Submitted URL: https://www.dash.xfinityh.com/
Effective URL: https://couponcause.com/stores/xfinity-residential-promo-codes?_c=2571715&utm_source=internal&utm_position=adr&utm_tld=t...
Submission: On November 26 via automatic, source certstream-suspicious — Scanned from US

Summary

This website contacted 11 IPs in 2 countries across 12 domains to perform 22 HTTP transactions. The main IP is 3.228.202.4, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is couponcause.com. The Cisco Umbrella rank of the primary domain is 580348.
TLS certificate: Issued by Amazon RSA 2048 M03 on November 17th 2024. Valid for: a year.
This is the only time couponcause.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.247.81.53 206834 (TEAMINTER...)
1 2600:9000:27c... 16509 (AMAZON-02)
1 2 50.16.116.135 14618 (AMAZON-AES)
4 66.165.243.160 29802 (HVC-AS)
3 2607:f8b0:400... 15169 (GOOGLE)
1 44.216.64.127 14618 (AMAZON-AES)
1 3 3.228.202.4 14618 (AMAZON-AES)
2 3.167.88.31 16509 (AMAZON-02)
1 2600:9000:23c... 16509 (AMAZON-02)
1 54.205.120.168 14618 (AMAZON-AES)
22 11
Apex Domain
Subdomains
Transfer
4 redirekted.com
r.redirekted.com
11 KB
4 xfinityh.com
www.dash.xfinityh.com
3 KB
3 couponcause.com
couponcause.com — Cisco Umbrella Rank: 580348
4 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 36
22 KB
2 zjptg.com
www.p.zjptg.com — Cisco Umbrella Rank: 47578
50 KB
2 ernus-dop.com
ernus-dop.com
4 KB
1 tyuwq.com
clicks.tyuwq.com — Cisco Umbrella Rank: 123675
247 B
1 sjwoe.com
www.sjwoe.com — Cisco Umbrella Rank: 60901
468 B
1 trkaud.net
trkaud.net — Cisco Umbrella Rank: 841655
1 KB
1 cloudfront.net
d38psrni17bvxu.cloudfront.net
1 KB
0 xfinity.com Failed
www.xfinity.com Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
22 12
Domain Requested by
4 r.redirekted.com ernus-dop.com
r.redirekted.com
4 www.dash.xfinityh.com d38psrni17bvxu.cloudfront.net
www.dash.xfinityh.com
3 couponcause.com 1 redirects trkaud.net
3 www.google-analytics.com r.redirekted.com
www.google-analytics.com
2 www.p.zjptg.com couponcause.com
www.p.zjptg.com
2 ernus-dop.com 1 redirects www.dash.xfinityh.com
1 clicks.tyuwq.com www.p.zjptg.com
1 www.sjwoe.com www.p.zjptg.com
1 trkaud.net r.redirekted.com
1 d38psrni17bvxu.cloudfront.net www.dash.xfinityh.com
0 www.xfinity.com Failed www.p.zjptg.com
0 www.googletagmanager.com Failed www.google-analytics.com
22 12

This site contains no links.

Subject Issuer Validity Valid
defaultcontent.com
R11
2024-11-22 -
2025-02-20
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2024-07-30 -
2025-07-03
a year crt.sh
ernus-dop.com
Amazon RSA 2048 M02
2024-11-22 -
2025-12-22
a year crt.sh
redirekted.com
E6
2024-10-10 -
2025-01-08
3 months crt.sh
*.google-analytics.com
WR2
2024-10-21 -
2025-01-13
3 months crt.sh
trkaud.net
Amazon RSA 2048 M02
2024-04-15 -
2025-05-14
a year crt.sh
couponcause.com
Amazon RSA 2048 M03
2024-11-17 -
2025-12-17
a year crt.sh
www.p.zjptg.com
Amazon RSA 2048 M02
2024-06-02 -
2025-07-01
a year crt.sh
www.sjwoe.com
Amazon RSA 2048 M03
2024-10-13 -
2025-11-10
a year crt.sh
clicks.tyuwq.com
Amazon RSA 2048 M02
2024-02-17 -
2025-03-16
a year crt.sh

This page contains 2 frames:

Frame: https://www.xfinity.com/?cjdata=MXxOfDB8WXww&cjevent=68c93b16ac3e11ef823e62930a82b839&cmp=aff__100683427
Frame ID: 0797A82DC41553EAF40BDCD1579B4221
Requests: 17 HTTP requests in this frame

Frame: https://r.redirekted.com/go?e=04mWWSPX51mXmqPC9AaVwkKLvVTsyj3L8SzXv1aC4AJsytKL8gmW703B0ATsmWlL59Gr8RFWdVTs7pFC9uvWtgFW4c0X7VPM8uPrscFWebGsmkmL8IvXVk3Fv8yX7ZFC59QDbkapeb0X7NTD1p3VVEmFNq0ruqvFm8mWYgUXwpRAlE2BmR2KUyaCwuTsYOKL-IPrw1KW0RzsxflBlfRLTIQXWEHr-D2F1pUrb1KW44mZbVPL0V2VXSFWdR2X7N3K8uvWW1aC0STsmkwF-MUrV1UX0W2XytaF-MUqw5UX8gHsYkQM59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Frame ID: F0CE73F7409E8F0C7DA45DAF4953D44A
Requests: 5 HTTP requests in this frame

Screenshot

Page Title

Taking you to your destination

Page URL History Show full URLs

  1. https://www.dash.xfinityh.com/ Page URL
  2. https://ernus-dop.com/zclkvisitor/6601ab70-ac3e-11ef-9b35-0affe66d36cb/143cf7a0-6b6a-11ef-b9f3-0af... Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=6601ab70-ac3e-11ef-9b35-0affe66d36cb&type=js&browserWid... HTTP 302
    https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d7... Page URL
  4. https://trkaud.net/go/merchant/12107?utm_campaign=adr&aff_sid=8gQAx13F5qzA2gFDm4GCsMQX4LxXuuJE3... Page URL
  5. https://couponcause.com/go/merchant/12107?utm_campaign=adr&aff_sid=8gQAx13F5qzA2gFDm4GCsMQX4LxXuuJE3... HTTP 302
    https://couponcause.com/stores/xfinity-residential-promo-codes?_c=2571715&utm_source=internal&utm_po... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

22
Requests

73 %
HTTPS

30 %
IPv6

12
Domains

12
Subdomains

11
IPs

2
Countries

93 kB
Transfer

118 kB
Size

19
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.dash.xfinityh.com/ Page URL
  2. https://ernus-dop.com/zclkvisitor/6601ab70-ac3e-11ef-9b35-0affe66d36cb/143cf7a0-6b6a-11ef-b9f3-0affc7e470f1?campaignid=66100355-ac3e-11ef-9b35-0affe66d36cb Page URL
  3. https://ernus-dop.com/zclkredirect?visitid=6601ab70-ac3e-11ef-9b35-0affe66d36cb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
    https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048 Page URL
  4. https://trkaud.net/go/merchant/12107?utm_campaign=adr&aff_sid=8gQAx13F5qzA2gFDm4GCsMQX4LxXuuJE3ZUqWk3pdDJsyVPL3ZUqXkKWjW2A3qlF Page URL
  5. https://couponcause.com/go/merchant/12107?utm_campaign=adr&aff_sid=8gQAx13F5qzA2gFDm4GCsMQX4LxXuuJE3ZUqWk3pdDJsyVPL3ZUqXkKWjW2A3qlF&utm_tld=trkaud HTTP 302
    https://couponcause.com/stores/xfinity-residential-promo-codes?_c=2571715&utm_source=internal&utm_position=adr&utm_tld=trkaud Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 6
  • https://ernus-dop.com/zclkredirect?visitid=6601ab70-ac3e-11ef-9b35-0affe66d36cb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel%20Iris%20OpenGL%20Engine&timezone=UTC-10%3A00&timezoneName=Pacific%2FHonolulu HTTP 302
  • https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048
Request Chain 20
  • https://www.anrdoezrs.net/click-100683427-14449745-1614095660000?sid=xyyCCxyy1044209649 HTTP 302
  • https://cj.dotomi.com/rt67zw43M/w27/LOOOTROP/LKKQSNOMR/K/K/K?s=v5vq%3DABBPPABBEDHHFDMJHM%3c%3cu6625%3A%2F%2F999.n04q1rC45.0r6%2Fpyvpx-EDDJLGHFK-EHHHMKHI-EJEHDMIJJDDDD%3c%3cT%3cu6625%3A%2F%2Fp17210pn75r.p1z%2F%3c%3cE%3cE%3cD%3cD%3c HTTP 302
  • https://www.emjcd.com/q6121xdml5/dkp/2555A856/211794538/1/911A16AAAA5744A787:4n2OI2CKI19t/79dA4c27bd4f22fg934f73A41b93c94A?c=d1rm%3D677LL677A9DDB9IFDI%3clsx!6qDm-4IF4D73%3cq22y1%3A%2F%2F555.jw0mxn801.wn2%2Flurlt-A99FHCDBG-ADDDIGDE-AFAD9IEFF9999%3c%3cP%3cq22y1%3A%2F%2Flx3yxwlj31n.lxv%2F%3cDACAokjE-mIjG-DEDk-HHoG-GHFHDnIojDFH%3cA%3cA%3c9%3c9%3c HTTP 302
  • https://www.xfinity.com/?cjdata=MXxOfDB8WXww&cjevent=68c93b16ac3e11ef823e62930a82b839&cmp=aff__100683427

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
www.dash.xfinityh.com/
2 KB
2 KB
Document
General
Full URL
https://www.dash.xfinityh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.53 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy nginx /
Resource Hash
6fba01dc13acd3ee7d6323db4d71a41d3da2e481e5e62b04c0eedd354bbc8f40

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
viewport-width dpr device-memory rtt downlink ect ua ua-full-version ua-platform ua-platform-version ua-arch ua-model ua-mobile
accept-ch-lifetime
30
alt-svc
h3=":8443"; ma=2592000
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:47 GMT
server
Caddy nginx
vary
Accept-Encoding
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_OjDWsFUueaQY1Ze7+g+/bcRM+uTi70TDbwVwPe0PTAGMb3Eczgi1AHcMzOnyrc9vCOUxlgYk65vPbPHbcZoEtQ==
x-buckets
bucket070,bucket077
x-domain
xfinityh.com
x-language
english
x-pcrew-blocked-reason
hosting network
x-pcrew-ip-organization
Cogent Communications
x-redirect
zeropark_zeroclick
x-subdomain
www.dash
x-template
tpl_CleanPeppermintBlack_twoclick
js3.js
d38psrni17bvxu.cloudfront.net/scripts/
1 KB
1 KB
Script
General
Full URL
https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Requested by
Host: www.dash.xfinityh.com
URL: https://www.dash.xfinityh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:27c5:6e00:1d:4618:5c80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://www.dash.xfinityh.com/

Response headers

etag
"65fc1e7b-448"
age
12320
via
1.1 95198ab597460a5b78663daaceeb3b6a.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
1096
x-amz-cf-id
73iDSDK0dYK8VkWP86y1xj-7JuSO54wZM5fbEenLUr3FPv1ud9CLdA==
date
Tue, 26 Nov 2024 18:10:27 GMT
content-type
application/javascript
last-modified
Thu, 21 Mar 2024 11:48:11 GMT
server
nginx
x-amz-cf-pop
IAD61-P5
track.php
www.dash.xfinityh.com/
0
92 B
XHR
General
Full URL
https://www.dash.xfinityh.com/track.php?domain=xfinityh.com&toggle=browserjs&uid=MTczMjY1Njk0Ny4wNzMyOjFhMDkwYTM3NTAwYWM4YTlmNTBmNjQyNGQ5M2IzYTE0YmNhNDVlMGU1MzZhYzY3YTM0Nzk1NzM4Yzg4NzY5OWU6Njc0NjNmMzMxMWRjYg%3D%3D
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.53 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

viewport-width
1600
ect
4g
Referer
https://www.dash.xfinityh.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
50
downlink
10

Response headers

content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
browserjs
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:47 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
ls.php
www.dash.xfinityh.com/
16 B
368 B
XHR
General
Full URL
https://www.dash.xfinityh.com/ls.php?t=67463f33&token=9aaddafdda0224ce8963483e3fc3a9ecd99239a6
Requested by
Host: www.dash.xfinityh.com
URL: https://www.dash.xfinityh.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.53 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://www.dash.xfinityh.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
50
downlink
10

Response headers

access-control-max-age
86400
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
access-control-allow-methods
POST, OPTIONS
x-adblock-key
MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_Q07Rgu/jMqwFgXmjDMqQEQaG7Q1AYEC3Id5mrBQmfGe4qEUyYNLKSefHYSrRBgsBcoLWwnoiVbPc3RmUd3oJmg==
accept-ch-lifetime
30
x-log-success
67463f33881a41ea440b1bbe
access-control-allow-origin
alt-svc
h3=":8443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:47 GMT
charset
utf-8
content-type
text/javascript;charset=UTF-8
server
Caddy, nginx
track.php
www.dash.xfinityh.com/
0
91 B
XHR
General
Full URL
https://www.dash.xfinityh.com/track.php?click=5efa544e8bc660cc9bd4b068ee67b4308ac5ea5a&domain=xfinityh.com&uid=MTczMjY1Njk0Ny4wNzMyOjFhMDkwYTM3NTAwYWM4YTlmNTBmNjQyNGQ5M2IzYTE0YmNhNDVlMGU1MzZhYzY3YTM0Nzk1NzM4Yzg4NzY5OWU6Njc0NjNmMzMxMWRjYg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwNzAsYnVja2V0MDc3fHx8fHx8Njc0NjNmMzMxMWQ3Znx8fDE3MzI2NTY5NDcuMjI0OXxiNWQ2MzcyYjE4ZjJkMDhhZWE1Njg3NmNiZTBhNTEyYmZjZTllYWQ0fHx8fHwxfHwwfDB8fHx8MXx8fHx8MHwwfHx8fHx8fHxaSEF0ZEdWaGJXbHVkR1Z5Ym1WME1USmZNM0JvfGFkNzNhOTY3YjRhMzk4ZThlMTdmNDg3ZDg0NGFhN2U1OWEzMTQxZmV8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXw5YWFkZGFmZGRhMDIyNGNlODk2MzQ4M2UzZmMzYTllY2Q5OTIzOWE2fDB8fDB8MHx8fHw%3D&kw=&search=&pcat=&bucket=&clientID=&adtest=off
Requested by
Host: d38psrni17bvxu.cloudfront.net
URL: https://d38psrni17bvxu.cloudfront.net/scripts/js3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.247.81.53 , Canada, ASN206834 (TEAMINTERNET-CA-AS Team Internet AG, DE),
Reverse DNS
Software
Caddy, nginx /
Resource Hash

Request headers

viewport-width
1600
ect
4g
Referer
https://www.dash.xfinityh.com/
device-memory
8
dpr
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
rtt
50
downlink
10

Response headers

x-view-match
true
content-encoding
gzip
accept-ch
viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
accept-ch-lifetime
30
x-custom-track
none
access-control-allow-origin
*
alt-svc
h3=":8443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:47 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
server
Caddy, nginx
143cf7a0-6b6a-11ef-b9f3-0affc7e470f1
ernus-dop.com/zclkvisitor/6601ab70-ac3e-11ef-9b35-0affe66d36cb/
3 KB
3 KB
Document
General
Full URL
https://ernus-dop.com/zclkvisitor/6601ab70-ac3e-11ef-9b35-0affe66d36cb/143cf7a0-6b6a-11ef-b9f3-0affc7e470f1?campaignid=66100355-ac3e-11ef-9b35-0affe66d36cb
Requested by
Host: www.dash.xfinityh.com
URL: https://www.dash.xfinityh.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
50.16.116.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-50-16-116-135.compute-1.amazonaws.com
Software
/
Resource Hash
b162c90f07209a5f210061d284994e75e3f5ab560cf7c06104062cc5a86ec1af
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'unsafe-inline'

Request headers

Referer
https://www.dash.xfinityh.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
3088
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
content-type
text/html;charset=UTF-8
date
Tue, 26 Nov 2024 21:35:47 GMT
redirect
r.redirekted.com/
Redirect Chain
  • https://ernus-dop.com/zclkredirect?visitid=6601ab70-ac3e-11ef-9b35-0affe66d36cb&type=js&browserWidth=1600&browserHeight=1200&iframeDetected=false&webdriverDetected=false&gpu=Intel%20Inc.%3B%20Intel...
  • https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048
824 B
1 KB
Document
General
Full URL
https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048
Requested by
Host: ernus-dop.com
URL: https://ernus-dop.com/zclkvisitor/6601ab70-ac3e-11ef-9b35-0affe66d36cb/143cf7a0-6b6a-11ef-b9f3-0affc7e470f1?campaignid=66100355-ac3e-11ef-9b35-0affe66d36cb
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.27.0 / PHP/8.1.29
Resource Hash
330378640303dddd389c14b60a03cd30a6230ca9cb1ec3105767f2d6258cb5c8

Request headers

Referer
https://ernus-dop.com/zclkvisitor/6601ab70-ac3e-11ef-9b35-0affe66d36cb/143cf7a0-6b6a-11ef-b9f3-0affc7e470f1?campaignid=66100355-ac3e-11ef-9b35-0affe66d36cb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Nov 2024 21:35:48 GMT
Server
nginx/1.27.0
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.29

Redirect headers

access-control-allow-headers
X-Requested-With,Content-Type
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
cache-control
no-store, no-cache, pre-check=0, post-check=0
content-length
0
content-security-policy
default-src 'self'; script-src 'self' 'unsafe-inline'
date
Tue, 26 Nov 2024 21:35:48 GMT
location
https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048
adren.css
r.redirekted.com/css/
243 B
479 B
Stylesheet
General
Full URL
https://r.redirekted.com/css/adren.css?n=3069285769
Requested by
Host: r.redirekted.com
URL: https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.27.0 /
Resource Hash
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048

Response headers

ETag
"60dff9aa-f3"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
243
Date
Tue, 26 Nov 2024 21:35:48 GMT
Content-Type
text/css
Last-Modified
Sat, 03 Jul 2021 05:46:18 GMT
Server
nginx/1.27.0
adren.min.js
r.redirekted.com/js/
7 KB
8 KB
Script
General
Full URL
https://r.redirekted.com/js/adren.min.js?n=3069285769
Requested by
Host: r.redirekted.com
URL: https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.27.0 /
Resource Hash
8597d8112ffa8f07199b715746aebe0bc4180e1c23cf4de02ef8fdc8f57e0bdc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048

Response headers

ETag
"660ff04f-1d72"
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7538
Date
Tue, 26 Nov 2024 21:35:48 GMT
Content-Type
application/javascript
Last-Modified
Fri, 05 Apr 2024 12:36:31 GMT
Server
nginx/1.27.0
go
r.redirekted.com/ Frame F0CE
1 KB
1 KB
Document
General
Full URL
https://r.redirekted.com/go?e=04mWWSPX51mXmqPC9AaVwkKLvVTsyj3L8SzXv1aC4AJsytKL8gmW703B0ATsmWlL59Gr8RFWdVTs7pFC9uvWtgFW4c0X7VPM8uPrscFWebGsmkmL8IvXVk3Fv8yX7ZFC59QDbkapeb0X7NTD1p3VVEmFNq0ruqvFm8mWYgUXwpRAlE2BmR2KUyaCwuTsYOKL-IPrw1KW0RzsxflBlfRLTIQXWEHr-D2F1pUrb1KW44mZbVPL0V2VXSFWdR2X7N3K8uvWW1aC0STsmkwF-MUrV1UX0W2XytaF-MUqw5UX8gHsYkQM59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Requested by
Host: r.redirekted.com
URL: https://r.redirekted.com/js/adren.min.js?n=3069285769
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
66.165.243.160 Los Angeles, United States, ASN29802 (HVC-AS, US),
Reverse DNS
66-165-243-160.static.hvvc.us
Software
nginx/1.27.0 / PHP/8.1.29
Resource Hash
d9ebbd8799898a202c7b589ea7c8a3024f67bb7aa43970a7d01bfcdd7951eafb

Request headers

Referer
https://r.redirekted.com/redirect?redirect_id=6725e5e5e22f491b4a6b498160344b4e&request_id=bed5d4483d71383f76b852625c618048
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Tue, 26 Nov 2024 21:35:49 GMT
Server
nginx/1.27.0
Transfer-Encoding
chunked
X-Powered-By
PHP/8.1.29
analytics.js
www.google-analytics.com/ Frame F0CE
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: r.redirekted.com
URL: https://r.redirekted.com/go?e=04mWWSPX51mXmqPC9AaVwkKLvVTsyj3L8SzXv1aC4AJsytKL8gmW703B0ATsmWlL59Gr8RFWdVTs7pFC9uvWtgFW4c0X7VPM8uPrscFWebGsmkmL8IvXVk3Fv8yX7ZFC59QDbkapeb0X7NTD1p3VVEmFNq0ruqvFm8mWYgUXwpRAlE2BmR2KUyaCwuTsYOKL-IPrw1KW0RzsxflBlfRLTIQXWEHr-D2F1pUrb1KW44mZbVPL0V2VXSFWdR2X7N3K8uvWW1aC0STsmkwF-MUrV1UX0W2XytaF-MUqw5UX8gHsYkQM59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://r.redirekted.com/

Response headers

content-encoding
gzip
age
796
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Tue, 26 Nov 2024 23:22:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:22:33 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
collect
www.google-analytics.com/j/ Frame F0CE
15 B
372 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1458616232&t=pageview&_s=1&dl=https%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSPX51mXmqPC9AaVwkKLvVTsyj3L8SzXv1aC4AJsytKL8gmW703B0ATsmWlL59Gr8RFWdVTs7pFC9uvWtgFW4c0X7VPM8uPrscFWebGsmkmL8IvXVk3Fv8yX7ZFC59QDbkapeb0X7NTD1p3VVEmFNq0ruqvFm8mWYgUXwpRAlE2BmR2KUyaCwuTsYOKL-IPrw1KW0RzsxflBlfRLTIQXWEHr-D2F1pUrb1KW44mZbVPL0V2VXSFWdR2X7N3K8uvWW1aC0STsmkwF-MUrV1UX0W2XytaF-MUqw5UX8gHsYkQM59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=271785540&gjid=573467594&cid=1760000234.1732656950&tid=UA-32454353-1&_gid=1779004947.1732656950&_r=1&_slc=1&z=1337489219
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://r.redirekted.com/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 21:35:49 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://r.redirekted.com
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
collect
www.google-analytics.com/ Frame F0CE
35 B
406 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1458616232&t=pageview&_s=2&dl=https%3A%2F%2Fr.redirekted.com%2Fgo%3Fe%3D04mWWSPX51mXmqPC9AaVwkKLvVTsyj3L8SzXv1aC4AJsytKL8gmW703B0ATsmWlL59Gr8RFWdVTs7pFC9uvWtgFW4c0X7VPM8uPrscFWebGsmkmL8IvXVk3Fv8yX7ZFC59QDbkapeb0X7NTD1p3VVEmFNq0ruqvFm8mWYgUXwpRAlE2BmR2KUyaCwuTsYOKL-IPrw1KW0RzsxflBlfRLTIQXWEHr-D2F1pUrb1KW44mZbVPL0V2VXSFWdR2X7N3K8uvWW1aC0STsmkwF-MUrV1UX0W2XytaF-MUqw5UX8gHsYkQM59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=&gjid=&cid=1760000234.1732656950&tid=UA-32454353-1&_gid=1779004947.1732656950&cd1=p3I8pUIiL3k8sUkmqKkjqJ9wsUk8sN%3D%3D&z=1077335347
Requested by
Host: r.redirekted.com
URL: https://r.redirekted.com/go?e=04mWWSPX51mXmqPC9AaVwkKLvVTsyj3L8SzXv1aC4AJsytKL8gmW703B0ATsmWlL59Gr8RFWdVTs7pFC9uvWtgFW4c0X7VPM8uPrscFWebGsmkmL8IvXVk3Fv8yX7ZFC59QDbkapeb0X7NTD1p3VVEmFNq0ruqvFm8mWYgUXwpRAlE2BmR2KUyaCwuTsYOKL-IPrw1KW0RzsxflBlfRLTIQXWEHr-D2F1pUrb1KW44mZbVPL0V2VXSFWdR2X7N3K8uvWW1aC0STsmkwF-MUrV1UX0W2XytaF-MUqw5UX8gHsYkQM59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::71 Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://r.redirekted.com/

Response headers

age
8587
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:163:0"}],}
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 26 Nov 2024 19:12:42 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:163:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
35
server
Golfe2
12107
trkaud.net/go/merchant/
397 B
1 KB
Document
General
Full URL
https://trkaud.net/go/merchant/12107?utm_campaign=adr&aff_sid=8gQAx13F5qzA2gFDm4GCsMQX4LxXuuJE3ZUqWk3pdDJsyVPL3ZUqXkKWjW2A3qlF
Requested by
Host: r.redirekted.com
URL: https://r.redirekted.com/go?e=04mWWSPX51mXmqPC9AaVwkKLvVTsyj3L8SzXv1aC4AJsytKL8gmW703B0ATsmWlL59Gr8RFWdVTs7pFC9uvWtgFW4c0X7VPM8uPrscFWebGsmkmL8IvXVk3Fv8yX7ZFC59QDbkapeb0X7NTD1p3VVEmFNq0ruqvFm8mWYgUXwpRAlE2BmR2KUyaCwuTsYOKL-IPrw1KW0RzsxflBlfRLTIQXWEHr-D2F1pUrb1KW44mZbVPL0V2VXSFWdR2X7N3K8uvWW1aC0STsmkwF-MUrV1UX0W2XytaF-MUqw5UX8gHsYkQM59Gs7DmC0tTsybPF8W3XYcvL5OHVyDaF8AUp-Hmpt9SA_pFC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
44.216.64.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-216-64-127.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f0d0881984434a5f1ad527e2a93a383088e8a3877d718a3d0c8f3a92f32dbef7

Request headers

Referer
https://r.redirekted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:49 GMT
server
nginx/1.18.0 (Ubuntu)
js
www.googletagmanager.com/gtag/ Frame F0CE
0
0

Primary Request xfinity-residential-promo-codes
couponcause.com/stores/
Redirect Chain
  • https://couponcause.com/go/merchant/12107?utm_campaign=adr&aff_sid=8gQAx13F5qzA2gFDm4GCsMQX4LxXuuJE3ZUqWk3pdDJsyVPL3ZUqXkKWjW2A3qlF&utm_tld=trkaud
  • https://couponcause.com/stores/xfinity-residential-promo-codes?_c=2571715&utm_source=internal&utm_position=adr&utm_tld=trkaud
596 B
1 KB
Document
General
Full URL
https://couponcause.com/stores/xfinity-residential-promo-codes?_c=2571715&utm_source=internal&utm_position=adr&utm_tld=trkaud
Requested by
Host: trkaud.net
URL: https://trkaud.net/go/merchant/12107?utm_campaign=adr&aff_sid=8gQAx13F5qzA2gFDm4GCsMQX4LxXuuJE3ZUqWk3pdDJsyVPL3ZUqXkKWjW2A3qlF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.202.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-202-4.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
2959177ddbb6fa8cecace1b7e826807e7769bc630edfae536cf01b76d27533c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://trkaud.net/go/merchant/12107?utm_campaign=adr&aff_sid=8gQAx13F5qzA2gFDm4GCsMQX4LxXuuJE3ZUqWk3pdDJsyVPL3ZUqXkKWjW2A3qlF
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

cache-control
no-cache, private
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:50 GMT
server
nginx/1.15.8
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block

Redirect headers

cache-control
no-cache, private
content-type
text/html; charset=UTF-8
date
Tue, 26 Nov 2024 21:35:50 GMT
location
https://couponcause.com/stores/xfinity-residential-promo-codes?_c=2571715&utm_source=internal&utm_position=adr&utm_tld=trkaud
server
nginx/1.15.8
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
100001
www.p.zjptg.com/tag/4575677/
49 KB
50 KB
Script
General
Full URL
https://www.p.zjptg.com/tag/4575677/100001
Requested by
Host: couponcause.com
URL: https://couponcause.com/stores/xfinity-residential-promo-codes?_c=2571715&utm_source=internal&utm_position=adr&utm_tld=trkaud
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-31.iad55.r.cloudfront.net
Software
CloudFront /
Resource Hash
6f09aeb79fef10ced306b8f2a581e06400ee71aa96ad64a22f05ce7a8558b6e4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://couponcause.com/

Response headers

age
747
via
1.1 fa3a5f40cd1a9e910f14498786d64614.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
content-length
50415
x-amz-cf-id
VT6PNMUAeBo4JtM8krKYP_6hpK-HH68Bkj_WWJLTzpo2eJ4kLM08JA==
date
Tue, 26 Nov 2024 21:23:23 GMT
x-amz-cf-pop
IAD55-P6
server
CloudFront
policy
www.sjwoe.com/
48 B
468 B
Fetch
General
Full URL
https://www.sjwoe.com/policy
Requested by
Host: www.p.zjptg.com
URL: https://www.p.zjptg.com/tag/4575677/100001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:23cb:ae00:7:f1a3:af00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
9e460f3d2ddf0f31c9445ea3874a6aac8ce30f9f284a03526429ac2181935cbe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://couponcause.com/

Response headers

cache-control
max-age=3600
x-amz-apigw-id
B3YV2H5NIAMEpmQ=
age
14302
x-amzn-trace-id
Root=1-67460758-6acf03bf5461bd991390050d;Parent=2b0c5b87f9a58a0c;Sampled=0;Lineage=1:36ff8a84:0
x-amzn-requestid
894f5874-b26d-4ce8-abd6-b4ace9574b0e
via
1.1 043cf9310ff19c0e58a0b6e76877f570.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-cache
Hit from cloudfront
content-length
48
x-amz-cf-id
9q9Qk8SeKtSYnbVtJmKlRqTfo3SXxNI4FO_Pt2zTtalDyN1oRN3rcQ==
date
Tue, 26 Nov 2024 17:37:28 GMT
content-type
application/json
x-amz-cf-pop
JFK50-P1
favicon.ico
couponcause.com/
0
258 B
Other
General
Full URL
https://couponcause.com/favicon.ico
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.228.202.4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-228-202-4.compute-1.amazonaws.com
Software
nginx/1.15.8 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://couponcause.com/stores/xfinity-residential-promo-codes?_c=2571715&utm_source=internal&utm_position=adr&utm_tld=trkaud

Response headers

cache-control
max-age=31536000
etag
"673793ff-0"
x-content-type-options
nosniff
expires
Wed, 26 Nov 2025 21:35:50 GMT
accept-ranges
bytes
content-length
0
date
Tue, 26 Nov 2024 21:35:50 GMT
x-xss-protection
1; mode=block
content-type
image/x-icon
last-modified
Fri, 15 Nov 2024 18:33:35 GMT
server
nginx/1.15.8
x-frame-options
SAMEORIGIN
v1
clicks.tyuwq.com/
110 B
247 B
Fetch
General
Full URL
https://clicks.tyuwq.com/v1
Requested by
Host: www.p.zjptg.com
URL: https://www.p.zjptg.com/tag/4575677/100001
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.205.120.168 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-205-120-168.compute-1.amazonaws.com
Software
/
Resource Hash
72ccc44eb47b00cf0473f8aa0061e7fe0294da82cb4019d6516235f189d66471

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://couponcause.com/

Response headers

x-request-id
6858e1f0ac3e11ef9eeb075778b967d7
access-control-allow-origin
*
content-length
110
date
Tue, 26 Nov 2024 21:35:51 GMT
content-type
text/plain; charset=UTF-8
log
www.p.zjptg.com/
19 B
247 B
Ping
General
Full URL
https://www.p.zjptg.com/log
Requested by
Host: www.p.zjptg.com
URL: https://www.p.zjptg.com/tag/4575677/100001
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.167.88.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-167-88-31.iad55.r.cloudfront.net
Software
CloudFront /
Resource Hash
f7bb4455cc73832d43d80909118c1c513f3d86a4494f2b36a377c4466853d443

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://couponcause.com/

Response headers

via
1.1 fa3a5f40cd1a9e910f14498786d64614.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
19
x-amz-cf-id
K4VI67OK1Y9T1Cbs7PNjjKY57urz7dhAhQZz99qH9n3uiAV6bcFe3Q==
date
Tue, 26 Nov 2024 21:35:51 GMT
x-amz-cf-pop
IAD55-P6
server
CloudFront
/
www.xfinity.com/
Redirect Chain
  • https://www.anrdoezrs.net/click-100683427-14449745-1614095660000?sid=xyyCCxyy1044209649
  • https://cj.dotomi.com/rt67zw43M/w27/LOOOTROP/LKKQSNOMR/K/K/K?s=v5vq%3DABBPPABBEDHHFDMJHM%3c%3cu6625%3A%2F%2F999.n04q1rC45.0r6%2Fpyvpx-EDDJLGHFK-EHHHMKHI-EJEHDMIJJDDDD%3c%3cT%3cu6625%3A%2F%2Fp17210p...
  • https://www.emjcd.com/q6121xdml5/dkp/2555A856/211794538/1/911A16AAAA5744A787:4n2OI2CKI19t/79dA4c27bd4f22fg934f73A41b93c94A?c=d1rm%3D677LL677A9DDB9IFDI%3clsx!6qDm-4IF4D73%3cq22y1%3A%2F%2F555.jw0mxn8...
  • https://www.xfinity.com/?cjdata=MXxOfDB8WXww&cjevent=68c93b16ac3e11ef823e62930a82b839&cmp=aff__100683427
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=G-TG55WX34R2&cx=c&_slc=1
Domain
www.xfinity.com
URL
https://www.xfinity.com/?cjdata=MXxOfDB8WXww&cjevent=68c93b16ac3e11ef823e62930a82b839&cmp=aff__100683427

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| cj number| modifiedBouncelessPercentage number| configuredPublisherId number| configuredTagId function| cjredirect

19 Cookies

Domain/Path Name / Value
r.redirekted.com/ Name: uuid
Value: 1234087178531169024
.redirekted.com/ Name: _ga
Value: GA1.2.1760000234.1732656950
.redirekted.com/ Name: _gid
Value: GA1.2.1779004947.1732656950
.redirekted.com/ Name: _gat
Value: 1
trkaud.net/ Name: XSRF-TOKEN
Value: eyJpdiI6Ingvd1VLTU9mQjVDQXhRU3M0WGgxUHc9PSIsInZhbHVlIjoiZkhDZzU0eVo0ZXE0emVmRWdIeVJpVHVzbGxVdGlqYkR2S2xWYm1KcFpPRysyTStDOG5EUEgvRnRMY09HMzNpRVJtT3Z6VFBFelVWTUF1MkRFQUVSelU2WEJuWURaRGRpR05UWkEzV1p5Y21yRVBFeEpkbXZySnFreUJoUW1BeTMiLCJtYWMiOiI1ZmQ5YzliMDI0MjliOGI5MzFmNTFhZmNhZDA5YmI4NzcxOTViYzEzODZhMTFiNzkyZDAyNTJmZjA3MTg5MWRiIiwidGFnIjoiIn0%3D
trkaud.net/ Name: trkaud_session
Value: eyJpdiI6IjFHaFdIUUVBclFKRVN2QS8zS2I1Vmc9PSIsInZhbHVlIjoiWEdpOXpGMUkySFBBc2p0NnNrOFpTcWxzQjl2ak5KbmVEWUsrWW1TU0p5MFpsMnRNLzlKdnpMRUVHYkkrNkM4bUsxcXZIODFnditQMHZ4LzZSTkpDUmtVYWIyUlZoU3pZWEFrbnhET1RydzFFaG51QkttTk0xVk9Scndram02ZEMiLCJtYWMiOiI1OTU2Nzg3ZjgyMDE2NGYxOTQ4N2EyY2RiZDNhYzVhYTBmMGIyYWU3NmJiYjc3OTMwZDE0MjczMDkzOWQ3NDgzIiwidGFnIjoiIn0%3D
couponcause.com/ Name: primaryLoad
Value: 1044209648
couponcause.com/ Name: XSRF-TOKEN
Value: eyJpdiI6ImpIbUhcL2hJV1MrdDl4U25lUkdVYXhRPT0iLCJ2YWx1ZSI6ImhZK2JxVEhkSVZjV25aVDN3OWpIYmtVK1gwclpVWlwvWXAwQXNlY3I3RWY4bmpyc1lBTjcxWW0xbWpYSzhkN1BzIiwibWFjIjoiMzkwNjlkZWQ0Yjk1N2ZiOWJiZDdkNzdhZDQxMDRmZjJiOTM1Y2EzM2RlZDcwNzRhZWYzYzk4N2ViMTc5NjQ4MSJ9
couponcause.com/ Name: laravel_session
Value: eyJpdiI6IjVaTllDM2gxVmxVSzl4aG5wOGN5S1E9PSIsInZhbHVlIjoiWG4rOXQ1bE5qK0dSVnQrRzJWeHNtTU1Xek1JNTYxS0drV1QrWWJJa0c4TlVlWCtDUXhNTzdNY3RBSmFBcWRma3F3S2Y2eVhKSE8yS281dGtHem5mV25sUGRmRVZcL2laYmg3SDNseGFBamhmM3NaU1YrT0ZVamoxVnM4MHRHN3hxIiwibWFjIjoiNWE5NDg4MzVlZTkwM2I1OGJjM2NiYTNkMGE2MTVjZTQ1MDQ3N2Q1OTVkN2UxOTk1MmRkYjdlMjQ3MThiMTVjZCJ9
couponcause.com/ Name: infered_user_id
Value: eyJpdiI6Im5SRlllaUxQeG80QmhLWkxEVnhNamc9PSIsInZhbHVlIjoiWnRoejd5eHBCZmxDSldxYXJ4N08rOEkyQkJ4V0pRaCtkRnBEQXBGb3lJOWszbUdReTZCM25kYmxvVUw1YjNHbmZTSXJBOGFjVHNXVjFBQkpxdjZtR3N4NlBTRGRRMUllUDQ1YUV2QnA5bDA9IiwibWFjIjoiZTExN2FlMWNiMTIzZTUyMjViNTVmMWMwNTMzZTM3ZjYwMzQwM2UwMTg2YmVmOWQ0MTBhZTk1ZTUwNzNlZDBhOCJ9
couponcause.com/ Name: cjConsent
Value: 0|1:1732656950675|0
couponcause.com/ Name: cjUser
Value: 5077ffc7-7e98-4ba6-9faf-b0469df3e56a
.dotomi.com/ Name: CJSession
Value: 4131fba5-d9a7-454b-88f7-78684e9fa468
.dotomi.com/ Name: cjae
Value: 3m1NH1BJH08s
.dotomi.com/ Name: DotomiUser
Value: 800905999946339676$0$1
.dotomi.com/ Name: LCLK
Value: cjo!xh4d-v96v4yu
.emjcd.com/ Name: S
Value: 800905999946339676:3m1NH1BJH08s
.emjcd.com/ Name: LCLK
Value: cjo!xh4d-v96v4yu
.emjcd.com/ Name: CJSession
Value: 4131fba5-d9a7-454b-88f7-78684e9fa468

1 Console Messages

Source Level URL
Text
rendering warning URL: https://ernus-dop.com/zclkvisitor/6601ab70-ac3e-11ef-9b35-0affe66d36cb/143cf7a0-6b6a-11ef-b9f3-0affc7e470f1?campaignid=66100355-ac3e-11ef-9b35-0affe66d36cb
Message:
[GroupMarkerNotSet(crbug.com/242999)!:A070AD01AC2C0000]Automatic fallback to software WebGL has been deprecated. Please use the --enable-unsafe-swiftshader flag to opt in to lower security guarantees for trusted content.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

clicks.tyuwq.com
couponcause.com
d38psrni17bvxu.cloudfront.net
ernus-dop.com
r.redirekted.com
trkaud.net
www.dash.xfinityh.com
www.google-analytics.com
www.googletagmanager.com
www.p.zjptg.com
www.sjwoe.com
www.xfinity.com
www.googletagmanager.com
www.xfinity.com
104.247.81.53
2600:9000:23cb:ae00:7:f1a3:af00:93a1
2600:9000:27c5:6e00:1d:4618:5c80:21
2607:f8b0:4004:c08::71
3.167.88.31
3.228.202.4
44.216.64.127
50.16.116.135
54.205.120.168
66.165.243.160
036c94653e84e6078c087abeb3ac8804491d27b27938839ae3df42b31e2238d9
2959177ddbb6fa8cecace1b7e826807e7769bc630edfae536cf01b76d27533c2
330378640303dddd389c14b60a03cd30a6230ca9cb1ec3105767f2d6258cb5c8
6f09aeb79fef10ced306b8f2a581e06400ee71aa96ad64a22f05ce7a8558b6e4
6fba01dc13acd3ee7d6323db4d71a41d3da2e481e5e62b04c0eedd354bbc8f40
72ccc44eb47b00cf0473f8aa0061e7fe0294da82cb4019d6516235f189d66471
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8597d8112ffa8f07199b715746aebe0bc4180e1c23cf4de02ef8fdc8f57e0bdc
9e460f3d2ddf0f31c9445ea3874a6aac8ce30f9f284a03526429ac2181935cbe
b162c90f07209a5f210061d284994e75e3f5ab560cf7c06104062cc5a86ec1af
d9ebbd8799898a202c7b589ea7c8a3024f67bb7aa43970a7d01bfcdd7951eafb
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e2d9fd8b995f146baf54bc35d162d3e8169a5345368058b10a3b3bf4592ed777
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f0d0881984434a5f1ad527e2a93a383088e8a3877d718a3d0c8f3a92f32dbef7
f7bb4455cc73832d43d80909118c1c513f3d86a4494f2b36a377c4466853d443