Submitted URL: https://sumo.com/sumomail/click/2c13f129-d237-466f-8620-fe842e6bac01?href=https://taz.oss-eu-west-1.aliyuncs.com/rvxp20.html
Effective URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Submission: On June 12 via api from BE

Summary

This website contacted 11 IPs in 6 countries across 16 domains to perform 48 HTTP transactions.
The main IP is 66.212.229.139, located in United States and belongs to CL-1379-14537 - Continent 8 LLC, US. The main domain is promo.iredirect.net.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on March 1st 2018. Valid for: 2 years.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
1 1 54.200.150.117 16509 (AMAZON-02)
1 8.208.40.172 45102 (CNNIC-ALI...)
1 1 35.204.107.25 15169 (GOOGLE)
1 1 191.101.164.106 61317 (ASDETUK h...)
1 1 93.188.166.8 47583 (AS-HOSTINGER)
1 2 118.184.32.4 137443 (ANCHGLOBA...)
1 1 66.212.229.144 14537 (CL-1379-1...)
1 9 66.212.229.139 14537 (CL-1379-1...)
2 2a04:4e42::621 54113 (FASTLY)
29 66.212.229.189 14537 (CL-1379-1...)
1 205.185.208.52 20446 (HIGHWINDS3)
2 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 66.212.229.188 14537 (CL-1379-1...)
48 11
Domain
Subdomains
Transfer
33 iredirect.net
cdn.iredirect.net Failed
3 MB
6 zxcdn.com
43 KB
3 google-analytics.com
18 KB
2 google.de
218 B
2 google.com
358 B
2 doubleclick.net
320 B
2 jsdelivr.net
37 KB
2 kktgi.company
14 KB
1 googletagmanager.com
28 KB
1 jquery.com
3 KB
1 cr-brands.net
434 B
1 bestdealsonline.company
554 B
1 nockenvisi.com
284 B
1 aptrk10.com
549 B
1 aliyuncs.com
642 B
1 sumo.com
424 B
48 16
Domain Requested by
22 cdn.iredirect.net promo.iredirect.net
cdn.jsdelivr.net
9 promo.iredirect.net 1 redirects 31xyi0g.kktgi.company
promo.iredirect.net
cdn.jsdelivr.net
5 cdn.zxcdn.com promo.iredirect.net
3 www.google-analytics.com 2 redirects promo.iredirect.net
2 www.google.de promo.iredirect.net
2 www.google.com 2 redirects
2 stats.g.doubleclick.net 2 redirects
2 img.iredirect.net promo.iredirect.net
2 cdn.jsdelivr.net promo.iredirect.net
2 31xyi0g.kktgi.company 1 redirects taz.oss-eu-west-1.aliyuncs.com
1 api.zxcdn.com cdn.jsdelivr.net
1 www.googletagmanager.com promo.iredirect.net
1 code.jquery.com promo.iredirect.net
1 click.cr-brands.net 1 redirects
1 kq6.bestdealsonline.company 1 redirects
1 go.nockenvisi.com 1 redirects
1 aptrk10.com 1 redirects
1 taz.oss-eu-west-1.aliyuncs.com
1 sumo.com 1 redirects
48 19
Subject / Issuer Validity Valid
*.oss.aliyuncs.com
GlobalSign Organization Validation CA - SHA256 - G2
2018-11-30 -
2019-12-01
a year
*.kktgi.company
Let's Encrypt Authority X3
2019-05-10 -
2019-08-08
3 months
*.iredirect.net
COMODO RSA Domain Validation Secure Server CA
2018-03-01 -
2020-02-29
2 years
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3
2019-05-29 -
2020-04-23
a year
*.zxcdn.com
COMODO ECC Domain Validation Secure Server CA
2017-08-30 -
2019-09-06
2 years
jquery.org
COMODO RSA Domain Validation Secure Server CA
2018-10-17 -
2020-10-16
2 years
*.google-analytics.com
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months
www.google.de
Google Internet Authority G3
2019-05-21 -
2019-08-13
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i

Web
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i

Web
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

48 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
rvxp20.html?sumo_email_id=2c13f129-d237-466f-8620-fe842e6bac01&utm_campaign=sumo-email
taz.oss-eu-west-1.aliyuncs.com
Redirect Chain
  • https://sumo.com/sumomail/click/2c13f129-d237-466f-8620-fe842e6bac01?href=https://taz.oss-eu-west-1.aliyuncs.com/rvxp20.html
  • https://taz.oss-eu-west-1.aliyuncs.com/rvxp20.html?sumo_email_id=2c13f129-d237-466f-8620-fe842e6bac01&utm_campaign=sumo-email
180 B
642 B
Document
General
Full URL
https://taz.oss-eu-west-1.aliyuncs.com/rvxp20.html?sumo_email_id=2c13f129-d237-466f-8620-fe842e6bac01&utm_campaign=sumo-email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.208.40.172 , United Kingdom, ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba (US) Technology Co., Ltd., CN),
Reverse DNS
Software
AliyunOSS /
Resource Hash
d1f1de7a65e1722282a658bc00fb0236301efdc603f7f52f7fd1252e197c9b1e

Request headers

Host
taz.oss-eu-west-1.aliyuncs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
AliyunOSS
Date
Wed, 12 Jun 2019 15:51:36 GMT
Content-Type
text/html
Content-Length
180
Connection
keep-alive
x-oss-request-id
5D011F88A377E326ED8A5401
Accept-Ranges
bytes
ETag
"59EB6F09AC8EDEBD6753EE938268235C"
Last-Modified
Sat, 08 Jun 2019 18:38:57 GMT
x-oss-object-type
Normal
x-oss-hash-crc64ecma
15157794495970321576
x-oss-storage-class
Standard
Content-MD5
WetvCayO3r1nU+6TgmgjXA==
x-oss-server-time
1

Redirect headers

status
302
server
nginx/1.12.1
date
Wed, 12 Jun 2019 15:51:35 GMT
content-type
text/html; charset=UTF-8
content-length
302
x-frame-options
SAMEORIGIN
location
https://taz.oss-eu-west-1.aliyuncs.com/rvxp20.html?sumo_email_id=2c13f129-d237-466f-8620-fe842e6bac01&utm_campaign=sumo-email
vary
Accept, Accept-Encoding
set-cookie
__smSessionId=s%3A8PwASQkwENvVjQ0bjYxbUGVW.wDET%2Bw81nTARXZcBoe3KL8Li3dxRZ0OndeWaUOkEoXA; Path=/; Expires=Thu, 13 Jun 2019 00:37:11 GMT; HttpOnly
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Cookie set ?sov=4243658731&hid=cesqgmkgkgcemco&fallback=15&cntrl=00000&pid=584&redid=74633&gsid=488&campaign_id=1228&p_id=584&id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3A%3A1560354696.60%7C%7C161229585%7...
31xyi0g.kktgi.company
Redirect Chain
  • https://aptrk10.com/?a=1262&oc=8426&c=24304&m=3&s1=sk
  • http://go.nockenvisi.com/ts5475-international-general
  • http://kq6.bestdealsonline.company/?kw=ts5475-international-general&s1=ts5475-international-general&s2=1560354696.60-161229585-0-&s3=&fallback=15
  • https://31xyi0g.kktgi.company/?sov=4243658731&hid=cesqgmkgkgcemco&fallback=15&cntrl=00000&pid=584&redid=74633&gsid=488&campaign_id=1228&p_id=584&id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3A%3A...
2 KB
10 KB
Document
General
Full URL
https://31xyi0g.kktgi.company/?sov=4243658731&hid=cesqgmkgkgcemco&fallback=15&cntrl=00000&pid=584&redid=74633&gsid=488&campaign_id=1228&p_id=584&id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3A%3A1560354696.60%7C%7C161229585%7C%7C0%7C%7C-r74633-t488&impid=f6e26a42-8d29-11e9-aef2-4e4e3e1c4387
Requested by
Host: taz.oss-eu-west-1.aliyuncs.com
URL: https://taz.oss-eu-west-1.aliyuncs.com/rvxp20.html?sumo_email_id=2c13f129-d237-466f-8620-fe842e6bac01&utm_campaign=sumo-email
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
118.184.32.4 , China, ASN137443 (ANCHGLOBAL-AS-AP Anchnet Asia Limited, HK),
Reverse DNS
Software
/
Resource Hash

Request headers

Host
31xyi0g.kktgi.company
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Jun 2019 15:51:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
P3P
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Set-Cookie
ci_session=sfDX4EF%2F5cX%2Bq77nwsHnJ%2FcB0NeYY17KQqSKzj1VYMfWPEmAXpUBlkiITuFJcobTSQYzyw8F4R0%2BjMvOm2QG%2F25SfEs45QUcBM0QI5nYqKm4TT1m6GSbez7B%2FsfFTSzirErJrZIgy1cLqgzRwo%2BBLO90CySHtgMijgzKLKPwlDL8rGmWGGs0BYMQ4620rn2BvoNljRIYFt4F7T08OWL83ICWUVX1Z91QmyoxWjoUfMmHzclJXUuRBZEjYz9SRa0AIilgpf0baxmTjzZuClhnYm2icrVvaogyM7dmU5W8iLvHSCsNrWTdB9tSaSsDEkFGigbwi8CKKzbWVgBHPSPjK6gnDaUOuDDHWWwIr3no2%2BCCSQLDHiebI6tagWLxSQ28F2BSuUB5VPG8ipBIb0KSSWkwwK1PdYQP0Bg3SOhmpYDGxOeCbdwIdIvB74IBSxcKcOU0bsyzC80xLdN9G6k1Bg%3D%3D; expires=Thu, 13-Jun-2019 15:51:40 GMT; Max-Age=86400; path=/; domain=.31xyi0g.kktgi.company click_id_f6e26a42-8d29-11e9-aef2-4e4e3e1c4387=f7e25e02-8d29-11e9-a958-69da23ea9805 id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3A%3A1560354696.60%7C%7C161229585%7C%7C0%7C%7C-r74633-t488; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company SITE_ID=4243658731; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company sov=4243658731; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tov=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.31xyi0g.kktgi.company mov=noprelanders.mini; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company redid=74633; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company campaign_id=1228; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company gsid=488; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company pid=584; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.31xyi0g.kktgi.company impid=f6e26a42-8d29-11e9-aef2-4e4e3e1c4387; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company URI=sov%3D4243658731%26hid%3Dcesqgmkgkgcemco%26fallback%3D15%26cntrl%3D00000%26pid%3D584%26redid%3D74633%26gsid%3D488%26campaign_id%3D1228%26p_id%3D584%26id%3DXNSX.ts5475%257C%257Cinternational%257C%257Cgeneral%253A%253A1560354696.60%257C%257C161229585%257C%257C0%257C%257C-r74633-t488%26impid%3Df6e26a42-8d29-11e9-aef2-4e4e3e1c4387; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company templateid=3329; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company path=redirect; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company version=680782; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[3329][expand_enable]=-1; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[3329][alert_enable]=0; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[3329][audio_enable]=0; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[3329][pop_enable]=0; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[680782][expand_enable]=-1; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[680782][alert_enable]=0; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[680782][audio_enable]=0; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[680782][pop_enable]=0; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company content=680782; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company token=cf485b1cf8a7d9d64d07f12fc09a9929; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company rpm=67; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company log_4243658731=1; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company token=cf485b1cf8a7d9d64d07f12fc09a9929; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company rpm=67; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company payload=7a7b2b27e59adc33d575ec9a76d5610395a768fe47980810c7ce4978a5b9b34f5cbec15fd800385facd657f2601071de82a8cace207db0a5108336e8661f5b4fdebbd4a0b25e9d18f7816486ad4919cb9cedb70d75da7849b45e811662fca55e2931ae84bf4b32da395a2a60a7e8e619c0402b943533c553874a3b96e6355d030caa001f4b1163a7548a9b5543d8f70c0fbd80b1d16773add61eaa03da4fe0b646bed8c8f55338706e6b3a7abb54636df47659e146136cc13fee9d6b2fabde7dca56663a91a51e9cc192d5c895332b9a39185b6a784ea30e6279e227ab40ccff72958aaf23cd98e64bcf29304d11fb6b17f1c870266b0e99bea6c544692b008d77a8b079e157b329120653a7f6f23e5c33161dab0a59b440d2e8dd7134f6f5405ef0d71ce3832cee6f4a1d5689799392a143abea702f1936ba998ffecaa27a4073f7313b8f814a9af6153f3f3bf1a226f82dd196606edb3a803488814f2553ca71e7468029424806e1f499d7217d821c9bf4063e2798ccec8f559c71794939052259ad3415e3619bf37ba8424331338d7dd3315553d2d1b26a507a9baa29189bada2538c929a60e480bba6eb624ff12dfe2ee8e9f712f2f2cd37c97a432a4d831bfb9b6ad5fe60d06dff427d9e53218d559694919ab7c444920c9da8fd78936b36b98d53d906226e4120650ccaa7bc4087ad80efe0e1f418882060bbdaa6569ae55638e78ffe324481a5284a0212a90f111157f5b7348ac268c6a7bae255933ecab48c85580eee6c36ff1aa607ac09816a05b2c7fa97c63f88d107f3d7e2fd8186567865215e1fa2f0a48f4f90da66f3534f71a3d90d1307a5cd4a6e12f4c8a0c17b289aaee6b51147cf458d504793130efe9f8f489d97709c9f522a661d6e4f39e89774f0bddf4f84f1415430d43daa35ba2c317db25f4ea93a6029ec321669ebb16492f49f5ded43bc2518622ed802692dbe1dcb924805d343d6b7116685763f1dc0e1e6cd3abd73c1b63a9ef9afd9c90b49a28d4f0f5c4f937ef669541f0494c06e49ddd5a1b73ed5a7c01ccf6b46259705c5a7a3c899a136b31d9d24feab3f2f98c0e1f1adb9bedb04a323e04017cedcaba1f17b64133389d65491383d13ac63a1255c4fe034c0a8819e8db10ec386b23c3d0fce2285302c1959ec09eedd8c5b490dfe7fa79c1619c67d45dc473da386e1778475e56be6368c7821dfea3a9e42f8d7611027aed6f4d599c42642ff46f67f4f429d6ec109b849b075a2ed3b42e00018b8c13ad6d003456e9db6440618780bc387e7970f6fe0e4fb6d7c0efedd4c049aa89e1ac7d8c85b1b0b7e5623ff7316b7977521c28ef901e524151a319d8d818218e9b7782756b6b6a01c3afd4b390bb596ade4ce3f6f9df8178d9b59d5548bdad6c1842d0cc35c3a4e991afbdc8210e33ad3c705b6d45d3425686a54ed80d6fcfe452a2bb504fb149e862ce359a62167e2adad52d1c71589516ba0f8d70b015b586a3a0f925d23943e74d36ff05ee382d024fb689e47cb6c19026b68879c8ac23d0b982b0fd4202293a5149ac649dbcc63457c6b21d66ca0d46512ff8111c54a592b9968d985e70fbe2380676852d19cf880a54690f5aa2ef0f7584f6a21c56375638ed903b1f0b0620cdbc0f97343e452863edc4b7b397766bc1f6bf45569199124e565f9f4286209180179ab2f537e23378e196609acdfcba9ff5670a11646f5c2091cf2d777b5c6ee7bb9e4ae371d6d2a9f6d6440e1fd97deca1305ea45aed32be7833314d4f68f0de12d90c394e6eaf4d0dd84d08edd07762fdb22398b30fa605ffb31dc9a832cafc30171cd9dbb72f08934; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company payloadIV=8e967b2c40909b844db4af6b3a296504; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company init_ev=0; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3A%3A1560354696.60%7C%7C161229585%7C%7C0%7C%7C-r74633-t488; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company SITE_ID=4243658731; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company sov=4243658731; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tov=680782; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company mov=noprelanders.mini; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company redid=74633; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company campaign_id=1228; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company gsid=488; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company pid=584; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company ref=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.31xyi0g.kktgi.company impid=f6e26a42-8d29-11e9-aef2-4e4e3e1c4387; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company tags[3329][iframe_enable]=0; expires=Thu, 13-Jun-2019 15:53:20 GMT; Max-Age=86500; path=/; domain=.31xyi0g.kktgi.company mini-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
X-Source
Mini
X-Rot
680782
X-Sov
4243658731
Expires
Mon, 01 Jan 2001 00:00:00 GMT
Cache-Control
no-cache
Pragma
no-cache
Content-Encoding
gzip

Redirect headers

Date
Wed, 12 Jun 2019 15:51:38 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
X-ImpID
f6e26a42-8d29-11e9-aef2-4e4e3e1c4387
Location
https://31xyi0g.kktgi.company/?sov=4243658731&hid=cesqgmkgkgcemco&fallback=15&cntrl=00000&pid=584&redid=74633&gsid=488&campaign_id=1228&p_id=584&id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3A%3A1560354696.60%7C%7C161229585%7C%7C0%7C%7C-r74633-t488&impid=f6e26a42-8d29-11e9-aef2-4e4e3e1c4387
Set-Cookie
redir-backend=; Expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/
Adblocked /
/rea/pop/de/cos/1
Redirect Chain
  • https://31xyi0g.kktgi.company/ITS458yukon25plusDE.html?sov=4243658731&fallback=15&cntrl=00000&pid=584&redid=74633&gsid=488&campaign_id=1228&p_id=584&id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3...
  • https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-74633|4243658731|f7e25e02-8d29-11e9-a958-69da23ea9805|f...
  • https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-74633|4243658731|f7e25e02-8d29-11e9-a958-69da23ea9805|f7e25e02-8d29-11e9-a958-69da23ea9805|&pop_up=1&url=/rea/pop/de...
  • https://promo.iredirect.net/rea/pop/de/cos/1/
104 KB
41 KB
Document
General
Full URL
https://promo.iredirect.net/rea/pop/de/cos/1/
Requested by
Host: 31xyi0g.kktgi.company
URL: https://31xyi0g.kktgi.company/?sov=4243658731&hid=cesqgmkgkgcemco&fallback=15&cntrl=00000&pid=584&redid=74633&gsid=488&campaign_id=1228&p_id=584&id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3A%3A1560354696.60%7C%7C161229585%7C%7C0%7C%7C-r74633-t488&impid=f6e26a42-8d29-11e9-aef2-4e4e3e1c4387
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8f8a992252bca1ad3ff43cbad70790584bf95b1b800874ce5638475f10d4f271
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

:method
GET
:authority
promo.iredirect.net
:scheme
https
:path
/rea/pop/de/cos/1/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://31xyi0g.kktgi.company/
accept-encoding
gzip, deflate, br
cookie
ASPSESSIONIDCWCSTADB=FMEBGPAAFDOLFMENMHJAPECF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://31xyi0g.kktgi.company/

Response headers

status
200
cache-control
no-store
content-type
text/html; Charset=UTF-8
content-encoding
gzip
expires
Sat, 15 May 1999 18:00:00 GMT
vary
Accept-Encoding
server
Microsoft-IIS/10.0
x-nid
W03
p3p
CP="CAO PSA OUR"
referrer-policy
origin
date
Wed, 12 Jun 2019 15:51:51 GMT
content-length
41406

Redirect headers

status
301
cache-control
no-store
content-type
text/html
expires
Sat, 15 May 1999 18:00:00 GMT
location
/rea/pop/de/cos/1/
server
Microsoft-IIS/10.0
set-cookie
ASPSESSIONIDCWCSTADB=FMEBGPAAFDOLFMENMHJAPECF; secure; path=/
x-nid
W03
p3p
CP="CAO PSA OUR"
referrer-policy
origin
date
Wed, 12 Jun 2019 15:51:50 GMT
content-length
0
Adblocked style.css
/rea/pop/de/cos/1/inc
43 KB
10 KB
Stylesheet
General
Full URL
https://promo.iredirect.net/rea/pop/de/cos/1/inc/style.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e80d3c9a194df8fea536c2885e52da61fb3229bff70d29541fd9edabe8974f9b
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:51 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 12 Apr 2019 00:24:53 GMT
server
Microsoft-IIS/10.0
etag
"8d3f26c6f0d41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
text/css
content-length
9795
Verified jquery.min.js
cdn.jsdelivr.net/npm/jquery@1.11.3/dist
94 KB
33 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Verified resource
flat-ui/2.3.0/js/vendor/jquery.min.js at cdnjs.com, project flat-ui
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 12 Jun 2019 15:51:51 GMT
content-length
33342
x-served-by
cache-ams21023-AMS, cache-fra19176-FRA
etag
W/"176f8-N7HbiLV0OPEHKo68dVnJCcnTpoI"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
Verified jquery-migrate.min.js
cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist
10 KB
4 KB
Script
General
Full URL
https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::621 , Ascension Island, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
/
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Verified resource
jquery-migrate/1.4.1/jquery-migrate.min.js at cdnjs.com, project jquery-migrate
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
x-cache
HIT, HIT
status
200
date
Wed, 12 Jun 2019 15:51:51 GMT
content-length
4014
x-served-by
cache-ams21024-AMS, cache-fra19176-FRA
etag
W/"2748-kFMq/21BIZVCVM3wSZTYNPfsFps"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
Adblocked common.js?1623-15
/rea/shared
83 KB
22 KB
Script
General
Full URL
https://promo.iredirect.net/rea/shared/common.js?1623-15
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7f04427e198b626a2e07b3f34eb3951d43af997ac4bd5aafacf3cfcebf683d34
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:51 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 22 Mar 2019 06:11:12 GMT
server
Microsoft-IIS/10.0
etag
"0c06fc76e0d41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
application/javascript
content-length
22057
vjs-chat.js?1258-15
cdn.iredirect.net/webcdn/js
0
0

shared.css
cdn.iredirect.net/webcdn/css/rea
15 KB
3 KB
Stylesheet
General
Full URL
https://cdn.iredirect.net/webcdn/css/rea/shared.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f91da1ed13eea40a9f415c77d9ba31b3ead2912055194d0cae1620d02d78be5c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
content-encoding
gzip
last-modified
Thu, 06 Dec 2018 01:26:34 GMT
server
Microsoft-IIS/10.0
etag
"0415eb928dd41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=300
accept-ranges
bytes
content-type
text/css
content-length
3344
modal.js
cdn.iredirect.net/webcdn/js/rea/shared
10 KB
3 KB
Script
General
Full URL
https://cdn.iredirect.net/webcdn/js/rea/shared/modal.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
content-encoding
gzip
last-modified
Thu, 24 Aug 2017 03:46:10 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0ad1d868b1cd31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
2686
cookieConsentCr.min.js?1258-15
cdn.iredirect.net/webcdn/js
35 KB
12 KB
Script
General
Full URL
https://cdn.iredirect.net/webcdn/js/cookieConsentCr.min.js?1258-15
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78060cb1b910e5c758b7c3d2817679577f278e20f36c231abf8751b154d5ad65

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Dec 2018 21:49:52 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"00d729b91d41:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
12355
Adblocked slick.css
/rea/pop/en/cos/1/inc/slick
2 KB
828 B
Stylesheet
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:51 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:50 GMT
server
Microsoft-IIS/10.0
etag
"fa3cb092d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
text/css
content-length
745
Verified Adblocked slick-theme.css
/rea/pop/en/cos/1/inc/slick
3 KB
965 B
Stylesheet
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick-theme.css
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
Verified resource
slick-carousel/1.6.0/slick-theme.css at cdnjs.com, project slick-carousel
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:51 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:49 GMT
server
Microsoft-IIS/10.0
etag
"80c0a591d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
text/css
content-length
870
Verified spacer.gif
img.iredirect.net/webCDN/img/shared
43 B
236 B
Image
General
Full URL
https://img.iredirect.net/webCDN/img/shared/spacer.gif
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:54 GMT
last-modified
Mon, 18 Jun 2012 08:15:06 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"021f3772a4dcd1:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
43
spacer.gif
cdn.zxcdn.com/webcdn/img/rea/shared
1 KB
1 KB
Image
General
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/spacer.gif
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:56 GMT
last-modified
Mon, 27 Jun 2016 06:48:58 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"069d1fa3fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/gif
content-length
1095
jquery-migrate-1.2.1.min.js
code.jquery.com
7 KB
3 KB
Script
General
Full URL
https://code.jquery.com/jquery-migrate-1.2.1.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 12 Jun 2019 15:51:56 GMT
Content-Encoding
gzip
Last-Modified
Fri, 24 Oct 2014 00:16:08 GMT
Server
nginx
ETag
W/"54499a48-1c1f"
Vary
Accept-Encoding
X-HW
1560354716.dop001.lo4.t,1560354716.cds081.lo4.shn,1560354716.dop001.lo4.t,1560354716.cds067.lo4.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
3063
Adblocked slick.min.js
/rea/pop/en/cos/1/inc/slick
42 KB
14 KB
Script
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/slick.min.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:55 GMT
content-encoding
gzip
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:53 GMT
server
Microsoft-IIS/10.0
etag
"ed09994d190d31:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
application/javascript
content-length
14341
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 21 May 2019 23:53:44 GMT
server
Golfe2
age
3892
date
Wed, 12 Jun 2019 14:47:07 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17595
expires
Wed, 12 Jun 2019 16:47:07 GMT
Adblocked gtm.js?id=GTM-T5DCX9V
www.googletagmanager.com
115 KB
28 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T5DCX9V
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b892305b6c5fea1faf8e139ae987a3af62a99833d0df7d80fbd950d56acbab9c
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
content-encoding
br
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
server
Google Tag Manager
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
28619
x-xss-protection
0
expires
Wed, 12 Jun 2019 15:51:59 GMT
COS_Logo_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS
50 KB
50 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/COS/COS_Logo_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
8539bcc762428650a59be971f9fd5ad5437e9a44d453e8c930026f30075f784d

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 04 Dec 2017 04:40:02 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03dacf2b96cd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
50917
rea-cosmo-main-bg_2x.jpg
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
215 KB
215 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-main-bg_2x.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d6abd1be6575bb3f08ccc7b60a590db97a936260e76b7bcd5dab8ebeae5cd3b7

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 15 Jan 2018 06:15:42 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03b5445c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
219664
rea-cosmo-arrow_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
6 KB
6 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-arrow_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ccfd427c3e03f6312b2f3afca94dd40627686cf3ccbbf90e74e7babc971a7a60

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Thu, 18 Jan 2018 22:04:24 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"064b94ca890d31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
5905
rea-pop-cosmo-jackpot_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
141 KB
141 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-jackpot_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
eb446ef8d93ea926ae8dad8f69d1a478a7b9060a2d648f3fabd94a6dc87c8bd0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Tue, 16 Jan 2018 01:28:38 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0277055698ed31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
144495
rea-pop-cosmo-coins_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
42 KB
42 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-coins_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c56fe93045f66491a0e8d56b5f5c3dc37aaa740d0d6226e9b8beff2f959f4e25

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 15 Jan 2018 06:15:38 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e1f142c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
43332
CCC_Golden-ICE-jpot-spriteA.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/ccc/4
23 KB
23 KB
Image
General
Full URL
https://img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/CCC_Golden-ICE-jpot-spriteA.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Fri, 09 Sep 2016 03:41:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e6c8174cad21:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
23573
rea-pop-cosmo-winners-bg_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
601 KB
602 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-winners-bg_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c2a8617d84f4081d573b74738564cd8f1f5b3149aeaaef29d90b41b0f9ca621c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 15 Jan 2018 06:15:36 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0b4c041c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
615610
rea-cosmo-glow_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
153 KB
153 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-glow_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
9dace7b643ec037293c1ce8e021f1813faaa636ce1a1728e3543fb599a9314d8

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 15 Jan 2018 06:15:40 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0e2344c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
156621
Home_Winners-Left_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS
211 KB
212 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/COS/Home_Winners-Left_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e1b56e2b83eda26c98fa47d99bccf1632348a4f94e2461b13d08de086130ed71

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Fri, 12 Jan 2018 00:32:36 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0aae0d73c8bd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
216513
Home_Winners-Right_2x.fs8.png
cdn.iredirect.net/webCDN/img/COS
235 KB
235 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/COS/Home_Winners-Right_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f6c42c54902dab7fef54e33dc4281ab2afe3c771d2931ae05d79bed33e51414c

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 04 Dec 2017 04:40:02 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03dacf2b96cd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
240790
rea-cosmo-chips-left_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
54 KB
54 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-chips-left_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
27212ad263974166bef49756d99bb41b5218832c023ac8fc83810087c0bdfdd0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:32 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"05a5e3fc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
54975
rea-cosmo-chips-right_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
37 KB
37 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-chips-right_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
44669e67b0112f2ea5c77b2bae3ed0051b74a59af3d468b276ce31ceb30cd762

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:32 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"05a5e3fc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
37630
rea-pop-cosmo-points_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
277 KB
277 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-points_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
cb6701973c82e6407b2992ad1cbf1320c99497317aa628d3e6b05ecda9f2adc0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:30 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"02d2d3ec88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
283306
rea-pop-cosmo-icons_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
13 KB
13 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-pop-cosmo-icons_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ff45daa7fe6d1cfaaaf09beec6faaee8eea968b916f66733ffe36c425c4b38d8

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:28 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"00fc3cc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
13361
rea-cosmo-mega-moolah_2x.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
287 KB
287 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-mega-moolah_2x.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f1e97059ff9de3566088b55db618dde61be88a270e1db3fc5d96ddb8f33a7fd6

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d3ca3bc88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
293965
rea-cosmo-thunderstruck-ii.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
165 KB
165 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-thunderstruck-ii.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
19ba63d951dc6f2618cbc44c0f795951505a04f9fc956208a5fa6bd53dc883fd

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:46 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"095b647c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
169150
rea-cosmo-immoral-bromance.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
152 KB
152 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-immoral-bromance.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d31a04c41933c91617ca009151f0073f0a906ea27d14f5577c563576d7fe3992

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0c2e748c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
155553
rea-cosmo-avalon-ii.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
140 KB
140 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-avalon-ii.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
d7edbc413d89bf05666d3e6622160ff785f31dd0a77cf138101e1e770c909750

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0c2e748c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
143691
rea-cosmo-millionaires-club.fs8.png
cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1
95 KB
95 KB
Image
General
Full URL
https://cdn.iredirect.net/webCDN/img/REA/pop/en/cos/1/rea-cosmo-millionaires-club.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
6fc0cffeb439af51016e9b793f0011e99d24b4293949a4cd8c29ef0379058162

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
last-modified
Mon, 15 Jan 2018 06:15:44 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0688546c88dd31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
97348
norton.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages
3 KB
3 KB
Image
General
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/norton.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 27 Jun 2016 06:46:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d38a03fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2651
mcafee.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages
3 KB
3 KB
Image
General
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/mcafee.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 27 Jun 2016 06:46:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"0d38a03fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2877
secure-de.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages
3 KB
3 KB
Image
General
Full URL
https://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/secure-de.jpg
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
59a39b60dbe3a3b2d8e44d1452cc3382ce19c8a17ae48bc2e6aa1344762845a6

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Mon, 27 Jun 2016 06:46:28 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"03a69a13fd0d11:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/jpeg
content-length
2734
footer-icons.fs8.png
cdn.zxcdn.com/webCDN/img/Shared
32 KB
32 KB
Image
General
Full URL
https://cdn.zxcdn.com/webCDN/img/Shared/footer-icons.fs8.png
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4c7cd5e07cc6ee4eb8857f7d224c56c439509bdfd74cbd21133447af07dec333

Request headers

Referer
https://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:58 GMT
last-modified
Fri, 10 May 2019 04:17:48 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"bffc3b53e76d51:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
33111
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_v=j76&z=2138401997&slf_rd=1&random=1649028400
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=644721704&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F&dr=https%253A%252F%252F31xyi0g.kktgi.company%252...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_gid=832912619.1560354719&gjid=906198733&_v=j76&z=2138401997
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_v=j76&z=2138401997
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_v=j76&z=2138401997&slf_rd=1&random=1649028400
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_v=j76&z=2138401997&slf_rd=1&random=1649028400
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:51:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:51:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_v=j76&z=2138401997&slf_rd=1&random=1649028400
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_v=j76&z=1793526820&slf_rd=1&random=79200145
www.google.de/ads
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=644721704&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F&dr=https%253A%252F%252F31xyi0g.kktgi.company%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_gid=832912619.1560354719&gjid=1121264236&_v=j76&z=1793526820
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_v=j76&z=1793526820
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_v=j76&z=1793526820&slf_rd=1&random=79200145
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_v=j76&z=1793526820&slf_rd=1&random=79200145
Requested by
Host: promo.iredirect.net
URL: https://promo.iredirect.net/rea/pop/de/cos/1/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:51:59 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:51:59 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_v=j76&z=1793526820&slf_rd=1&random=79200145
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ProgressiveJackpotTicker.min.js?_=1560354711890
cdn.iredirect.net/webcdn/js
2 KB
1 KB
Script
General
Full URL
https://cdn.iredirect.net/webcdn/js/ProgressiveJackpotTicker.min.js?_=1560354711890
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.189 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
155d2d0315dae7ca135de8db6ca1d8da3580b1f3851f034f8a60a0fd23f014b5

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
content-encoding
gzip
last-modified
Wed, 07 Jun 2017 02:03:26 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"06bdd3f32dfd21:0"
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
cache-control
must-revalidate, public, max-age=1800
accept-ranges
bytes
content-type
application/javascript
content-length
1215
Verified Adblocked slick.woff
/rea/pop/en/cos/1/inc/slick/fonts
1 KB
1 KB
Font
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/fonts/slick.woff
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
Verified resource
slick-carousel/1.3.7/fonts/slick.woff at cdnjs.com, project slick-carousel
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://promo.iredirect.net/
Origin
https://promo.iredirect.net

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:58 GMT
server
Microsoft-IIS/10.0
etag
"e9cf4e97d190d31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
font/x-woff
content-length
1380
Verified Adblocked ajax-loader.gif
/rea/pop/en/cos/1/inc/slick
4 KB
4 KB
Image
General
Full URL
https://promo.iredirect.net/rea/pop/en/cos/1/inc/slick/ajax-loader.gif
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
66.212.229.139 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Verified resource
slick-carousel/1.3.7/ajax-loader.gif at cdnjs.com, project slick-carousel
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 12 Jun 2019 15:51:59 GMT
referrer-policy
origin
last-modified
Fri, 19 Jan 2018 02:59:48 GMT
server
Microsoft-IIS/10.0
etag
"4c245491d190d31:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W03
accept-ranges
bytes
content-type
image/gif
content-length
4178
?cultureName=de_EUR&callback=jQuery111306964217922792189_1560354711891&_=1560354711892
api.zxcdn.com/ApiMgs.svc/GetProgressivesByCultureName
3 KB
1 KB
Script
General
Full URL
https://api.zxcdn.com/ApiMgs.svc/GetProgressivesByCultureName/?cultureName=de_EUR&callback=jQuery111306964217922792189_1560354711891&_=1560354711892
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.188 , United States, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
/
Resource Hash
1a4859203ca347eb865091cdbb21a84e5af4ea4d07dd6d269dcae69c50d793ed

Request headers

Referer
https://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 12 Jun 2019 15:52:01 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-javascript
status
200
x-nid
W03
cache-control
no-cache
content-length
997
expires
-1

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • https://sumo.com/sumomail/click/2c13f129-d237-466f-8620-fe842e6bac01?href=https://taz.oss-eu-west-1.aliyuncs.com/rvxp20.html
  • https://taz.oss-eu-west-1.aliyuncs.com/rvxp20.html?sumo_email_id=2c13f129-d237-466f-8620-fe842e6bac01&utm_campaign=sumo-email
Request 1
  • https://aptrk10.com/?a=1262&oc=8426&c=24304&m=3&s1=sk
  • http://go.nockenvisi.com/ts5475-international-general
  • http://kq6.bestdealsonline.company/?kw=ts5475-international-general&s1=ts5475-international-general&s2=1560354696.60-161229585-0-&s3=&fallback=15
  • https://31xyi0g.kktgi.company/?sov=4243658731&hid=cesqgmkgkgcemco&fallback=15&cntrl=00000&pid=584&redid=74633&gsid=488&campaign_id=1228&p_id=584&id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3A%3A...
Request 2
  • https://31xyi0g.kktgi.company/ITS458yukon25plusDE.html?sov=4243658731&fallback=15&cntrl=00000&pid=584&redid=74633&gsid=488&campaign_id=1228&p_id=584&id=XNSX.ts5475%7C%7Cinternational%7C%7Cgeneral%3...
  • https://click.cr-brands.net/affiliate/referral.asp?site=rea&url=pop/de/cos/1&v=2&seg=49266&lid=215864&aff_id=5359_49266_22173_4408_57_23634_3-74633|4243658731|f7e25e02-8d29-11e9-a958-69da23ea9805|f...
  • https://promo.iredirect.net/referral.asp?aff_id=5359_49266_22173_4408_57_23634_3-74633|4243658731|f7e25e02-8d29-11e9-a958-69da23ea9805|f7e25e02-8d29-11e9-a958-69da23ea9805|&pop_up=1&url=/rea/pop/de...
  • https://promo.iredirect.net/rea/pop/de/cos/1/
Request 42
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=644721704&t=pageview&_s=1&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F&dr=https%253A%252F%252F31xyi0g.kktgi.company%252...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_gid=832912619.1560354719&gjid=906198733&_v=j76&z=2138401997
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_v=j76&z=2138401997
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1988509662&_v=j76&z=2138401997&slf_rd=1&random=1649028400
Request 43
  • https://www.google-analytics.com/r/collect?v=1&_v=j76&a=644721704&t=event&ni=1&_s=2&dl=https%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fde%2Fcos%2F1%2F&dr=https%253A%252F%252F31xyi0g.kktgi.company%2...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_gid=832912619.1560354719&gjid=1121264236&_v=j76&z=1793526820
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_v=j76&z=1793526820
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=60258599.1560354719&jid=1120889092&_v=j76&z=1793526820&slf_rd=1&random=79200145

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.iredirect.net
URL
https://cdn.iredirect.net/webcdn/js/vjs-chat.js?1258-15

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| thisLang string| thisSiteCode string| thisBrand string| thisCategory string| thisVariation string| thisPath function| $ function| jQuery function| cross_domain_storage function| wopen function| checkCaptchaResponse number| d string| v number| formWS boolean| isCaptchaValidated object| respond boolean| priorEngage string| currency object| thisAffID string| siteTotalGames string| mobilesiteTotalGames string| decimalSeparator string| groupSeparator string| positivePattern string| decimalDigits string| isGDPR number| xit object| CookieConsentCr object| cookieconsent string| btag5 string| btag1 string| btag3 string| thisReferer string| __galab object| _loadGADATA function| isGoogleAnalyticsLoaded function| logGAEvent string| GoogleAnalyticsObject function| __gaTracker object| dataLayer object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| jQuery111306964217922792189 object| fm object| google_tag_manager boolean| blMatch undefined| jQuery111306964217922792189_1560354711891

0 Cookies

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js, Line 2, Column552
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: https://promo.iredirect.net/rea/pop/de/cos/1/, Line 126, Column50
Message:
Load Success

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

31xyi0g.kktgi.company
api.zxcdn.com
aptrk10.com
cdn.iredirect.net
cdn.jsdelivr.net
cdn.zxcdn.com
click.cr-brands.net
code.jquery.com
go.nockenvisi.com
img.iredirect.net
kq6.bestdealsonline.company
promo.iredirect.net
stats.g.doubleclick.net
sumo.com
taz.oss-eu-west-1.aliyuncs.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com

cdn.iredirect.net

118.184.32.4
191.101.164.106
205.185.208.52
2a00:1450:4001:808::2003
2a00:1450:4001:814::2004
2a00:1450:4001:817::2008
2a00:1450:4001:824::200e
2a00:1450:400c:c09::9d
2a04:4e42::621
35.204.107.25
54.200.150.117
66.212.229.139
66.212.229.144
66.212.229.188
66.212.229.189
8.208.40.172
93.188.166.8

0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
155d2d0315dae7ca135de8db6ca1d8da3580b1f3851f034f8a60a0fd23f014b5
19ba63d951dc6f2618cbc44c0f795951505a04f9fc956208a5fa6bd53dc883fd
1a4859203ca347eb865091cdbb21a84e5af4ea4d07dd6d269dcae69c50d793ed
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
27212ad263974166bef49756d99bb41b5218832c023ac8fc83810087c0bdfdd0
44669e67b0112f2ea5c77b2bae3ed0051b74a59af3d468b276ce31ceb30cd762
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c7cd5e07cc6ee4eb8857f7d224c56c439509bdfd74cbd21133447af07dec333
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
59a39b60dbe3a3b2d8e44d1452cc3382ce19c8a17ae48bc2e6aa1344762845a6
6fc0cffeb439af51016e9b793f0011e99d24b4293949a4cd8c29ef0379058162
78060cb1b910e5c758b7c3d2817679577f278e20f36c231abf8751b154d5ad65
7adaf08052c6a6a0f8a0d0055b4f191fd07389fe41c972b69573472b2ecb406a
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae
7f04427e198b626a2e07b3f34eb3951d43af997ac4bd5aafacf3cfcebf683d34
8539bcc762428650a59be971f9fd5ad5437e9a44d453e8c930026f30075f784d
8f88cb7a1cd4134f5d616b9fca90b9069fa16c162b7ae66ba1b500c490b41dd2
8f8a992252bca1ad3ff43cbad70790584bf95b1b800874ce5638475f10d4f271
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e
9dace7b643ec037293c1ce8e021f1813faaa636ce1a1728e3543fb599a9314d8
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
b892305b6c5fea1faf8e139ae987a3af62a99833d0df7d80fbd950d56acbab9c
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051
c2a8617d84f4081d573b74738564cd8f1f5b3149aeaaef29d90b41b0f9ca621c
c56fe93045f66491a0e8d56b5f5c3dc37aaa740d0d6226e9b8beff2f959f4e25
cb6701973c82e6407b2992ad1cbf1320c99497317aa628d3e6b05ecda9f2adc0
ccfd427c3e03f6312b2f3afca94dd40627686cf3ccbbf90e74e7babc971a7a60
d1f1de7a65e1722282a658bc00fb0236301efdc603f7f52f7fd1252e197c9b1e
d31a04c41933c91617ca009151f0073f0a906ea27d14f5577c563576d7fe3992
d6abd1be6575bb3f08ccc7b60a590db97a936260e76b7bcd5dab8ebeae5cd3b7
d7edbc413d89bf05666d3e6622160ff785f31dd0a77cf138101e1e770c909750
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
e1b56e2b83eda26c98fa47d99bccf1632348a4f94e2461b13d08de086130ed71
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e80d3c9a194df8fea536c2885e52da61fb3229bff70d29541fd9edabe8974f9b
eb446ef8d93ea926ae8dad8f69d1a478a7b9060a2d648f3fabd94a6dc87c8bd0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1e97059ff9de3566088b55db618dde61be88a270e1db3fc5d96ddb8f33a7fd6
f6c42c54902dab7fef54e33dc4281ab2afe3c771d2931ae05d79bed33e51414c
f91da1ed13eea40a9f415c77d9ba31b3ead2912055194d0cae1620d02d78be5c
ff45daa7fe6d1cfaaaf09beec6faaee8eea968b916f66733ffe36c425c4b38d8