Submitted URL: http://mens-superhealth.com/5409hq17801641tt7095qh22464ja1487yc1984rr
Effective URL: https://vfc4.ekwvzi.live/?sov=3198834616&hid=dljppjflfpltfhdp&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=122...
Submission: On June 11 via api from BE

Summary

This website contacted 3 IPs in 3 countries across 5 domains to perform 4 HTTP transactions. The main IP is 154.16.205.144, located in Los Angeles, United States and belongs to NEXEON - Nexeon Technologies, Inc., US. The main domain is vfc4.ekwvzi.live.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 29th 2019. Valid for: 3 months.
This is the only time vfc4.ekwvzi.live was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 51.15.190.107 12876 (AS12876)
2 4 65.98.48.235 25653 (FORTRESSITX)
1 1 193.56.28.211 197226 (SPRINT-SDC)
1 154.16.205.144 20278 (NEXEON)
4 3
Apex Domain
Subdomains
Transfer
4 carblck.com
carblck.com
3 KB
1 ekwvzi.live
vfc4.ekwvzi.live
10 KB
1 safesslredir.company
m1o6.safesslredir.company
514 B
1 mens-superhealth.com
mens-superhealth.com
348 B
0 iredirect.net Failed
promo.iredirect.net Failed
4 5
Domain Requested by
4 carblck.com 2 redirects carblck.com
1 vfc4.ekwvzi.live carblck.com
1 m1o6.safesslredir.company 1 redirects
1 mens-superhealth.com 1 redirects
0 promo.iredirect.net Failed vfc4.ekwvzi.live
4 5

This site contains no links.

Subject Issuer Validity Valid
carblck.com
Let's Encrypt Authority X3
2019-04-23 -
2019-07-22
3 months crt.sh
*.ekwvzi.live
Let's Encrypt Authority X3
2019-05-29 -
2019-08-27
3 months crt.sh

This page contains 1 frames:

Frame: https://promo.iredirect.net/rea/pop/de/cos/1/
Frame ID: 756E9FB33133B4B2911935219F2DE2C4
Requests: 4 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://mens-superhealth.com/5409hq17801641tt7095qh22464ja1487yc1984rr HTTP 302
    http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641 Page URL
  2. https://carblck.com/r2/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641/8c15eee4-9771-4f21-... HTTP 302
    https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15ee... Page URL
  3. https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641/b70c5fe4-4e1d-4c80-... HTTP 302
    https://m1o6.safesslredir.company/?s1=b70c5fe4-4e1d-4c80-8c9f-351a54db1426&s2=&kw= HTTP 302
    https://vfc4.ekwvzi.live/?sov=3198834616&hid=dljppjflfpltfhdp&&cntrl=00000&pid=10044&redid=75393&gsid... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

4
Requests

50 %
HTTPS

0 %
IPv6

5
Domains

5
Subdomains

3
IPs

3
Countries

11 kB
Transfer

3 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mens-superhealth.com/5409hq17801641tt7095qh22464ja1487yc1984rr HTTP 302
    http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641 Page URL
  2. https://carblck.com/r2/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641/8c15eee4-9771-4f21-9efd-771f63744d8f/?fctr=0 HTTP 302
    https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f Page URL
  3. https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641/b70c5fe4-4e1d-4c80-8c9f-351a54db1426/?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f&red_param_1=http%3A%2F%2Fcarblck.com%2Fr%2F1267784a-3ca4-4ada-a081-40e910dbfdec%2F54%2F5409%2F17801641&fctr=1 HTTP 302
    https://m1o6.safesslredir.company/?s1=b70c5fe4-4e1d-4c80-8c9f-351a54db1426&s2=&kw= HTTP 302
    https://vfc4.ekwvzi.live/?sov=3198834616&hid=dljppjflfpltfhdp&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.b70c5fe4%7C%7C4e1d%7C%7C4c80%7C%7C8c9f%7C%7C351a54db1426-r75393-t488&impid=c12e79e6-8c60-11e9-8f3f-aa1f778d2780 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://mens-superhealth.com/5409hq17801641tt7095qh22464ja1487yc1984rr HTTP 302
  • http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641
Request Chain 1
  • https://carblck.com/r2/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641/8c15eee4-9771-4f21-9efd-771f63744d8f/?fctr=0 HTTP 302
  • https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f
Request Chain 2
  • https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=3198834616&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.b70c5fe4%7C%7C4e1d%7C%7C4c80%7C%7C8c9f%7C%7C351a54db1426-r75393-t488&impid=c12e79e6-8c60-11e9-8f3f-aa1f778d2780&tov=680782 HTTP 302
  • https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|ca92db3a-8c60-11e9-a8b7-29df513cd0f8|ca92db3a-8c60-11e9-a8b7-29df513cd0f8| HTTP 301
  • https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|ca92db3a-8c60-11e9-a8b7-29df513cd0f8|ca92db3a-8c60-11e9-a8b7-29df513cd0f8|&pop_up=1&url=/rea/pop/de/cos/1&v=2&seg=49266&lid=215864 HTTP 301
  • https://promo.iredirect.net/rea/pop/de/cos/1/

4 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
17801641
carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/
Redirect Chain
  • http://mens-superhealth.com/5409hq17801641tt7095qh22464ja1487yc1984rr
  • http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641
691 B
855 B
Document
General
Full URL
http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641
Protocol
HTTP/1.1
Server
65.98.48.235 , United States, ASN25653 (FORTRESSITX - FortressITX, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Host
carblck.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 11 Jun 2019 15:51:11 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
5ce095db-e084-41df-9146-4541d794da47=8c15eee4-9771-4f21-9efd-771f63744d8f; Version=1; Expires=Wed, 12-Jun-2019 15:51:11 GMT; Max-Age=86400; Domain=carblck.com; Path=/ 5ce095db-e084-41df-9146-4541d794da47-check=8c15eee4-9771-4f21-9efd-771f63744d8f; Version=1; Expires=Tue, 11-Jun-2019 16:01:11 GMT; Max-Age=600; Domain=carblck.com; Path=/
Cache-Control
no-cache
Expires
Tue, 11 Jun 2019 15:51:11 GMT
Content-Encoding
gzip

Redirect headers

Date
Tue, 11 Jun 2019 15:51:10 GMT
Server
Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.4.16
X-Powered-By
PHP/5.4.16
location
http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
/
carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//
Redirect Chain
  • https://carblck.com/r2/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641/8c15eee4-9771-4f21-9efd-771f63744d8f/?fctr=0
  • https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f
843 B
951 B
Document
General
Full URL
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f
Requested by
Host: carblck.com
URL: http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
65.98.48.235 , United States, ASN25653 (FORTRESSITX - FortressITX, US),
Reverse DNS
Software
nginx /
Resource Hash
fe2dd2d928638ac2ee4f03af9e033fa9600f01a757bfa478ea5343e12d105247

Request headers

Host
carblck.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://carblck.com/r/1267784a-3ca4-4ada-a081-40e910dbfdec/54/5409/17801641

Response headers

Server
nginx
Date
Tue, 11 Jun 2019 15:51:19 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
set-cookie
8e4d8882-511a-4735-b38f-b657767e925e=b70c5fe4-4e1d-4c80-8c9f-351a54db1426; Version=1; Expires=Thu, 11-Jul-2019 15:51:19 GMT; Max-Age=2592000; Domain=carblck.com; Path=/ 8e4d8882-511a-4735-b38f-b657767e925e-check=b70c5fe4-4e1d-4c80-8c9f-351a54db1426; Version=1; Expires=Tue, 11-Jun-2019 16:01:19 GMT; Max-Age=600; Domain=carblck.com; Path=/
Cache-Control
no-cache
Expires
Tue, 11 Jun 2019 15:51:19 GMT
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 11 Jun 2019 15:51:18 GMT
Content-Length
149
Connection
keep-alive
Location
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f
Cache-Control
no-cache
Expires
Tue, 11 Jun 2019 15:51:18 GMT
Primary Request Cookie set /
vfc4.ekwvzi.live/
Redirect Chain
  • https://carblck.com/r2/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641/b70c5fe4-4e1d-4c80-8c9f-351a54db1426/?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f&red_param_1=http%3A%2F%2Fcarblck....
  • https://m1o6.safesslredir.company/?s1=b70c5fe4-4e1d-4c80-8c9f-351a54db1426&s2=&kw=
  • https://vfc4.ekwvzi.live/?sov=3198834616&hid=dljppjflfpltfhdp&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.b70c5fe4%7C%7C4e1d%7C%7C4c80%7C%7C8c9f%7C%7C351a54db142...
2 KB
10 KB
Document
General
Full URL
https://vfc4.ekwvzi.live/?sov=3198834616&hid=dljppjflfpltfhdp&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.b70c5fe4%7C%7C4e1d%7C%7C4c80%7C%7C8c9f%7C%7C351a54db1426-r75393-t488&impid=c12e79e6-8c60-11e9-8f3f-aa1f778d2780
Requested by
Host: carblck.com
URL: https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
154.16.205.144 Los Angeles, United States, ASN20278 (NEXEON - Nexeon Technologies, Inc., US),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
vfc4.ekwvzi.live
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://carblck.com/r/29e028de-409a-4a78-8317-2efe4b5cb991/54/5409/17801641//?fctr=1&ptid=8c15eee4-9771-4f21-9efd-771f63744d8f

Response headers

Date
Tue, 11 Jun 2019 15:51:35 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=DWmIkprxIu4FXl49Z8bkZP6vE3RF1gRxsOpIJlQguWgAEgsBugUWlK9Ed1kDpU%2F%2B6yWSDO%2FR2DX73g3BoJSalL0Cf1P2sM%2BsN9nfj5G4zhXLlQt2eRrM3dZpeDTUyL2Ud5DxNV60Ixx0j7QJ7etgA50LE9WKusH6IVc3RZhxj57UIUivGMojuV7Co3mbAnorBW1AixgO9xJMK8EB6d0sQIsjZSSdaJPNP3gCeYmoHOzWaD6ua5KwkmpLcQCuBsY83slbgRx3i3SVg0Mo5DiSyon2m7HNjVbIeq35CNaQT0z%2BLXbi4Ge6HIPCbhEByRewwNE0%2BO4DiHEH5UEv1N82yVxmFLQ%2F58GnolLUbCE%2B5Gaa%2FcB%2BOYnOaZDhJNmAhKJT6uSXHJ3Ihn47Ham%2FaobP1GWB8zd1fJZI%2FU8z%2FopKpqZ1i0cikoGL%2FDCTbZUCJEY6uNJSfGA6C5KWXaU7ZYnHfg%3D%3D; expires=Wed, 12-Jun-2019 15:51:35 GMT; Max-Age=86400; path=/; domain=.vfc4.ekwvzi.live click_id_c12e79e6-8c60-11e9-8f3f-aa1f778d2780=ca92db3a-8c60-11e9-a8b7-29df513cd0f8 id=XNSX.b70c5fe4%7C%7C4e1d%7C%7C4c80%7C%7C8c9f%7C%7C351a54db1426-r75393-t488; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live SITE_ID=3198834616; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live sov=3198834616; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live mov=noprelanders.mini; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live redid=75393; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live campaign_id=1228; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live gsid=488; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live pid=10044; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live impid=c12e79e6-8c60-11e9-8f3f-aa1f778d2780; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live URI=sov%3D3198834616%26hid%3Ddljppjflfpltfhdp%26%26cntrl%3D00000%26pid%3D10044%26redid%3D75393%26gsid%3D488%26campaign_id%3D1228%26p_id%3D10044%26id%3DXNSX.b70c5fe4%257C%257C4e1d%257C%257C4c80%257C%257C8c9f%257C%257C351a54db1426-r75393-t488%26impid%3Dc12e79e6-8c60-11e9-8f3f-aa1f778d2780; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live templateid=3329; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live path=redirect; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live version=680782; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][expand_enable]=-1; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][alert_enable]=0; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][audio_enable]=0; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][pop_enable]=0; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][expand_enable]=-1; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][alert_enable]=0; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][audio_enable]=0; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[680782][pop_enable]=0; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live content=680782; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live token=4908b9c31fa1a309152699235710671d; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live rpm=98; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live log_3198834616=1; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live token=4908b9c31fa1a309152699235710671d; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live rpm=98; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live payload=4e05d702cebb5160001ab3bdc1a0227de94e4f98efea8bed644d5122405d493f122d63499d885dab07c06926c9b90c6324d52710d84868cd399cd45b8acff7f1c1e98adb7f4577cdd20db4593d4203596caffaf8e36c997a12e9dd6208b99ce983b40505706af1c0e40bd6da78f5db046b900d20f5a45ee09edf167126ccee0775a4c50df848873f4e963106a5724b2484824de11a9f131d2e3d57708453984fbaa5de0db8574977acc9ebb05ca427648889cf08299e5b45e33de35d792bbb677d943b87e40dc985006c696baa413a4b8831df13adef15f659afd344b67aed10b81ef7b8f61256876e3ad7686970e3f69736d43994b9393c0e3efef2fb7b7453c3e7f6d25bc512b4c60be5c035ee25f7d2d8fe96820167defca19e525c48dad7dfc10e36478814d5cb982dc2e2c48ead552764ae2a055857208ca446c6c28ebdb1ffc7a1d95876dc8814bef16c8a66468668328142f17e3650011f5a399d87f80b4783e0df3a07fc9370b7aef6e154596df15343589f613fd3e43743dfdd41dc1bb0623560ca72c7655857d18069d3026a700679e9e42a26479a392ec15c24edbb13c94cd7315afdc2f475a75903a6ad63547056c64679cf1ae473893bd9db5c7ce9103f25809c67c5fcd08076ec5246ccea490a664254baaea7b75d813b7aef42489ff42e32a9ba8b2545d8aca8024f7b7163fd03a226b839b373bd246ec03f65174e2eb8406beb8494b37119a5b357012a7407a50a18b524b36090787eac369283dc2d82c7d2b68d44a9d133d9ec387ec7b9d97800db5675b73b64f9f63ae3e7a31045a71f3ea9b316610b2a43ace51ae89d0c9e4f1a3f85d109605c4fee2e5a57e21d5665e0a23bad78fbcf7114dd9d681f7e1264c539d3a9545bd67b60fdfc7ca5ca816879463206a9a0cb95609560338ac1ea13a2c406eefcf2272b800ee61c644ed83f02043af17b2afa4254c9dc112075bea2b87369f58c6cce7491eef46be90e42b93c0c1a9308d1ade168a75f41b35f1b17a2aafdee1cf99cb4e05beb9a8a0659f7f6309fd5f7e5d0067f03666f62f3bbb5b50227217ddabadd49636468525753766563b7de0e496eeaa5e5954b0bea796ba49d839a779c8054de03c1e935b00a745b988cc2a0709ccad52e67957d2e594325f2c7e74185a5205dbddb0e8af33ec8b2fece99ed1e60c9dd869b045c59fe7de52f3cb9a569df89fc1fe58eb9510ea889f54ac89bfab2e280ab5e463a4daf3f77d2f076a0018a5ff41a06e9ad89a52cfbcb4e708f8424c4b39dfad5b4f66e966eca2232222cd6388c330c5bd363aff6c5ce079325ff97594ec266d0d8c220203edd5a806364bf02ab308edc64bbd89fd053ad4989cc915494e97185dd6eeee62a73332b55cf61f8c4f581c4b3e0b9d4e3b4d81ffd5a39777b73f5059453325ee6b7fc05f5787f2edfbb2ce7db19e394f9c3a1083efd17b27a2c256c99437c57dc401d78fbd02e7dd65774ecc9db8c684d3b03db7ce149a53fa1b03c6ac5a73c796d6f84a05a6a0bee3256cc2fc7c933cd6bad5d211c04ccce0bc72af75d30a14891ffc4ee6a2890a17314a005fad37c44af668cb520f5ff3749da7e4995a1a264a2c54e8c8ab8aae853820e6e9bec49b9ef8a818a37b6827c4f526c4784849fe35058f42fd478a032d86254ed75d29eb36d859bbaf8c5f1ccec9747ae69a2d8e5573438d00cf21f62c907d429a21a77481b6c6b2c45d31552ff51c8404e384dd8f91e52890670a9afd5119f29008347cfa6ee; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live payloadIV=1cb46b8db68013a81a4a3d7138af13f8; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live init_ev=0; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live id=XNSX.b70c5fe4%7C%7C4e1d%7C%7C4c80%7C%7C8c9f%7C%7C351a54db1426-r75393-t488; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live SITE_ID=3198834616; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live sov=3198834616; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tov=680782; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live mov=noprelanders.mini; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live redid=75393; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live campaign_id=1228; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live gsid=488; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live pid=10044; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.vfc4.ekwvzi.live impid=c12e79e6-8c60-11e9-8f3f-aa1f778d2780; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live tags[3329][iframe_enable]=0; expires=Wed, 12-Jun-2019 15:53:15 GMT; Max-Age=86500; path=/; domain=.vfc4.ekwvzi.live mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Source
Mini
X-Rot
680782
X-Sov
3198834616
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Tue, 11 Jun 2019 15:51:19 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
c12e79e6-8c60-11e9-8f3f-aa1f778d2780
Location
https://vfc4.ekwvzi.live/?sov=3198834616&hid=dljppjflfpltfhdp&&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.b70c5fe4%7C%7C4e1d%7C%7C4c80%7C%7C8c9f%7C%7C351a54db1426-r75393-t488&impid=c12e79e6-8c60-11e9-8f3f-aa1f778d2780
Set-Cookie
redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
/
promo.iredirect.net/rea/pop/de/cos/1/
Redirect Chain
  • https://vfc4.ekwvzi.live/ITS458yukon25plusDE.html?sov=3198834616&cntrl=00000&pid=10044&redid=75393&gsid=488&campaign_id=1228&p_id=10044&id=XNSX.b70c5fe4%7C%7C4e1d%7C%7C4c80%7C%7C8c9f%7C%7C351a54db1...
  • https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|ca92db3a-8c60-11e9-a8b7-29df513cd0f8|c...
  • https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-75393|3198834616|ca92db3a-8c60-11e9-a8b7-29df513cd0f8|ca92db3a-8c60-11e9-a8b7-29df513cd0f8|&pop_up=1&url=/rea/pop/de...
  • https://promo.iredirect.net/rea/pop/de/cos/1/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
promo.iredirect.net
URL
https://promo.iredirect.net/rea/pop/de/cos/1/

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

carblck.com
m1o6.safesslredir.company
mens-superhealth.com
promo.iredirect.net
vfc4.ekwvzi.live
promo.iredirect.net
154.16.205.144
193.56.28.211
51.15.190.107
65.98.48.235
fe2dd2d928638ac2ee4f03af9e033fa9600f01a757bfa478ea5343e12d105247