Submitted URL: http://allsummerdresses.com/Y8Z1bD0O2.jspf?dthyXDccqRJPcvVZscccDnctcq859c7cNcbbbfs
Effective URL: http://smplewilld.com/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/
Submission: On June 12 via api from BE

Summary

This website contacted 11 IPs in 5 countries across 15 domains to perform 49 HTTP transactions.
The main IP is 107.181.161.231, located in Los Angeles, United States and belongs to TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US. The main domain is smplewilld.com.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 1 38.68.135.16 63023 (AS-GLOBAL...)
1 2 107.181.161.231 46562 (TOTAL-SER...)
1 2 65.98.48.235 25653 (FORTRESSITX)
1 1 193.56.28.211 197226 (SPRINT-SDC)
1 2 154.16.205.144 20278 (NEXEON)
1 1 66.212.229.144 14537 (CL-1379-1...)
1 9 66.212.229.139 14537 (CL-1379-1...)
2 2a04:4e42::621 54113 (FASTLY)
30 66.212.229.189 14537 (CL-1379-1...)
1 205.185.208.52 20446 (HIGHWINDS3)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 66.212.229.188 14537 (CL-1379-1...)
49 11
Domain
Subdomains
Transfer
34 iredirect.net
3 MB
6 zxcdn.com
43 KB
3 google-analytics.com
18 KB
2 jsdelivr.net
37 KB
2 ekwvzi.live
13 KB
2 carblck.com
1 KB
2 smplewilld.com
1 KB
1 google.de
120 B
1 google.com
190 B
1 doubleclick.net
158 B
1 googletagmanager.com
28 KB
1 jquery.com
3 KB
1 cr-brands.net
435 B
1 safesslredir.company
513 B
1 allsummerdresses.com
313 B
49 15
Domain Requested by
23 cdn.iredirect.net promo.iredirect.net
cdn.jsdelivr.net
9 promo.iredirect.net 1 redirects vfc4.ekwvzi.live
promo.iredirect.net
cdn.jsdelivr.net
5 cdn.zxcdn.com promo.iredirect.net
3 www.google-analytics.com 1 redirects promo.iredirect.net
2 img.iredirect.net promo.iredirect.net
2 cdn.jsdelivr.net promo.iredirect.net
2 vfc4.ekwvzi.live 1 redirects carblck.com
2 carblck.com 1 redirects smplewilld.com
2 smplewilld.com 1 redirects
1 api.zxcdn.com cdn.jsdelivr.net
1 www.google.de promo.iredirect.net
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com promo.iredirect.net
1 code.jquery.com promo.iredirect.net
1 click.cr-brands.net 1 redirects
1 m1o6.safesslredir.company 1 redirects
1 allsummerdresses.com 1 redirects
49 18
Subject / Issuer Validity Valid
carblck.com
Let's Encrypt Authority X3
2019-04-23 -
2019-07-22
3 months
*.ekwvzi.live
Let's Encrypt Authority X3
2019-05-29 -
2019-08-27
3 months
*.iredirect.net
COMODO RSA Domain Validation Secure Server CA
2018-03-01 -
2020-02-29
2 years
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year
*.zxcdn.com
COMODO ECC Domain Validation Secure Server CA
2017-08-30 -
2019-09-06
2 years
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years
*.google-analytics.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months
*.google.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

49 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269
Redirect Chain
  • http://allsummerdresses.com/Y8Z1bD0O2.jspf?dthyXDccqRJPcvVZscccDnctcq859c7cNcbbbfs
  • http://smplewilld.com/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/
727 B
888 B
Document
General
Full URL
http://smplewilld.com/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/
Protocol
HTTP/1.1
Server
107.181.161.231 Los Angeles, United States, ASN46562 (TOTAL-SERVER-SOLUTIONS - Total Server Solutions L.L.C., US),
Reverse DNS
racheltaub.us
Software
nginx /
Resource Hash
64349d8bb838a978f61fa26109fb15b8c9535329d2f41a0ac646f5bf04276a8d

Request headers

Host
smplewilld.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Wed, 12 Jun 2019 15:45:26 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
6347387c-c3e5-4e2e-8b7c-77f6142ba6c3=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6; Version=1; Expires=Thu, 13-Jun-2019 15:45:26 GMT; Max-Age=86400; Domain=smplewilld.com; Path=/ 6347387c-c3e5-4e2e-8b7c-77f6142ba6c3-check=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6; Version=1; Expires=Wed, 12-Jun-2019 15:55:26 GMT; Max-Age=600; Domain=smplewilld.com; Path=/
Cache-Control
no-cache
Expires
Wed, 12 Jun 2019 15:45:26 GMT
Content-Encoding
gzip

Redirect headers

Date
Wed, 12 Jun 2019 15:45:24 GMT
Server
Apache
Location
http://smplewilld.com/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6
carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269/
Redirect Chain
  • https://smplewilld.com/r2/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/ce9531ed-e8d0-4c21-ac3f-92990b21c8c6/?fctr=0
  • https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269//?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6
915 B
988 B
Document
General
Full URL
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269//?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6
Requested by
Host: smplewilld.com
URL: http://smplewilld.com/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.98.48.235 , United States, ASN25653 (FORTRESSITX - FortressITX, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
carblck.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://smplewilld.com/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://smplewilld.com/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/

Response headers

Server
nginx
Date
Wed, 12 Jun 2019 15:45:27 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
8e4d8882-511a-4735-b38f-b657767e925e=1fe907e7-b215-46fb-9b57-16bd109216f7; Version=1; Expires=Fri, 12-Jul-2019 15:45:27 GMT; Max-Age=2592000; Domain=carblck.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=1fe907e7-b215-46fb-9b57-16bd109216f7; Version=1; Expires=Wed, 12-Jun-2019 15:55:27 GMT; Max-Age=600; Domain=carblck.com; Path=/
Cache-Control
no-cache
Expires
Wed, 12 Jun 2019 15:45:27 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Wed, 12 Jun 2019 15:45:27 GMT
Content-Length
182
Connection
keep-alive
Location
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269//?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6
Cache-Control
no-cache
Expires
Wed, 12 Jun 2019 15:45:27 GMT
Cookie set ?sov=3198834616&hid=csqgesoeggcemco&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd109216f7-r75393-t488&impid=1adcdd...
vfc4.ekwvzi.live
Redirect Chain
  • https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269/1fe907e7-b215-46fb-9b57-16bd109216f7/?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6&...
  • https://m1o6.safesslredir.company/?s1=1fe907e7-b215-46fb-9b57-16bd109216f7&s2=&kw=
  • https://vfc4.ekwvzi.live/?sov=3198834616&hid=csqgesoeggcemco&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd109216f7...
2 KB
10 KB
Document
General
Full URL
https://vfc4.ekwvzi.live/?sov=3198834616&hid=csqgesoeggcemco&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd109216f7-r75393-t488&impid=1adcddde-8d29-11e9-b033-fa245441bcee
Requested by
Host: carblck.com
URL: https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269//?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.16.205.144 Los Angeles, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
vfc4.ekwvzi.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269//?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269//?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6

Response headers

Date
Wed, 12 Jun 2019 15:45:30 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=XdmkO14niYiLn%2Bw0prE3vr2Dh8whI7n0d43LBk1M%2B4c2uaabQKz7PY2HcbAp52msxy5ZTU5GStemTMLIx1tiC0DKz8jJwJHB%2FTaAfBMjlKMB524uIVaHNhpmlJXiRaGwrGBsQSVyKUlQWD52WPmULGVYOX5PiQPZ017T7G9n1Pt0d8YU%2FS%2By06PlbGhkavdmrn4GA7iKPgkpBcKWC8miNue2AVRPPgZ5TexNO1smZOOLRIwVM0onR3%2FfTMGqB2Ff%2FnQhqyS6Fc%2FzBXp72gICcCH8YuaIPGwJKWHdabZuFrwOSBAOdgAgu%2BIyLvSc5COjEaJ6vfXvpHDHSJbXBFELVVyHkXQd4aHxHLD30gBNs%2Bi7MCfPP26XVV4ClvFnns3g%2F15fyNwvDDLb5VwOU4m1P%2BYKCjPSN7W9CKOKsr7PmNiQuSjw8kIySG2OqMnqVU17d0l%2Fkcbe67pk5a9s%2BMdY6Q%3D%3D; expires=Thu, 13-Jun-2019 15:45:30 GMT; Max-Age=86400; path=/; domain=.vfc4.ekwvzi.live click_id_1adcddde-8d29-11e9-b033-fa245441bcee=1b3510f8-8d29-11e9-96fa-89d8ba9c6155 id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd109216f7-r75393-t488; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live SITE_ID=3198834616; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live sov=3198834616; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live mov=noprelanders.mini; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live redid=75393; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live campaign_id=1228; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live gsid=488; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live pid=10044; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live impid=1adcddde-8d29-11e9-b033-fa245441bcee; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live URI=sov%3D3198834616%26hid%3Dcsqgesoeggcemco%26%26cntrl%3D00000%26pid%3D10044%26redid%3D75393%26gsid%3D488%26campaign_id%3D1228%26p_id%3D10044%26id%3DXNSX.1fe907e7%257C%257Cb215%257C%257C46fb%257C%257C9b57%257C%257C16bd109216f7-r75393-t488%26impid%3D1adcddde-8d29-11e9-b033-fa245441bcee; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live templateid=3329; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live path=redirect; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live version=680782; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][expand_enable]=-1; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][alert_enable]=0; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][audio_enable]=0; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][pop_enable]=0; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][expand_enable]=-1; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][alert_enable]=0; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][audio_enable]=0; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][pop_enable]=0; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live content=680782; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live token=df0f6433362fa88036d738fbc2cf6c4e; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live rpm=54; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live log_3198834616=1; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live token=df0f6433362fa88036d738fbc2cf6c4e; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live rpm=54; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live payload=e83cfbcf3233e1385073962defa66e4cd6916fb508e66e97be9dcb56f80088fcbaffbc2a2da12a15478b2620e1eb9327e83b8d348a78535181016d7b1e197883d040c564df75c074b0225192826c11a5318950fa4d9a3987bcfee54471db07f82d207696bffc792b76337dbdbb2fa7ba748660f2cb3c8e8b38f834d819a4ae40026b7415dedf82f2f0b6e0753657cd9e3abc07f69a25e9e9a08d601d680fa98c4967a96594154943ea3068086dea524eb15362b43b8321a2bcc82e889b3ff7e98dd6c7468e78b60edf2cca3d919b6af3686707667c11328a57794814f64233aed9e0aac55bfa2d865c1e692837ce2e3da025756c7daf3a4fc6fc6e6b619bc63975af751b8146c3eb595e916c384c905c2f7babb94f5ac60f8757d0a2a9f34d4253bfd4530cbf271c4ea48ee1d87e02dbf12d0e341e672726993fe7257ea9e1b3c5159d0c77268a7914474191eafc5d2570fcbafba78f41722fa8c6138e4d836ffcd543111d228d426f84564c435b1bde6541dc7519958f1fb4991a7634278140da154f28727366e3ec91a4bbfd8ae50e80dc03c656aa11015492261c438ac616ac3c397322af89f379d74bae9c9f8b223b1beeab246f9982bba26305034789c7a2f7fe5aa8190c6f235732252897ff433e539c471df13e8c7e49f27855e90cced493ce3194abe675d76b09c5e843caaa5e66531f1ce03428c73431457c97e0966e9c24612535299bbc5a0423ab1640a2703497a82e71dab5f761bd6808f1099d14c19925392698dd3be59bd44d1565c32899546d6e2441a584a86e2c994465a49628838f064d7f937cefa4581d36220de7b79940c8cf149025bb4c79c70675ea026e9b11b51db2276b9d7f80784025d2e802b305106bea9fb0d178e5fa0e8a756ffb3544531317ed5006d84ce071d105a2be34b3bd6979ef0eb5fbc4520bd43a52c227580a57a5d1e2442342344f4a69d3235a5c0a304d80e5d9f57ec0cf8056e3bed7c159772d2511658b3a19ef34f364da5cf7a25fb30b602c9a4c601ae2b0ba974ee44a29c1d7a5fcc81e63c1fa8b5e90fa1f0f05842757beeb8097a4235d863a35cbbdcc7ed067b83a99849d3df6093e1b38dc2603c1cdd4672cb4f7dbcac67002bc1a515e96bd032a5d0c575755424b1de6b17c2995a045519b20173678f7baed3ff141c4d7250387fae682bdfc7220ee1603931da76011bf7e2db600910f46566caa5d47caea0901317f1aaff9300d46dfac874bedbe9991635b56d30ea3e4d21ab1126a21afdaeec9df4871f8033c71188a8851d1db42c6a3a075137ff97f4d96a84635744ec62773b75064e55abeb0719f349450cb44d99cb370234148f9b92afc1aba66e849817278650bcb530b0c9eed81241e90877876847a5ccc10c40c5715da253f0c7f05c41dbd29e6f7f65f1f25458d3b8e0d5718d6e19031e65f9bb23b52ced4848954b264bcfa4897177125152b8bb9c4ef56b5170ceecb18e4331571a8ac132fb2b8671f68a7da7aae7d15a0cb07a39c5b001706604de445a3a6f362e037aa055055e4faf7197e44015d4e757f023ad36c975a117efc06e4c30488f5d507fab3d856fe07886acebcc55813c7a1e29b75768ba1d629848a23d35743428e4422d78419c7df228a0c4cb729f658439da5f8a7b04e2906751205d2e41f2e91415b4e01303d1ab6d13fbce762dcbf8faf6483caf7aaef7bf32992ddff9d2e3a06bcdcfcce97d8ac5f095e5bfbce239e1d01373c05f440fbaa96; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live payloadIV=29cc11019e5f72d5f1823462bc0fc499; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live init_ev=0; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd109216f7-r75393-t488; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live SITE_ID=3198834616; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live sov=3198834616; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tov=680782; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live mov=noprelanders.mini; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live redid=75393; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live campaign_id=1228; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live gsid=488; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live pid=10044; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live impid=1adcddde-8d29-11e9-b033-fa245441bcee; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][iframe_enable]=0; expires=Thu, 13-Jun-2019 15:47:10 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Source
Mini
X-Rot
680782
X-Sov
3198834616
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Wed, 12 Jun 2019 15:45:29 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
1adcddde-8d29-11e9-b033-fa245441bcee
Location
https://vfc4.ekwvzi.live/?sov=3198834616&hid=csqgesoeggcemco&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd109216f7-r75393-t488&impid=1adcddde-8d29-11e9-b033-fa245441bcee
Set-Cookie
redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Adblocked /
promo.iredirect.net/rea/pop/de/cos/1
Redirect Chain
  • https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=3198834616&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd10921...
  • https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|1b3510f8-8d29-11e9-96fa-89d8ba9c6155|1...
  • https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|1b3510f8-8d29-11e9-96fa-89d8ba9c6155|1b3510f8-8d29-11e9-96fa-89d8ba9c6155|&pop_up=1&url=/rea/pop/de...
  • https://promo.iredirect.net/rea/pop/de/cos/1/
104 KB
41 KB
Document
General
Full URL
https://promo.iredirect.net/rea/pop/de/cos/1/
Requested by
Host: vfc4.ekwvzi.live
URL: https://vfc4.ekwvzi.live/?sov=3198834616&hid=csqgesoeggcemco&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd109216f7-r75393-t488&impid=1adcddde-8d29-11e9-b033-fa245441bcee
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
5c5823eb11e5b58ff08ddb25e8faa6b4d9c42ca5bae70dff1f63afa5afb8341b
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

:method
GET
:authority
promo.iredirect.net
:scheme
https
:path
/rea/pop/de/cos/1/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://vfc4.ekwvzi.live/
accept-encoding
gzip, deflate, br
cookie
ASPSESSIONIDCWCSTADB=EGEBGPAALOEDBLOMHBGEIJHF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://vfc4.ekwvzi.live/

Response headers

status
200
cache-control
no-store
content-type
text/html; Charset=UTF-8
content-encoding
gzip
expires
Sat, 15 May 1999 18:00:00 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-nid
W03
p3p
CP="CAO PSA OUR"
referrer-policy
origin
date
Wed, 12 Jun 2019 15:45:31 GMT
content-length
41383

Redirect headers

status
301
cache-control
no-store
content-type
text/html
expires
Sat, 15 May 1999 18:00:00 GMT
location
/rea/pop/de/cos/1/
server
Microsoft-IIS/10.0
set-cookie
ASPSESSIONIDCWCSTADB=EGEBGPAALOEDBLOMHBGEIJHF; secure; path=/
x-nid
W03
p3p
CP="CAO PSA OUR"
referrer-policy
origin
date
Wed, 12 Jun 2019 15:45:31 GMT
content-length
0
Adblocked style.css
promo.iredirect.net/rea/pop/de/cos/1/inc
43 KB
10 KB
Stylesheet
General
Full URL
https://promo.iredirect.net/rea/pop/de/cos/1/inc/style.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e80d3c9a194df8fea536c2885e52da61fb3229bff70d29541fd9edabe8974f9b
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 12 Apr 2019 00:24:53 GMT
server
Microsoft-IIS/10.0
etag
"8d3f26c6f0d41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
text/css
content-length
9795
Verified jquery.min.js
cdn.jsdelivr.net/npm/jquery@1.11.3/dist
94 KB
33 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Verified resource
flat-ui/2.3.0/js/vendor/jquery.min.js at cdnjs.com, project flat-ui
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 12 Jun 2019 15:45:33 GMT
content-length
33342
x-served-by
cache-ams21023-AMS, cache-fra19162-FRA
etag
W/"176f8-N7HbiLV0OPEHKo68dVnJCcnTpoI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
Verified jquery-migrate.min.js
cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist
10 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Verified resource
jquery-migrate/1.4.1/jquery-migrate.min.js at cdnjs.com, project jquery-migrate
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 12 Jun 2019 15:45:33 GMT
content-length
4014
x-served-by
cache-ams21024-AMS, cache-fra19162-FRA
etag
W/"2748-kFMq/21BIZVCVM3wSZTYNPfsFps"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
Adblocked common.js?1623-15
promo.iredirect.net/rea/shared
83 KB
22 KB
Script
General
Full URL
https://promo.iredirect.net/rea/shared/common.js?1623-15
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7f04427e198b626a2e07b3f34eb3951d43af997ac4bd5aafacf3cfcebf683d34
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 22 Mar 2019 06:11:12 GMT
server
Microsoft-IIS/10.0
etag
"0c06fc76e0d41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
application/javascript
content-length
22057
vjs-chat.js?1258-15
cdn.iredirect.net/webcdn/js
703 B
564 B
Script
General
Full URL
https://cdn.iredirect.net/webcdn/js/vjs-chat.js?1258-15
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
395248fa2a0de2257903418d5cf5c40d36a9e2ec04a5c5f3d9f8ca9b67ef7028

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
last-modified
Tue, 29 Aug 2017 01:40:54 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d74bda6720d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
481
shared.css
cdn.iredirect.net/webcdn/css/rea
15 KB
3 KB
Stylesheet
General
Full URL
https://cdn.iredirect.net/webcdn/css/rea/shared.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f91da1ed13eea40a9f415c77d9ba31b3ead2912055194d0cae1620d02d78be5c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
last-modified
Thu, 06 Dec 2018 01:26:34 GMT
server
Microsoft-IIS/10.0
etag
"0415eb928dd41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=300
accept-ranges
bytes
content-type
text/css
content-length
3344
modal.js
cdn.iredirect.net/webcdn/js/rea/shared
10 KB
3 KB
Script
General
Full URL
https://cdn.iredirect.net/webcdn/js/rea/shared/modal.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
last-modified
Thu, 24 Aug 2017 03:46:10 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0ad1d868b1cd31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
2686
cookieConsentCr.min.js?1258-15
cdn.iredirect.net/webcdn/js
35 KB
12 KB
Script
General
Full URL
https://cdn.iredirect.net/webcdn/js/cookieConsentCr.min.js?1258-15
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78060cb1b910e5c758b7c3d2817679577f278e20f36c231abf8751b154d5ad65

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
last-modified
Tue, 11 Dec 2018 21:49:52 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"00d729b91d41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
12355
Adblocked slick.css
promo.iredirect.net/rea/pop/en/cos/1/inc/slick
2 KB
835 B
Stylesheet
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:50 GMT
server
Microsoft-IIS/10.0
etag
"fa3cb092d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
text/css
content-length
745
Verified Adblocked slick-theme.css
promo.iredirect.net/rea/pop/en/cos/1/inc/slick
3 KB
1 KB
Stylesheet
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick-theme.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Verified resource
slick-carousel/1.6.0/slick-theme.css at cdnjs.com, project slick-carousel
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:49 GMT
server
Microsoft-IIS/10.0
etag
"af912392d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
text/css
content-length
1122
Verified spacer.gif
img.iredirect.net/webCDN/img/shared
43 B
160 B
Image
General
Full URL
https://img.iredirect.net/webCDN/img/shared/spacer.gif
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Mon, 18 Jun 2012 08:15:06 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"021f3772a4dcd1:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
43
spacer.gif
cdn.zxcdn.com/webcdn/img/rea/shared
1 KB
1 KB
Image
General
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/spacer.gif
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 27 Jun 2016 06:48:58 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"069d1fa3fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
1095
jquery-migrate-1.2.1.min.js
code.jquery.com
7 KB
3 KB
Script
General
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Jun 2019 15:45:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-1c1f"
Vary
Accept-Encoding
X-HW
1560354333.dop085.lo4.shc,1560354333.dop085.lo4.t,1560354333.cds067.lo4.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3063
Adblocked slick.min.js
promo.iredirect.net/rea/pop/en/cos/1/inc/slick
42 KB
14 KB
Script
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:53 GMT
server
Microsoft-IIS/10.0
etag
"ed09994d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
application/javascript
content-length
14346
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
3506
date
Wed, 12 Jun 2019 14:47:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 12 Jun 2019 16:47:07 GMT
Adblocked gtm.js?id=GTM-T5DCX9V
www.googletagmanager.com
115 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5DCX9V
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0b9cbf7055cb8c946da57368559de9aa7e49afc1f14f62d6ef4571872be1aea7
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
content-encoding
br
last-modified
Tue, 11 Jun 2019 17:47:43 GMT
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28607
x-xss-protection
0
expires
Wed, 12 Jun 2019 15:45:33 GMT
COS_Logo_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS
50 KB
50 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/COS/COS_Logo_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8539bcc762428650a59be971f9fd5ad5437e9a44d453e8c930026f30075f784d

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Mon, 04 Dec 2017 04:40:02 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03dacf2b96cd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
50917
rea-cosmo-main-bg_2x.jpg
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
215 KB
215 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-main-bg_2x.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d6abd1be6575bb3f08ccc7b60a590db97a936260e76b7bcd5dab8ebeae5cd3b7

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Mon, 15 Jan 2018 06:15:42 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03b5445c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
219664
rea-cosmo-arrow_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
6 KB
6 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-arrow_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ccfd427c3e03f6312b2f3afca94dd40627686cf3ccbbf90e74e7babc971a7a60

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Thu, 18 Jan 2018 22:04:24 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"064b94ca890d31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5905
rea-pop-cosmo-jackpot_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
141 KB
141 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-jackpot_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
eb446ef8d93ea926ae8dad8f69d1a478a7b9060a2d648f3fabd94a6dc87c8bd0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Tue, 16 Jan 2018 01:28:38 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0277055698ed31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
144495
rea-pop-cosmo-coins_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
42 KB
42 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-coins_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c56fe93045f66491a0e8d56b5f5c3dc37aaa740d0d6226e9b8beff2f959f4e25

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Mon, 15 Jan 2018 06:15:38 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e1f142c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
43332
CCC_Golden-ICE-jpot-spriteA.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/ccc/4
23 KB
23 KB
Image
General
Full URL
https://img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/CCC_Golden-ICE-jpot-spriteA.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Fri, 09 Sep 2016 03:41:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e6c8174cad21:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
23573
rea-pop-cosmo-winners-bg_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
601 KB
602 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-winners-bg_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2a8617d84f4081d573b74738564cd8f1f5b3149aeaaef29d90b41b0f9ca621c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Mon, 15 Jan 2018 06:15:36 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0b4c041c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
615610
rea-cosmo-glow_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
153 KB
153 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-glow_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dace7b643ec037293c1ce8e021f1813faaa636ce1a1728e3543fb599a9314d8

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Mon, 15 Jan 2018 06:15:40 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e2344c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
156621
Home_Winners-Left_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS
211 KB
212 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/COS/Home_Winners-Left_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e1b56e2b83eda26c98fa47d99bccf1632348a4f94e2461b13d08de086130ed71

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Fri, 12 Jan 2018 00:32:36 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0aae0d73c8bd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
216513
Home_Winners-Right_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS
235 KB
235 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/COS/Home_Winners-Right_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f6c42c54902dab7fef54e33dc4281ab2afe3c771d2931ae05d79bed33e51414c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
last-modified
Mon, 04 Dec 2017 04:40:02 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03dacf2b96cd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
240790
rea-cosmo-chips-left_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
54 KB
54 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-chips-left_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
27212ad263974166bef49756d99bb41b5218832c023ac8fc83810087c0bdfdd0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:32 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"05a5e3fc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
54975
rea-cosmo-chips-right_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
37 KB
37 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-chips-right_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
44669e67b0112f2ea5c77b2bae3ed0051b74a59af3d468b276ce31ceb30cd762

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:32 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"05a5e3fc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
37630
rea-pop-cosmo-points_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
277 KB
277 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-points_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cb6701973c82e6407b2992ad1cbf1320c99497317aa628d3e6b05ecda9f2adc0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:30 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"02d2d3ec88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
283306
rea-pop-cosmo-icons_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
13 KB
13 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-icons_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ff45daa7fe6d1cfaaaf09beec6faaee8eea968b916f66733ffe36c425c4b38d8

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:28 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"00fc3cc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
13361
rea-cosmo-mega-moolah_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
287 KB
287 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-mega-moolah_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f1e97059ff9de3566088b55db618dde61be88a270e1db3fc5d96ddb8f33a7fd6

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d3ca3bc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
293965
rea-cosmo-thunderstruck-ii.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
165 KB
165 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-thunderstruck-ii.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
19ba63d951dc6f2618cbc44c0f795951505a04f9fc956208a5fa6bd53dc883fd

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:46 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"095b647c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
169150
rea-cosmo-immoral-bromance.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
152 KB
152 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-immoral-bromance.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d31a04c41933c91617ca009151f0073f0a906ea27d14f5577c563576d7fe3992

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0c2e748c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
155553
rea-cosmo-avalon-ii.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
140 KB
140 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-avalon-ii.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d7edbc413d89bf05666d3e6622160ff785f31dd0a77cf138101e1e770c909750

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0c2e748c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
143691
rea-cosmo-millionaires-club.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
95 KB
95 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-millionaires-club.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6fc0cffeb439af51016e9b793f0011e99d24b4293949a4cd8c29ef0379058162

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 15 Jan 2018 06:15:44 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0688546c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
97348
norton.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages
3 KB
3 KB
Image
General
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/norton.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 27 Jun 2016 06:46:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d38a03fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2651
mcafee.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages
3 KB
3 KB
Image
General
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/mcafee.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 27 Jun 2016 06:46:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d38a03fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2877
secure-de.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages
3 KB
3 KB
Image
General
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/secure-de.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
59a39b60dbe3a3b2d8e44d1452cc3382ce19c8a17ae48bc2e6aa1344762845a6

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Mon, 27 Jun 2016 06:46:28 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03a69a13fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2734
footer-icons.fs8.png
cdn.zxcdn.com/webCDN/img/Shared
32 KB
32 KB
Image
General
Full URL
https://cdn.zxcdn.com/webCDN/img/Shared/footer-icons.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4c7cd5e07cc6ee4eb8857f7d224c56c439509bdfd74cbd21133447af07dec333

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
last-modified
Fri, 10 May 2019 04:17:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"bffc3b53e76d51:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
33111
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_v=j76&z=282412761&slf_rd=1&random=3869065159
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=258250091&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F&dr=https%253A%252F%252Fvfc4.ekwvzi.live%252F&ul=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_gid=274048781.1560354334&gjid=300147254&_v=j76&z=282412761
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_v=j76&z=282412761
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_v=j76&z=282412761&slf_rd=1&random=3869065159
42 B
120 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_v=j76&z=282412761&slf_rd=1&random=3869065159
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:45:33 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:45:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_v=j76&z=282412761&slf_rd=1&random=3869065159
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked collect?v=1&_v=j76&a=258250091&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F&dr=https%253A%252F%252Fvfc4.ekwvzi.live%252F&ul=en-us&de=UTF-8&dt=Cosmo%20Casino!...
www.google-analytics.com
35 B
109 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j76&a=258250091&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F&dr=https%253A%252F%252Fvfc4.ekwvzi.live%252F&ul=en-us&de=UTF-8&dt=Cosmo%20Casino!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=REA%20Page&ea=Load%20Success&el=rea%2Fpop%2Fde%2Fcos%2F1&_u=YEBAAEABC~&jid=&gjid=&cid=713316707.1560354334&tid=UA-85618867-1&_gid=274048781.1560354334&cd9=23635&cd34=de&cd83=geQRV7yo6UGUmx6JfkiR4O%2BxmfZmD7Hu9cYE8gapFCE%3D&cd85=5359_49266_22173_4408_57_23634_3-75393%7C3198834616%7C1b3510f8-8d29-11e9-96fa-89d8ba9c6155%7C1b3510f8-8d29-11e9-96fa-89d8ba9c6155%7C&cd89=wizfulladdress_https&cd90=pop_cos_1_2&cd91=wizfulladdress&cd124=catch_cos&cd125=1&cd126=1&cd127=2&cd128=COS&cd129=&cd130=&cd131=EMPTY&z=132991368
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 01 Jun 2019 08:39:32 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
975961
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ProgressiveJackpotTicker.min.js?_=1560354333343
cdn.iredirect.net/webcdn/js
2 KB
1 KB
Script
General
Full URL
https://cdn.iredirect.net/webcdn/js/ProgressiveJackpotTicker.min.js?_=1560354333343
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
155d2d0315dae7ca135de8db6ca1d8da3580b1f3851f034f8a60a0fd23f014b5

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:33 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 02:03:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"06bdd3f32dfd21:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
1215
Verified Adblocked slick.woff
promo.iredirect.net/rea/pop/en/cos/1/inc/slick/fonts
1 KB
1 KB
Font
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/fonts/slick.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Verified resource
slick-carousel/1.3.7/fonts/slick.woff at cdnjs.com, project slick-carousel
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://promo.iredirect.net/
Origin
https://promo.iredirect.net

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:58 GMT
server
Microsoft-IIS/10.0
etag
"e9cf4e97d190d31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
font/x-woff
content-length
1380
Verified Adblocked ajax-loader.gif
promo.iredirect.net/rea/pop/en/cos/1/inc/slick
4 KB
4 KB
Image
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/ajax-loader.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Verified resource
slick-carousel/1.3.7/ajax-loader.gif at cdnjs.com, project slick-carousel
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:45:32 GMT
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:48 GMT
server
Microsoft-IIS/10.0
etag
"4c245491d190d31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
image/gif
content-length
4178
?cultureName=de_EUR&callback=jQuery1113025652905301942575_1560354333344&_=1560354333345
api.zxcdn.com/ApiMgs.svc/GetProgressivesByCultureName
3 KB
1 KB
Script
General
Full URL
https://api.zxcdn.com/ApiMgs.svc/GetProgressivesByCultureName/?cultureName=de_EUR&callback=jQuery1113025652905301942575_1560354333344&_=1560354333345
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.188 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
/
Resource Hash
3ba7dd308bb11842a3a1a4767629d76b11e2bdf328873a7ba016dd175e2c35df

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:45:35 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
status
200
x-nid
W03
cache-control
no-cache
content-length
992
expires
-1

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://allsummerdresses.com/Y8Z1bD0O2.jspf?dthyXDccqRJPcvVZscccDnctcq859c7cNcbbbfs
  • http://smplewilld.com/r/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/
Request 1
  • https://smplewilld.com/r2/6f2e0024-b8e1-4f21-bfb4-52f7f25588e3/1_75805_2379482/1726_1808238_1767094_15/490635269/ce9531ed-e8d0-4c21-ac3f-92990b21c8c6/?fctr=0
  • https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269//?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6
Request 2
  • https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/1_75805_2379482/1726_1808238_1767094_15/490635269/1fe907e7-b215-46fb-9b57-16bd109216f7/?fctr=1&ptid=ce9531ed-e8d0-4c21-ac3f-92990b21c8c6&...
  • https://m1o6.safesslredir.company/?s1=1fe907e7-b215-46fb-9b57-16bd109216f7&s2=&kw=
  • https://vfc4.ekwvzi.live/?sov=3198834616&hid=csqgesoeggcemco&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd109216f7...
Request 3
  • https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=3198834616&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.1fe907e7%7C%7Cb215%7C%7C46fb%7C%7C9b57%7C%7C16bd10921...
  • https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|1b3510f8-8d29-11e9-96fa-89d8ba9c6155|1...
  • https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|1b3510f8-8d29-11e9-96fa-89d8ba9c6155|1b3510f8-8d29-11e9-96fa-89d8ba9c6155|&pop_up=1&url=/rea/pop/de...
  • https://promo.iredirect.net/rea/pop/de/cos/1/
Request 43
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=258250091&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F&dr=https%253A%252F%252Fvfc4.ekwvzi.live%252F&ul=...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_gid=274048781.1560354334&gjid=300147254&_v=j76&z=282412761
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_v=j76&z=282412761
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=713316707.1560354334&jid=92892968&_v=j76&z=282412761&slf_rd=1&random=3869065159

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| thisLang string| thisSiteCode string| thisBrand string| thisCategory string| thisVariation string| thisPath function| $ function| jQuery function| cross_domain_storage function| wopen function| checkCaptchaResponse number| d string| v number| formWS boolean| isCaptchaValidated object| respond boolean| priorEngage string| currency object| thisAffID string| siteTotalGames string| mobilesiteTotalGames string| decimalSeparator string| groupSeparator string| positivePattern string| decimalDigits string| isGDPR number| xit object| CookieConsentCr object| cookieconsent string| btag5 string| btag1 string| btag3 string| thisReferer string| __galab object| _loadGADATA function| isGoogleAnalyticsLoaded function| logGAEvent string| GoogleAnalyticsObject function| __gaTracker object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager boolean| blMatch object| jQuery1113025652905301942575 object| fm undefined| jQuery1113025652905301942575_1560354333344

3 Cookies

Domain/Path Name / Value
.iredirect.net/ Name: _gat
Value: 1
.iredirect.net/ Name: _gid
Value: GA1.2.274048781.1560354334
.iredirect.net/ Name: _ga
Value: GA1.2.713316707.1560354334

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js, Line 2, Column552
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://promo.iredirect.net/rea/pop/de/cos/1/, Line 126, Column50
Message:
Load Success

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

allsummerdresses.com
api.zxcdn.com
carblck.com
cdn.iredirect.net
cdn.jsdelivr.net
cdn.zxcdn.com
click.cr-brands.net
code.jquery.com
img.iredirect.net
m1o6.safesslredir.company
promo.iredirect.net
smplewilld.com
stats.g.doubleclick.net
vfc4.ekwvzi.live
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com


107.181.161.231
154.16.205.144
193.56.28.211
205.185.208.52
2a00:1450:4001:808::2003
2a00:1450:4001:809::200e
2a00:1450:4001:81b::2004
2a00:1450:4001:824::2008
2a00:1450:400c:c07::9b
2a04:4e42::621
38.68.135.16
65.98.48.235
66.212.229.139
66.212.229.144
66.212.229.188
66.212.229.189

0b9cbf7055cb8c946da57368559de9aa7e49afc1f14f62d6ef4571872be1aea7
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
155d2d0315dae7ca135de8db6ca1d8da3580b1f3851f034f8a60a0fd23f014b5
19ba63d951dc6f2618cbc44c0f795951505a04f9fc956208a5fa6bd53dc883fd
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
27212ad263974166bef49756d99bb41b5218832c023ac8fc83810087c0bdfdd0
395248fa2a0de2257903418d5cf5c40d36a9e2ec04a5c5f3d9f8ca9b67ef7028
3ba7dd308bb11842a3a1a4767629d76b11e2bdf328873a7ba016dd175e2c35df
44669e67b0112f2ea5c77b2bae3ed0051b74a59af3d468b276ce31ceb30cd762
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c7cd5e07cc6ee4eb8857f7d224c56c439509bdfd74cbd21133447af07dec333
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59a39b60dbe3a3b2d8e44d1452cc3382ce19c8a17ae48bc2e6aa1344762845a6
5c5823eb11e5b58ff08ddb25e8faa6b4d9c42ca5bae70dff1f63afa5afb8341b
64349d8bb838a978f61fa26109fb15b8c9535329d2f41a0ac646f5bf04276a8d
6fc0cffeb439af51016e9b793f0011e99d24b4293949a4cd8c29ef0379058162
78060cb1b910e5c758b7c3d2817679577f278e20f36c231abf8751b154d5ad65
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae
7f04427e198b626a2e07b3f34eb3951d43af997ac4bd5aafacf3cfcebf683d34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8539bcc762428650a59be971f9fd5ad5437e9a44d453e8c930026f30075f784d
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e
9dace7b643ec037293c1ce8e021f1813faaa636ce1a1728e3543fb599a9314d8
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051
c2a8617d84f4081d573b74738564cd8f1f5b3149aeaaef29d90b41b0f9ca621c
c56fe93045f66491a0e8d56b5f5c3dc37aaa740d0d6226e9b8beff2f959f4e25
cb6701973c82e6407b2992ad1cbf1320c99497317aa628d3e6b05ecda9f2adc0
ccfd427c3e03f6312b2f3afca94dd40627686cf3ccbbf90e74e7babc971a7a60
d31a04c41933c91617ca009151f0073f0a906ea27d14f5577c563576d7fe3992
d6abd1be6575bb3f08ccc7b60a590db97a936260e76b7bcd5dab8ebeae5cd3b7
d7edbc413d89bf05666d3e6622160ff785f31dd0a77cf138101e1e770c909750
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e1b56e2b83eda26c98fa47d99bccf1632348a4f94e2461b13d08de086130ed71
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e80d3c9a194df8fea536c2885e52da61fb3229bff70d29541fd9edabe8974f9b
eb446ef8d93ea926ae8dad8f69d1a478a7b9060a2d648f3fabd94a6dc87c8bd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e97059ff9de3566088b55db618dde61be88a270e1db3fc5d96ddb8f33a7fd6
f6c42c54902dab7fef54e33dc4281ab2afe3c771d2931ae05d79bed33e51414c
f91da1ed13eea40a9f415c77d9ba31b3ead2912055194d0cae1620d02d78be5c
ff45daa7fe6d1cfaaaf09beec6faaee8eea968b916f66733ffe36c425c4b38d8