07 Jul 2019 06:00:00 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
29227
x-xss-protection
0
expires
Sun, 07 Jul 2019 07:43:42 GMT
COS_Logo_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS/ 		50 KB
50 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/COS/COS_Logo_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8539bcc762428650a59be971f9fd5ad5437e9a44d453e8c930026f30075f784d

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 04 Dec 2017 04:40:02 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03dacf2b96cd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
50917
rea-cosmo-main-bg_2x.jpg
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		215 KB
215 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-main-bg_2x.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d6abd1be6575bb3f08ccc7b60a590db97a936260e76b7bcd5dab8ebeae5cd3b7

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 15 Jan 2018 06:15:42 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03b5445c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
219664
rea-cosmo-arrow_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-arrow_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ccfd427c3e03f6312b2f3afca94dd40627686cf3ccbbf90e74e7babc971a7a60

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Thu, 18 Jan 2018 22:04:24 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"064b94ca890d31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5905
rea-pop-cosmo-jackpot_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		141 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-jackpot_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
eb446ef8d93ea926ae8dad8f69d1a478a7b9060a2d648f3fabd94a6dc87c8bd0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Tue, 16 Jan 2018 01:28:38 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0277055698ed31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
144495
rea-pop-cosmo-coins_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-coins_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c56fe93045f66491a0e8d56b5f5c3dc37aaa740d0d6226e9b8beff2f959f4e25

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 15 Jan 2018 06:15:38 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e1f142c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
43332
CCC_Golden-ICE-jpot-spriteA.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/CCC_Golden-ICE-jpot-spriteA.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Fri, 09 Sep 2016 03:41:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e6c8174cad21:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
23573
rea-pop-cosmo-winners-bg_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		601 KB
602 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-winners-bg_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2a8617d84f4081d573b74738564cd8f1f5b3149aeaaef29d90b41b0f9ca621c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 15 Jan 2018 06:15:36 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0b4c041c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
615610
rea-cosmo-glow_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		153 KB
153 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-glow_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dace7b643ec037293c1ce8e021f1813faaa636ce1a1728e3543fb599a9314d8

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 15 Jan 2018 06:15:40 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e2344c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
156621
Home_Winners-Left_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS/ 		211 KB
212 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/COS/Home_Winners-Left_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e1b56e2b83eda26c98fa47d99bccf1632348a4f94e2461b13d08de086130ed71

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Fri, 12 Jan 2018 00:32:36 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0aae0d73c8bd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
216513
Home_Winners-Right_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS/ 		235 KB
235 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/COS/Home_Winners-Right_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f6c42c54902dab7fef54e33dc4281ab2afe3c771d2931ae05d79bed33e51414c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 04 Dec 2017 04:40:02 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03dacf2b96cd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
240790
rea-cosmo-chips-left_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		54 KB
54 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-chips-left_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
27212ad263974166bef49756d99bb41b5218832c023ac8fc83810087c0bdfdd0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 15 Jan 2018 06:15:32 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"05a5e3fc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
54975
rea-cosmo-chips-right_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-chips-right_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
44669e67b0112f2ea5c77b2bae3ed0051b74a59af3d468b276ce31ceb30cd762

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 15 Jan 2018 06:15:32 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"05a5e3fc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
37630
rea-pop-cosmo-points_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		277 KB
277 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-points_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cb6701973c82e6407b2992ad1cbf1320c99497317aa628d3e6b05ecda9f2adc0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 15 Jan 2018 06:15:30 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"02d2d3ec88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
283306
rea-pop-cosmo-icons_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-icons_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ff45daa7fe6d1cfaaaf09beec6faaee8eea968b916f66733ffe36c425c4b38d8

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:42 GMT
last-modified
Mon, 15 Jan 2018 06:15:28 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"00fc3cc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
13361
rea-cosmo-mega-moolah_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		287 KB
287 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-mega-moolah_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f1e97059ff9de3566088b55db618dde61be88a270e1db3fc5d96ddb8f33a7fd6

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:42 GMT
last-modified
Mon, 15 Jan 2018 06:15:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d3ca3bc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
293965
rea-cosmo-thunderstruck-ii.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		165 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-thunderstruck-ii.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
19ba63d951dc6f2618cbc44c0f795951505a04f9fc956208a5fa6bd53dc883fd

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:42 GMT
last-modified
Mon, 15 Jan 2018 06:15:46 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"095b647c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
169150
rea-cosmo-immoral-bromance.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		152 KB
152 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-immoral-bromance.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d31a04c41933c91617ca009151f0073f0a906ea27d14f5577c563576d7fe3992

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:42 GMT
last-modified
Mon, 15 Jan 2018 06:15:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0c2e748c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
155553
rea-cosmo-avalon-ii.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		140 KB
140 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-avalon-ii.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d7edbc413d89bf05666d3e6622160ff785f31dd0a77cf138101e1e770c909750

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:42 GMT
last-modified
Mon, 15 Jan 2018 06:15:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0c2e748c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
143691
rea-cosmo-millionaires-club.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-millionaires-club.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6fc0cffeb439af51016e9b793f0011e99d24b4293949a4cd8c29ef0379058162

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:42 GMT
last-modified
Mon, 15 Jan 2018 06:15:44 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0688546c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
97348
norton.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/norton.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 27 Jun 2016 06:46:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d38a03fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2651
mcafee.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/mcafee.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 27 Jun 2016 06:46:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d38a03fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2877
secure-de.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/secure-de.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
59a39b60dbe3a3b2d8e44d1452cc3382ce19c8a17ae48bc2e6aa1344762845a6

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Mon, 27 Jun 2016 06:46:28 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03a69a13fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2734
footer-icons.fs8.png
cdn.zxcdn.com/webCDN/img/Shared/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zxcdn.com/webCDN/img/Shared/footer-icons.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4c7cd5e07cc6ee4eb8857f7d224c56c439509bdfd74cbd21133447af07dec333

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 07 Jul 2019 07:43:41 GMT
last-modified
Fri, 10 May 2019 04:17:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"bffc3b53e76d51:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W04
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
33111
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j77&a=75103445&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F%3Fv%3D2&dr=https%253A%252F%252Fvfc4.ekwvzi.live%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=194444115.1562485422&jid=1485435242&_gid=1705415832.1562485422&gjid=1586656004&_v=j77&z=2104533258
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=194444115.1562485422&jid=1485435242&_v=j77&z=2104533258
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=194444115.1562485422&jid=1485435242&_v=j77&z=2104533258&slf_rd=1&random=2242183920
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=194444115.1562485422&jid=1485435242&_v=j77&z=2104533258&slf_rd=1&random=2242183920
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 07 Jul 2019 07:43:42 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 07 Jul 2019 07:43:42 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=194444115.1562485422&jid=1485435242&_v=j77&z=2104533258&slf_rd=1&random=2242183920
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j77&a=75103445&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F%3Fv%3D2&dr=https%253A%252F%252Fvfc4.ekwvzi.live%252F&ul=en-us&de=UTF-8&dt=Cosmo%20Casino!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=REA%20Page&ea=Load%20Success&el=rea%2Fpop%2Fde%2Fcos%2F1&_u=YEBAAEABC~&jid=&gjid=&cid=194444115.1562485422&tid=UA-85618867-1&_gid=1705415832.1562485422&cd9=23635&cd34=de&cd83=R11wL1ek1N6rLmkZ1aAteN%2F3Oru3Oabm5BXdI%2FwsbfQ%3D&cd85=5359_49266_22173_4408_57_23634_3-75393%7C3198834616%7Cefcba59c-a08a-11e9-bddc-93963b7dcfa4%7Cefcba59c-a08a-11e9-bddc-93963b7dcfa4%7C&cd89=wizfulladdress_https&cd90=pop_cos_1_2&cd91=wizfulladdress&cd124=catch_cos&cd125=1&cd126=1&cd127=2&cd128=COS&cd129=&cd130=&cd131=EMPTY&z=1483674126
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 18 Jun 2019 09:09:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
1636428
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jquery.com
URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js

Verdicts & Comments Add Verdict or Comment

49 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| thisLang string| thisSiteCode string| thisBrand string| thisCategory string| thisVariation string| thisPath function| $ function| jQuery function| cross_domain_storage function| wopen function| checkCaptchaResponse undefined| d undefined| v undefined| formWS boolean| isCaptchaValidated object| respond boolean| priorEngage string| currency object| thisAffID string| siteTotalGames string| mobilesiteTotalGames string| decimalSeparator string| groupSeparator string| positivePattern string| decimalDigits string| isGDPR number| xit object| CookieConsentCr object| cookieconsent string| btag5 string| btag1 string| btag3 string| thisReferer string| __galab object| _loadGADATA function| isGoogleAnalyticsLoaded function| logGAEvent string| GoogleAnalyticsObject function| __gaTracker object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager boolean| blMatch

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://promo.iredirect.net/rea/pop/de/cos/1/?v=2(Line 126)
Message:
Load Success

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carblck.com
cdn.iredirect.net
cdn.jsdelivr.net
cdn.zxcdn.com
click.cr-brands.net
code.jquery.com
discountsforshopping.com
img.iredirect.net
m1o6.safesslredir.company
promo.iredirect.net
stats.g.doubleclick.net
vfc4.ekwvzi.live
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
code.jquery.com
154.16.205.144
192.162.69.134
193.56.28.211
2a00:1450:4001:808::2004
2a00:1450:4001:809::2003
2a00:1450:4001:817::2008
2a00:1450:4001:820::200e
2a00:1450:400c:c04::9c
2a04:4e42:1b::621
65.98.48.235
66.212.229.139
66.212.229.144
66.212.229.189
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
19ba63d951dc6f2618cbc44c0f795951505a04f9fc956208a5fa6bd53dc883fd
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274
27212ad263974166bef49756d99bb41b5218832c023ac8fc83810087c0bdfdd0
2d994387267cc5922734569dcdbfd96c773e644425abdca7b265b296903d8c0d
329769be6fda6fc143cc628d080b2681c889aabc94bc60439259081b6676a550
395248fa2a0de2257903418d5cf5c40d36a9e2ec04a5c5f3d9f8ca9b67ef7028
3a8ab60a6952cca759c1b24c4e51e31d79feb840a7f9fb4d3b5f79fab2a6131f
44669e67b0112f2ea5c77b2bae3ed0051b74a59af3d468b276ce31ceb30cd762
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c7cd5e07cc6ee4eb8857f7d224c56c439509bdfd74cbd21133447af07dec333
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59a39b60dbe3a3b2d8e44d1452cc3382ce19c8a17ae48bc2e6aa1344762845a6
6fc0cffeb439af51016e9b793f0011e99d24b4293949a4cd8c29ef0379058162
78060cb1b910e5c758b7c3d2817679577f278e20f36c231abf8751b154d5ad65
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae
7c96a95287c81b96d432b90c4b58f89c1c7bda1665e5f41ef250842e7c9ee13a
7f04427e198b626a2e07b3f34eb3951d43af997ac4bd5aafacf3cfcebf683d34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8539bcc762428650a59be971f9fd5ad5437e9a44d453e8c930026f30075f784d
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e
9dace7b643ec037293c1ce8e021f1813faaa636ce1a1728e3543fb599a9314d8
a4883cce814b6793c5bd6dd3639d6048ecab39a93a90b560d39a9fd0aff6e263
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b9c751a6d954eb98febe6e8065b8d181b0249d01fb5b6a2da161e17f0c17f839
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051
c2a8617d84f4081d573b74738564cd8f1f5b3149aeaaef29d90b41b0f9ca621c
c56fe93045f66491a0e8d56b5f5c3dc37aaa740d0d6226e9b8beff2f959f4e25
cb6701973c82e6407b2992ad1cbf1320c99497317aa628d3e6b05ecda9f2adc0
ccfd427c3e03f6312b2f3afca94dd40627686cf3ccbbf90e74e7babc971a7a60
d31a04c41933c91617ca009151f0073f0a906ea27d14f5577c563576d7fe3992
d6abd1be6575bb3f08ccc7b60a590db97a936260e76b7bcd5dab8ebeae5cd3b7
d7edbc413d89bf05666d3e6622160ff785f31dd0a77cf138101e1e770c909750
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e1b56e2b83eda26c98fa47d99bccf1632348a4f94e2461b13d08de086130ed71
eb446ef8d93ea926ae8dad8f69d1a478a7b9060a2d648f3fabd94a6dc87c8bd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e97059ff9de3566088b55db618dde61be88a270e1db3fc5d96ddb8f33a7fd6
f6c42c54902dab7fef54e33dc4281ab2afe3c771d2931ae05d79bed33e51414c
f91da1ed13eea40a9f415c77d9ba31b3ead2912055194d0cae1620d02d78be5c
fcda7f7614ba232c4843a661d646cfc330623b34861e37b7a473fa08d154bb01
ff45daa7fe6d1cfaaaf09beec6faaee8eea968b916f66733ffe36c425c4b38d8