urlscan.io logo urlscan.io
SecurityTrails logo

promo.iredirect.net Open in urlscan Pro
66.212.229.139  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://arisonment.org.uk/re81b.php?32=1o155c6d70cac41e5_11f3.tb0ponn.Z01kgr004jm1e7d1jw_ow1347.004jmMGRqY3UwcGlkM29r0w6t3k
Effective URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Submission: On April 30 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 11 domains to perform 29 HTTP transactions. The main IP is 66.212.229.139, located in Canada and belongs to CL-1379-14537 - Continent 8 LLC, US. The main domain is promo.iredirect.net.
This is the only time promo.iredirect.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 81.173.46.10 51942 (EKMEDIA)
1 23.88.160.52 18978 (ENZUINC-US)
1 1 79.143.78.130 39238 (OKBPROGRE...)
1 4 66.212.229.139 14537 (CL-1379-1...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
18 66.212.229.189 14537 (CL-1379-1...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 66.212.229.188 14537 (CL-1379-1...)
29 8
1    81.173.46.10 (Netherlands)

ASN51942 (EKMEDIA, NL)
arisonment.org.uk
1    23.88.160.52 (Los Angeles, United States)

ASN18978 (ENZUINC-US - Enzu Inc, US)
PTR: 52.160-88-23.rdns.scalabledns.com
helpavenues.com
1    79.143.78.130 (Moscow, Russian Federation)

ASN39238 (OKBPROGRESS Moscow, Russia, RU)
clickinly.com
4    66.212.229.139 (Canada)

ASN14537 (CL-1379-14537 - Continent 8 LLC, US)
promo.iredirect.net
2    2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.jsdelivr.net
18    66.212.229.189 (Canada)

ASN14537 (CL-1379-14537 - Continent 8 LLC, US)
cdn.iredirect.net
cdn.zxcdn.com
img.iredirect.net
3    2a00:1450:4001:814::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:4001:821::2008 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
1    2a00:1450:400c:c0b::9d (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a00:1450:4001:819::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    2a00:1450:4001:81d::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google.de
1    66.212.229.188 (Canada)

ASN14537 (CL-1379-14537 - Continent 8 LLC, US)
api.zxcdn.com
Domain Requested by
8 img.iredirect.net promo.iredirect.net
5 cdn.zxcdn.com promo.iredirect.net
5 cdn.iredirect.net promo.iredirect.net
cdn.jsdelivr.net
4 promo.iredirect.net 1 redirects helpavenues.com
promo.iredirect.net
3 www.google-analytics.com 1 redirects promo.iredirect.net
2 cdn.jsdelivr.net promo.iredirect.net
1 api.zxcdn.com cdn.jsdelivr.net
1 www.google.de promo.iredirect.net
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 www.googletagmanager.com promo.iredirect.net
1 clickinly.com 1 redirects
1 helpavenues.com
1 arisonment.org.uk 1 redirects
29 14
Subject Issuer Validity Valid
helpavenues.com
COMODO RSA Domain Validation Secure Server CA		 2018-11-09 -
2019-12-05		 a year crt.sh
ssl363648.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-06 -
2019-10-13		 6 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-03-26 -
2019-06-18		 3 months crt.sh
*.zxcdn.com
COMODO ECC Domain Validation Secure Server CA		 2017-08-30 -
2019-09-06		 2 years crt.sh
www.google.de
Google Internet Authority G3		 2019-03-26 -
2019-06-18		 3 months crt.sh

This page contains 1 frames:

Primary Page: http://promo.iredirect.net/rea/pop/en/ccc/4/
Frame ID: E4B2D304239F2D150819203FF9D87378
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://arisonment.org.uk/re81b.php?32=1o155c6d70cac41e5_11f3.tb0ponn.Z01kgr004jm1e7d1jw_ow1347.004jmM... HTTP 302
    https://helpavenues.com/176342b4969c6ded000/calin_152y365/_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f... Page URL
  2. http://clickinly.com/referral/?site=rea&url=pop/en/ccc/4&seg=21424&lid=205318&aff_id=6495_45717_2... HTTP 301
    http://promo.iredirect.net/referral.asp?aff_id=6495_45717_21424_4408_57_213_25-ENTX690284|13305|calin_1... HTTP 301
    http://promo.iredirect.net/rea/pop/en/ccc/4/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
  • env /^gaGlobal$/i
Overall confidence: 100%
Detected patterns
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

29
Requests

24 %
HTTPS

50 %
IPv6

11
Domains

14
Subdomains

8
IPs

5
Countries

500 kB
Transfer

866 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://arisonment.org.uk/re81b.php?32=1o155c6d70cac41e5_11f3.tb0ponn.Z01kgr004jm1e7d1jw_ow1347.004jmMGRqY3UwcGlkM29r0w6t3k HTTP 302
    https://helpavenues.com/176342b4969c6ded000/calin_152y365/_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ/?email=ti_rob18@hotmail.com Page URL
  2. http://clickinly.com/referral/?site=rea&url=pop/en/ccc/4&seg=21424&lid=205318&aff_id=6495_45717_21424_4408_57_213_25-ENTX690284%7C13305%7Ccalin_152y365%7C845701407%7C_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ%7C HTTP 301
    http://promo.iredirect.net/referral.asp?aff_id=6495_45717_21424_4408_57_213_25-ENTX690284|13305|calin_152y365|845701407|_ow|0djcu|004jm|o155c6d70cac41e5_11f3|0pid3ok|65065|01kgr004jm|Z|&pop_up=1&url=/rea/pop/en/ccc/4&seg=21424&lid=205318&atk=standalone HTTP 301
    http://promo.iredirect.net/rea/pop/en/ccc/4/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://arisonment.org.uk/re81b.php?32=1o155c6d70cac41e5_11f3.tb0ponn.Z01kgr004jm1e7d1jw_ow1347.004jmMGRqY3UwcGlkM29r0w6t3k HTTP 302
  • https://helpavenues.com/176342b4969c6ded000/calin_152y365/_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ/?email=ti_rob18@hotmail.com
Request Chain 2
  • http://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js HTTP 307
  • https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Request Chain 3
  • http://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js HTTP 307
  • https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js
Request Chain 25
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=744424079&t=pageview&_s=1&dl=http%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fen%2Fccc%2F4%2F&dr=&ul=en-us&de=UTF-8&dt=Captain%20Cooks%20Casino!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&_u=YEBAAEABC~&jid=2021492463&gjid=812441544&cid=1185234927.1556654764&tid=UA-85618867-1&_gid=756930248.1556654764&_r=1&cd9=278&cd34=en&cd83=geQRV7yo6UGUmx6JfkiR4Grx036fKH2zr4JqnuTwdwI%3D&cd85=6495_45717_21424_4408_57_213_25-ENTX690284%7C13305%7Ccalin_152y365%7C845701407%7C_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ%7C&cd89=standalone&cd90=pop_ccc_4_0&cd91=standalone&cd124=catch_ccc&cd125=0&cd126=4&cd127=0&cd128=CCC&cd129=&cd130=&z=1179252489 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=1185234927.1556654764&jid=2021492463&_gid=756930248.1556654764&gjid=812441544&_v=j73&z=1179252489 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=1185234927.1556654764&jid=2021492463&_v=j73&z=1179252489 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=1185234927.1556654764&jid=2021492463&_v=j73&z=1179252489&slf_rd=1&random=3438524124

29 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
helpavenues.com/176342b4969c6ded000/calin_152y365/_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ/
Redirect Chain
  • http://arisonment.org.uk/re81b.php?32=1o155c6d70cac41e5_11f3.tb0ponn.Z01kgr004jm1e7d1jw_ow1347.004jmMGRqY3UwcGlkM29r0w6t3k
  • https://helpavenues.com/176342b4969c6ded000/calin_152y365/_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ/?email=ti_rob18@hotmail.com
310 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://helpavenues.com/176342b4969c6ded000/calin_152y365/_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ/?email=ti_rob18@hotmail.com
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.160.52 Los Angeles, United States, ASN18978 (ENZUINC-US - Enzu Inc, US),
Reverse DNS
52.160-88-23.rdns.scalabledns.com
Software
Apache /
Resource Hash

Request headers

Host
helpavenues.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:02 GMT
Server
Apache
Set-Cookie
uid13305=845701407-20190430160602-d6bcce5bf0e34110f0b44e4a84ffd426-; expires=Thu, 30-May-2019 20:06:02 GMT; path=/
Content-Length
310
Connection
close
Content-Type
text/html; charset=UTF-8

Redirect headers

Date
Tue, 30 Apr 2019 20:06:00 GMT
Server
X-Frame-Options
SAMEORIGIN
Location
https://helpavenues.com/176342b4969c6ded000/calin_152y365/_ow|0djcu|004jm|o155c6d70cac41e5_11f3|0pid3ok|65065|01kgr004jm|Z/?email=ti_rob18@hotmail.com
X-XSS-Protection
1; mode=block
X-Content-Type-Options
nosniff
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Primary Request /
promo.iredirect.net/rea/pop/en/ccc/4/
Redirect Chain
  • http://clickinly.com/referral/?site=rea&url=pop/en/ccc/4&seg=21424&lid=205318&aff_id=6495_45717_21424_4408_57_213_25-ENTX690284%7C13305%7Ccalin_152y365%7C845701407%7C_ow%7C0djcu%7C004jm%7Co155c6d70...
  • http://promo.iredirect.net/referral.asp?aff_id=6495_45717_21424_4408_57_213_25-ENTX690284|13305|calin_152y365|845701407|_ow|0djcu|004jm|o155c6d70cac41e5_11f3|0pid3ok|65065|01kgr004jm|Z|&pop_up=1&ur...
  • http://promo.iredirect.net/rea/pop/en/ccc/4/
89 KB
34 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://promo.iredirect.net/rea/pop/en/ccc/4/
Requested by
Host: helpavenues.com
URL: https://helpavenues.com/176342b4969c6ded000/calin_152y365/_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ/?email=ti_rob18@hotmail.com
Protocol
HTTP/1.1
Server
66.212.229.139 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
4c842e69ae340fe92497dbe96a765da782274a123d2569567bec67415587a699

Request headers

Host
promo.iredirect.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Cookie
ASPSESSIONIDSQARQDAC=OBFOFNIDCCJJGKPEEPCMFMJO
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control
no-store
Content-Type
text/html; Charset=UTF-8
Content-Encoding
gzip
Expires
Sat, 15 May 1999 18:00:00 GMT
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
X-NID
W04
p3p
CP="CAO PSA OUR"
Referrer-Policy
origin
Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Length
34955

Redirect headers

Cache-Control
no-store
Content-Type
text/html
Expires
Sat, 15 May 1999 18:00:00 GMT
Location
/rea/pop/en/ccc/4/
Server
Microsoft-IIS/10.0
Set-Cookie
ASPSESSIONIDSQARQDAC=OBFOFNIDCCJJGKPEEPCMFMJO; path=/
X-NID
W04
p3p
CP="CAO PSA OUR"
Referrer-Policy
origin
Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Length
0
style.css
promo.iredirect.net/rea/pop/en/ccc/4/inc/ 		47 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://promo.iredirect.net/rea/pop/en/ccc/4/inc/style.css
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.139 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
0ddbb6b4d4c7de44bd811a72e62e032a4b758a2050d2c67ec11e12a7ab4a00fa

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Encoding
gzip
Referrer-Policy
origin
Last-Modified
Fri, 12 Apr 2019 00:19:25 GMT
Server
Microsoft-IIS/10.0
ETag
"80e45b62c5f0d41:0"
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
X-NID
W04
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
8272
jquery.min.js
cdn.jsdelivr.net/npm/jquery@1.11.3/dist/
Redirect Chain
  • http://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
  • https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
94 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Apr 2019 20:06:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
4cfc22521d5196e0-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21027-AMS, cache-fra19139-FRA
server
cloudflare
etag
W/"176f8-N7HbiLV0OPEHKo68dVnJCcnTpoI"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Non-Authoritative-Reason
HSTS
jquery-migrate.min.js
cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/
Redirect Chain
  • http://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js
  • https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js
10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Apr 2019 20:06:03 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
cf-ray
4cfc22521d5396e0-FRA
x-cache
HIT, HIT
status
200
vary
Accept-Encoding
x-served-by
cache-ams21040-AMS, cache-hhn1542-HHN
server
cloudflare
etag
W/"2748-kFMq/21BIZVCVM3wSZTYNPfsFps"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin
*

Redirect headers

Location
https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js
Non-Authoritative-Reason
HSTS
common.js
promo.iredirect.net/rea/shared/ 		83 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://promo.iredirect.net/rea/shared/common.js?1580-20
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.139 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7f04427e198b626a2e07b3f34eb3951d43af997ac4bd5aafacf3cfcebf683d34

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Encoding
gzip
Referrer-Policy
origin
Last-Modified
Fri, 22 Mar 2019 06:11:12 GMT
Server
Microsoft-IIS/10.0
ETag
"0c06fc76e0d41:0"
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
X-NID
W04
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
22057
vjs-chat.js
cdn.iredirect.net/webcdn/js/ 		703 B
886 B 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iredirect.net/webcdn/js/vjs-chat.js?1215-20
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
395248fa2a0de2257903418d5cf5c40d36a9e2ec04a5c5f3d9f8ca9b67ef7028

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 29 Aug 2017 01:40:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0d74bda6720d31:0"
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=1800
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
481
shared.css
cdn.iredirect.net/webcdn/css/rea/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://cdn.iredirect.net/webcdn/css/rea/shared.css
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
f91da1ed13eea40a9f415c77d9ba31b3ead2912055194d0cae1620d02d78be5c

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Dec 2018 01:26:34 GMT
Server
Microsoft-IIS/10.0
ETag
"0415eb928dd41:0"
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
X-NID
W04
Cache-Control
must-revalidate, public, max-age=300
Accept-Ranges
bytes
Content-Type
text/css
Content-Length
3344
modal.js
cdn.iredirect.net/webcdn/js/rea/shared/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iredirect.net/webcdn/js/rea/shared/modal.js
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Aug 2017 03:46:10 GMT
Server
Microsoft-IIS/10.0
ETag
"0ad1d868b1cd31:0"
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=1800
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
2686
cookieConsentCr.min.js
cdn.iredirect.net/webcdn/js/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iredirect.net/webcdn/js/cookieConsentCr.min.js?1215-20
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
78060cb1b910e5c758b7c3d2817679577f278e20f36c231abf8751b154d5ad65

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Dec 2018 21:49:52 GMT
Server
Microsoft-IIS/10.0
ETag
"00d729b91d41:0"
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=1800
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
12355
spacer.gif
cdn.zxcdn.com/webcdn/img/rea/shared/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.zxcdn.com/webcdn/img/rea/shared/spacer.gif
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Mon, 27 Jun 2016 06:48:58 GMT
Server
Microsoft-IIS/10.0
ETag
"069d1fa3fd0d11:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
1095
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 16 Jan 2019 20:01:45 GMT
server
Golfe2
age
2017
date
Tue, 30 Apr 2019 19:32:27 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17543
expires
Tue, 30 Apr 2019 21:32:27 GMT
gtm.js
www.googletagmanager.com/ 		111 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://www.googletagmanager.com/gtm.js?id=GTM-T5DCX9V
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
2a00:1450:4001:821::2008 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
5a4ecc74760c4f18dd5dc8c25b8355d960124875fa52813907d2fdf1de01ae8e
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:04 GMT
Content-Encoding
gzip
Last-Modified
Mon, 29 Apr 2019 23:09:37 GMT
Server
Google Tag Manager (scaffolding)
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
http://www.googletagmanager.com
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Cache-Control
Content-Length
29144
X-XSS-Protection
0
Expires
Tue, 30 Apr 2019 20:06:04 GMT
CCC_Golden-ICE-offer_en-eur.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/ 		182 KB
182 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/CCC_Golden-ICE-offer_en-eur.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ebd38c48f0d7af1bee77a3d7db5bc3325f144a36f1ab10e57636a6bcc4dfaa00

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Tue, 13 Sep 2016 00:55:06 GMT
Server
Microsoft-IIS/10.0
ETag
"0d1c77759dd21:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
185968
CCC_Golden-ICE-jpot-spriteA.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/CCC_Golden-ICE-jpot-spriteA.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Fri, 09 Sep 2016 03:41:48 GMT
Server
Microsoft-IIS/10.0
ETag
"0e6c8174cad21:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
23573
ZC_JpotFire-arrow.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/zc/5/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.iredirect.net/webcdn/img/rea/pop/en/zc/5/ZC_JpotFire-arrow.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
fab99fd698b41133a046e06d10a92325aea980f68d299cca4bbebfbbd03990c9

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Wed, 06 Jul 2016 00:25:24 GMT
Server
Microsoft-IIS/10.0
ETag
"0721fe31cd7d11:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2291
CCC_Golden-ICE-plus_en-eur.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/CCC_Golden-ICE-plus_en-eur.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ca0f3077ffe0baeec14d0c05dabaf337a93a37be182fa7442d2afc88c12d2173

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Wed, 07 Sep 2016 05:45:00 GMT
Server
Microsoft-IIS/10.0
ETag
"016eff8ca8d21:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
7442
CCC_Golden-ICE-coins.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/CCC_Golden-ICE-coins.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
36c1e137cd2ed70bdb8d0f2e05e1f33ca1740ab5158510f183196a263d142d9e

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:04 GMT
Last-Modified
Thu, 08 Sep 2016 00:01:54 GMT
Server
Microsoft-IIS/10.0
ETag
"0852235649d21:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
2926
CCC_Golden-ICE-logo.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.iredirect.net/webcdn/img/rea/pop/en/ccc/4/CCC_Golden-ICE-logo.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
486e94a510d4ec2659ab96f3831e712c2c674c4164503a1b26df9dc0aea72fbf

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:04 GMT
Last-Modified
Wed, 07 Sep 2016 05:44:56 GMT
Server
Microsoft-IIS/10.0
ETag
"0bc8cf6ca8d21:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
11673
ZC_JpotFire-arrow2.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/zc/5/ 		683 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.iredirect.net/webcdn/img/rea/pop/en/zc/5/ZC_JpotFire-arrow2.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
2012f334284cc7b432e8211ebac9a2f80df19d7743c35541b00930c7b05c7202

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Mon, 11 Jul 2016 04:46:18 GMT
Server
Microsoft-IIS/10.0
ETag
"09b3292fdbd11:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
683
ZC_JpotFire-game-sprite.fs8.png
img.iredirect.net/webcdn/img/rea/pop/en/zc/5/ 		58 KB
59 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://img.iredirect.net/webcdn/img/rea/pop/en/zc/5/ZC_JpotFire-game-sprite.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
afc89a179e8f1f2e126c0b2bd556872e142872fd42ac353f72575d84e39d4cfe

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Mon, 11 Jul 2016 06:21:24 GMT
Server
Microsoft-IIS/10.0
ETag
"08abd723cdbd11:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/png
Content-Length
59669
norton.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/norton.jpg
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae

Request headers

Referer
http://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Mon, 27 Jun 2016 06:46:26 GMT
Server
Microsoft-IIS/10.0
ETag
"0d38a03fd0d11:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2651
mcafee.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/mcafee.jpg
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274

Request headers

Referer
http://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Mon, 27 Jun 2016 06:46:26 GMT
Server
Microsoft-IIS/10.0
ETag
"0d38a03fd0d11:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2877
secure-en.jpg
cdn.zxcdn.com/webcdn/img/rea/shared/secimages/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://cdn.zxcdn.com/webcdn/img/rea/shared/secimages/secure-en.jpg
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
a18f7dd81b36b33cb08499af70281f01aea6ca7788c21f54f7b36190a6c4d5b9

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Last-Modified
Mon, 27 Jun 2016 06:46:28 GMT
Server
Microsoft-IIS/10.0
ETag
"03a69a13fd0d11:0"
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=604800
Accept-Ranges
bytes
Content-Type
image/jpeg
Content-Length
2750
footer-icons.fs8.png
cdn.zxcdn.com/webCDN/img/Shared/ 		28 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.zxcdn.com/webCDN/img/Shared/footer-icons.fs8.png
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
7c2352e1f1fe762f6de27051ab9cc4e81c3b372a91dd59f5e300655ac3a7d756

Request headers

Referer
http://cdn.iredirect.net/webcdn/css/rea/shared.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 30 Apr 2019 20:06:04 GMT
last-modified
Wed, 17 Apr 2019 01:20:49 GMT
server
Microsoft-IIS/10.0
access-control-allow-origin
*
etag
"288197cabbf4d41:0"
p3p
CP="CAO PSA OUR"
status
200
x-nid
W01
cache-control
must-revalidate, public, max-age=604800
accept-ranges
bytes
content-type
image/png
content-length
28993
ProgressiveJackpotTicker.min.js
cdn.iredirect.net/webcdn/js/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.iredirect.net/webcdn/js/ProgressiveJackpotTicker.min.js?_=1556654763990
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
HTTP/1.1
Server
66.212.229.189 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
155d2d0315dae7ca135de8db6ca1d8da3580b1f3851f034f8a60a0fd23f014b5

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 30 Apr 2019 20:06:03 GMT
Content-Encoding
gzip
Last-Modified
Wed, 07 Jun 2017 02:03:26 GMT
Server
Microsoft-IIS/10.0
ETag
"06bdd3f32dfd21:0"
Vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
Access-Control-Allow-Origin
*
X-NID
W04
Cache-Control
must-revalidate, public, max-age=1800
Accept-Ranges
bytes
Content-Type
application/javascript
Content-Length
1215
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j73&a=744424079&t=pageview&_s=1&dl=http%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fen%2Fccc%2F4%2F&dr=&ul=en-us&de=UTF-8&dt=Captain%20Cooks%20Casino...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-85618867-1&cid=1185234927.1556654764&jid=2021492463&_gid=756930248.1556654764&gjid=812441544&_v=j73&z=1179252489
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=1185234927.1556654764&jid=2021492463&_v=j73&z=1179252489
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=1185234927.1556654764&jid=2021492463&_v=j73&z=1179252489&slf_rd=1&random=3438524124
42 B
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=1185234927.1556654764&jid=2021492463&_v=j73&z=1179252489&slf_rd=1&random=3438524124
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81d::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 30 Apr 2019 20:06:04 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 30 Apr 2019 20:06:04 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-85618867-1&cid=1185234927.1556654764&jid=2021492463&_v=j73&z=1179252489&slf_rd=1&random=3438524124
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
100 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j73&a=744424079&t=event&ni=1&_s=2&dl=http%3A%2F%2Fpromo.iredirect.net%2Frea%2Fpop%2Fen%2Fccc%2F4%2F&dr=&ul=en-us&de=UTF-8&dt=Captain%20Cooks%20Casino!&sd=24-bit&sr=1600x1200&vp=1585x1200&je=0&ec=REA%20Page&ea=Load%20Success&el=rea%2Fpop%2Fen%2Fccc%2F4&_u=YEBAAEABC~&jid=&gjid=&cid=1185234927.1556654764&tid=UA-85618867-1&_gid=756930248.1556654764&cd9=278&cd34=en&cd83=geQRV7yo6UGUmx6JfkiR4Grx036fKH2zr4JqnuTwdwI%3D&cd85=6495_45717_21424_4408_57_213_25-ENTX690284%7C13305%7Ccalin_152y365%7C845701407%7C_ow%7C0djcu%7C004jm%7Co155c6d70cac41e5_11f3%7C0pid3ok%7C65065%7C01kgr004jm%7CZ%7C&cd89=standalone&cd90=pop_ccc_4_0&cd91=standalone&cd124=catch_ccc&cd125=0&cd126=4&cd127=0&cd128=CCC&cd129=&cd130=&z=1092041100
Requested by
Host: promo.iredirect.net
URL: http://promo.iredirect.net/rea/pop/en/ccc/4/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:814::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 08 Mar 2019 22:52:51 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
4569193
content-type
image/gif
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
api.zxcdn.com/ApiMgs.svc/GetProgressivesByCultureName/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://api.zxcdn.com/ApiMgs.svc/GetProgressivesByCultureName/?cultureName=en_EUR&callback=jQuery111306463952978297691_1556654763991&_=1556654763992
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/jquery@1.11.3/dist/jquery.min.js
Protocol
HTTP/1.1
Server
66.212.229.188 , Canada, ASN14537 (CL-1379-14537 - Continent 8 LLC, US),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
ba6c283af6325cf0121bf00f5ba52ba5afff1f3bc641aa7e5a2c513e52582506

Request headers

Referer
http://promo.iredirect.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 30 Apr 2019 20:06:04 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
Vary
Accept-Encoding
Content-Type
application/x-javascript
X-NID
W04
Cache-Control
no-cache
Content-Length
995
Expires
-1

Verdicts & Comments Add Verdict or Comment

55 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask string| thisLang string| thisSiteCode string| thisBrand string| thisCategory string| thisVariation string| thisPath function| $ function| jQuery function| cross_domain_storage function| wopen function| checkCaptchaResponse number| d string| v number| formWS boolean| isCaptchaValidated object| respond boolean| priorEngage string| currency object| thisAffID string| siteTotalGames string| mobilesiteTotalGames string| decimalSeparator string| groupSeparator string| positivePattern string| decimalDigits string| isGDPR number| xit object| CookieConsentCr object| cookieconsent string| btag5 string| btag1 string| btag3 string| thisReferer string| __galab object| _loadGADATA function| isGoogleAnalyticsLoaded function| logGAEvent string| GoogleAnalyticsObject function| __gaTracker object| dataLayer object| offerDisclaimerModal object| offerDisclaimerCTA object| offerDisclaimerCheckbox object| offerDisclaimerTriggers object| fm object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| google_tag_manager boolean| blMatch undefined| jQuery111306463952978297691_1556654763991

4 Cookies

Domain/Path Name / Value
.iredirect.net/ Name: _gat
Value: 1
.iredirect.net/ Name: _gid
Value: GA1.2.756930248.1556654764
.iredirect.net/ Name: _ga
Value: GA1.2.1185234927.1556654764
promo.iredirect.net/ Name: ASPSESSIONIDSQARQDAC
Value: OBFOFNIDCCJJGKPEEPCMFMJO

2 Console Messages

Source Level URL
Text
console-api log URL: https://cdn.jsdelivr.net/npm/jquery-migrate@1.4.1/dist/jquery-migrate.min.js(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1
console-api log URL: http://promo.iredirect.net/rea/pop/en/ccc/4/(Line 125)
Message:
Load Success

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.zxcdn.com
arisonment.org.uk
cdn.iredirect.net
cdn.jsdelivr.net
cdn.zxcdn.com
clickinly.com
helpavenues.com
img.iredirect.net
promo.iredirect.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
23.88.160.52
2606:4700::6810:5614
2a00:1450:4001:814::200e
2a00:1450:4001:819::2004
2a00:1450:4001:81d::2003
2a00:1450:4001:821::2008
2a00:1450:400c:c0b::9d
66.212.229.139
66.212.229.188
66.212.229.189
79.143.78.130
81.173.46.10
0ddbb6b4d4c7de44bd811a72e62e032a4b758a2050d2c67ec11e12a7ab4a00fa
155d2d0315dae7ca135de8db6ca1d8da3580b1f3851f034f8a60a0fd23f014b5
2012f334284cc7b432e8211ebac9a2f80df19d7743c35541b00930c7b05c7202
263daceea364e196b1120703f0debb9d0fdd4bfd579c3b78d8d03bbe222d1274
36c1e137cd2ed70bdb8d0f2e05e1f33ca1740ab5158510f183196a263d142d9e
395248fa2a0de2257903418d5cf5c40d36a9e2ec04a5c5f3d9f8ca9b67ef7028
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
486e94a510d4ec2659ab96f3831e712c2c674c4164503a1b26df9dc0aea72fbf
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
4c842e69ae340fe92497dbe96a765da782274a123d2569567bec67415587a699
5a4ecc74760c4f18dd5dc8c25b8355d960124875fa52813907d2fdf1de01ae8e
78060cb1b910e5c758b7c3d2817679577f278e20f36c231abf8751b154d5ad65
7c2352e1f1fe762f6de27051ab9cc4e81c3b372a91dd59f5e300655ac3a7d756
7c54bb703a5f1ec08cb572c46325709e73726d6175a4d8ac29272f64910200ae
7f04427e198b626a2e07b3f34eb3951d43af997ac4bd5aafacf3cfcebf683d34
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
95a99b94a94d22903fe5ec49736037e6094afd5fa96a8171366c492d32beb26e
a18f7dd81b36b33cb08499af70281f01aea6ca7788c21f54f7b36190a6c4d5b9
adcccfba49ae4b6b9af5d7edd20673be39b35826d3e816a6969c333585169bb9
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afc89a179e8f1f2e126c0b2bd556872e142872fd42ac353f72575d84e39d4cfe
ba6c283af6325cf0121bf00f5ba52ba5afff1f3bc641aa7e5a2c513e52582506
bc1949a92d0ed97011d62ecc757ac52524e92d35a8d36d96b1702f31cfbc9051
ca0f3077ffe0baeec14d0c05dabaf337a93a37be182fa7442d2afc88c12d2173
ebd38c48f0d7af1bee77a3d7db5bc3325f144a36f1ab10e57636a6bcc4dfaa00
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f91da1ed13eea40a9f415c77d9ba31b3ead2912055194d0cae1620d02d78be5c
fab99fd698b41133a046e06d10a92325aea980f68d299cca4bbebfbbd03990c9