Submitted URL: http://sexprzygody.pl/
Effective URL: https://totrck.com/?a=151&c=732&p=&s5=wde&tds_campaign=a4669zle&tds_id=a4669zle_resale_b_531480696782&tds_oid=resal...
Submission: On October 23 via manual from IE

Summary

This website contacted 11 IPs in 5 countries across 13 domains to perform 16 HTTP transactions. The main IP is 34.254.118.46, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is totrck.com.
TLS certificate: Issued by AlphaSSL CA - SHA256 - G2 on May 29th 2018. Valid for: a year.
This is the only time totrck.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 212.91.7.33 48707 (GREENER-AS)
2 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700:30:... 13335 (CLOUDFLAR...)
1 104.20.144.117 13335 (CLOUDFLAR...)
1 2 104.109.85.152 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 1 52.57.112.117 16509 (AMAZON-02)
1 34.254.118.46 16509 (AMAZON-02)
16 11
Domain Requested by
3 www.google-analytics.com 1 redirects leadmy.pl
www.google-analytics.com
3 fonts.gstatic.com ajax.googleapis.com
2 www.g2a.com 1 redirects leadmy.pl
2 kieruje.ml kieruje.ml
1 totrck.com
1 go-sex.com 1 redirects
1 stats.g.doubleclick.net leadmy.pl
1 web.bitpanda.com leadmy.pl
1 app.autoinvestor.io leadmy.pl
1 auth.bitbay.net leadmy.pl
1 leadmy.pl
1 ajax.googleapis.com kieruje.ml
1 fonts.googleapis.com kieruje.ml
1 sexprzygody.pl 1 redirects
16 14

This site contains no links.

Subject Issuer Validity Valid
*.googleapis.com
Google Internet Authority G3
2018-10-02 -
2018-12-25
3 months crt.sh
*.google.com
Google Internet Authority G3
2018-10-02 -
2018-12-25
3 months crt.sh
sni59630.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-09-10 -
2019-03-19
6 months crt.sh
www.g2a.com
DigiCert SHA2 Extended Validation Server CA
2018-04-24 -
2020-04-23
2 years crt.sh
ssl372350.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2018-10-13 -
2019-04-21
6 months crt.sh
bitpanda.com
Go Daddy Secure Certificate Authority - G2
2018-10-15 -
2019-10-04
a year crt.sh
*.google-analytics.com
Google Internet Authority G3
2018-10-02 -
2018-12-25
3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3
2018-10-02 -
2018-12-25
3 months crt.sh
*.totrck.com
AlphaSSL CA - SHA256 - G2
2018-05-29 -
2019-05-30
a year crt.sh

This page contains 5 frames:

Primary Page: https://totrck.com/?a=151&c=732&p=&s5=wde&tds_campaign=a4669zle&tds_id=a4669zle_resale_b_531480696782&tds_oid=resale2&tdsId=a4669zle_r&utm_source=int&utm_campaign=9e3e9ef3&utm_content=1463&data2=mlClick-t4yAYZC7&utm_sub=opnfnlconf&tds_cid=fc0352838f9b367ee11a1030e7d862460779b069&p_tds_cid=
Frame ID: 8AF66D0612FC3B9CEAAF4FCD30EC2A41
Requests: 12 HTTP requests in this frame

Frame: https://auth.bitbay.net/ref/PjUbTG
Frame ID: F36661B600AE70BA88AD81E2D789BA29
Requests: 1 HTTP requests in this frame

Frame: https://www.g2a.com/?reflink=user-5b2d088386a83
Frame ID: E951095CB8CBD8607B07CD79E9F71711
Requests: 1 HTTP requests in this frame

Frame: https://app.autoinvestor.io/
Frame ID: B7E6A29A59211867B2FA5C15B22EC7E4
Requests: 1 HTTP requests in this frame

Frame: https://web.bitpanda.com/user/register/230147760107644845
Frame ID: 3615F94EBA7B3886B9B8266FDC42973F
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://sexprzygody.pl/ HTTP 301
    http://kieruje.ml/77711 Page URL
  2. http://leadmy.pl/p/W4Tx/Vc3H/P6kv Page URL
  3. https://go-sex.com/tds/int?tdsId=a4016kov_r&tds_campaign=a4016kov&utm_source=int&utm_campaign=9... HTTP 302
    https://totrck.com/?a=151&c=732&p=&s5=wde&tds_campaign=a4669zle&tds_id=a4669zle_resale_b_531480... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /cloudflare/i

Page Statistics

16
Requests

81 %
HTTPS

62 %
IPv6

13
Domains

14
Subdomains

11
IPs

5
Countries

134 kB
Transfer

224 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://sexprzygody.pl/ HTTP 301
    http://kieruje.ml/77711 Page URL
  2. http://leadmy.pl/p/W4Tx/Vc3H/P6kv Page URL
  3. https://go-sex.com/tds/int?tdsId=a4016kov_r&tds_campaign=a4016kov&utm_source=int&utm_campaign=9e3e9ef3&utm_content=1463&data2=mlClick-t4yAYZC7&utm_sub=opnfnlconf HTTP 302
    https://totrck.com/?a=151&c=732&p=&s5=wde&tds_campaign=a4669zle&tds_id=a4669zle_resale_b_531480696782&tds_oid=resale2&tdsId=a4669zle_r&utm_source=int&utm_campaign=9e3e9ef3&utm_content=1463&data2=mlClick-t4yAYZC7&utm_sub=opnfnlconf&tds_cid=fc0352838f9b367ee11a1030e7d862460779b069&p_tds_cid= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://sexprzygody.pl/ HTTP 301
  • http://kieruje.ml/77711
Request Chain 9
  • https://www.g2a.com/r/user-5b2d088386a83 HTTP 302
  • https://www.g2a.com/?reflink=user-5b2d088386a83
Request Chain 14
  • https://www.google-analytics.com/r/collect?v=1&_v=j71&a=2129403892&t=pageview&_s=1&dl=http%3A%2F%2Fleadmy.pl%2Fp%2FW4Tx%2FVc3H%2FP6kv&dr=http%3A%2F%2Fkieruje.ml%2F77711&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1929983726&gjid=721923218&cid=1945931730.1540313186&tid=UA-110090096-2&_gid=394538543.1540313186&_r=1&z=770323922 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1945931730.1540313186&jid=1929983726&_gid=394538543.1540313186&gjid=721923218&_v=j71&z=770323922

16 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Cookie set 77711
kieruje.ml/
Redirect Chain
  • http://sexprzygody.pl/
  • http://kieruje.ml/77711
2 KB
1 KB
Document
General
Full URL
http://kieruje.ml/77711
Protocol
HTTP/1.1
Server
2606:4700:30::681c:e60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
21fb311c20a348e38408b59468715e967cb9d4a1b81d9b8786a5e33c35dfeba8

Request headers

Host
kieruje.ml
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Oct 2018 16:46:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=d6affba0bc3956b609724742266a250921540313186; expires=Wed, 23-Oct-19 16:46:26 GMT; path=/; domain=.kieruje.ml; HttpOnly
X-Robots-Tag
noindex, nofollow
Cache-Control
private,no-store, no-cache
Server
cloudflare
CF-RAY
46e5ae04c45d63fd-FRA
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 23 Oct 2018 16:46:25 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
X-Frame-Options
SAMEORIGIN
Location
http://kieruje.ml/77711
css
fonts.googleapis.com/
4 KB
751 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin-ext
Requested by
Host: kieruje.ml
URL: http://kieruje.ml/77711
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
094241ad5eeb7cecb708cf0612375eb4cd9e95cd3f52b05907b3fc77bee08ca0
Security Headers
Name Value
Strict-Transport-Security max-age=604800
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kieruje.ml/77711
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
last-modified
Tue, 23 Oct 2018 16:46:26 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Tue, 23 Oct 2018 16:46:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Tue, 23 Oct 2018 16:46:26 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.11.0/
94 KB
33 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Requested by
Host: kieruje.ml
URL: http://kieruje.ml/77711
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
http://kieruje.ml/77711
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 02 Oct 2018 06:22:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1851835
status
200
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
33576
x-xss-protection
1; mode=block
last-modified
Tue, 20 Dec 2016 18:17:03 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 02 Oct 2019 06:22:31 GMT
img1.png
kieruje.ml/
50 KB
50 KB
Image
General
Full URL
http://kieruje.ml/img1.png
Requested by
Host: kieruje.ml
URL: http://kieruje.ml/77711
Protocol
HTTP/1.1
Server
2606:4700:30::681c:e60 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
838cbc581dc7211ce127eb42952e745c5e0631ff7160f6ae6b0ef145571f0ff4

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kieruje.ml
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://kieruje.ml/77711
Cookie
__cfduid=d6affba0bc3956b609724742266a250921540313186
Connection
keep-alive
Cache-Control
no-cache
Referer
http://kieruje.ml/77711
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 23 Oct 2018 16:46:26 GMT
CF-Cache-Status
HIT
Last-Modified
Fri, 13 Apr 2018 09:23:58 GMT
Server
cloudflare
ETag
"5ad0772e-c687"
Vary
Accept-Encoding
Content-Type
image/png
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
CF-RAY
46e5ae05246f63fd-FRA
Content-Length
50823
Expires
Wed, 23 Oct 2019 16:46:26 GMT
KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
fonts.gstatic.com/s/roboto/v18/
11 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmSU5fBBc4AMP6lQ.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin-ext
Origin
http://kieruje.ml

Response headers

date
Sun, 07 Oct 2018 08:33:19 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:47 GMT
server
sffe
age
1411987
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10876
x-xss-protection
1; mode=block
expires
Mon, 07 Oct 2019 08:33:19 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
fonts.gstatic.com/s/roboto/v18/
10 KB
11 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin-ext
Origin
http://kieruje.ml

Response headers

date
Tue, 02 Oct 2018 06:22:29 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:51 GMT
server
sffe
age
1851837
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
10748
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:29 GMT
KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
fonts.gstatic.com/s/roboto/v18/
8 KB
8 KB
Font
General
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu7GxKKTU1Kvnz.woff2
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:81a::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin-ext
Origin
http://kieruje.ml

Response headers

date
Tue, 02 Oct 2018 06:22:51 GMT
x-content-type-options
nosniff
last-modified
Mon, 16 Oct 2017 17:32:59 GMT
server
sffe
age
1851815
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
7796
x-xss-protection
1; mode=block
expires
Wed, 02 Oct 2019 06:22:51 GMT
Cookie set P6kv
leadmy.pl/p/W4Tx/Vc3H/
1 KB
1 KB
Document
General
Full URL
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
Protocol
HTTP/1.1
Server
2606:4700:30::6812:3ea5 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad0422ca9a484a8de47de926c3ab55c295025c855c7c4a30690cdcbc45bfadfc

Request headers

Host
leadmy.pl
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://kieruje.ml/77711
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://kieruje.ml/77711

Response headers

Date
Tue, 23 Oct 2018 16:46:26 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Set-Cookie
__cfduid=df9da980d2793b969da54614677a450d91540313186; expires=Wed, 23-Oct-19 16:46:26 GMT; path=/; domain=.leadmy.pl; HttpOnly 08fab3b4fee7f9d19819f37e14d8bc11=08fab3b4fee7f9d19819f37e14d8bc11; expires=Wed, 23-Oct-2019 16:46:26 GMT; Max-Age=31536000; path=/
X-Robots-Tag
noindex, nofollow
Cache-Control
private,no-store, no-cache
Server
cloudflare
CF-RAY
46e5ae05b3a897ec-FRA
Content-Encoding
gzip
PjUbTG
auth.bitbay.net/ref/ Frame F366
0
0
Document
General
Full URL
https://auth.bitbay.net/ref/PjUbTG
Requested by
Host: leadmy.pl
URL: http://leadmy.pl/p/W4Tx/Vc3H/P6kv
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.20.144.117 San Francisco, United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com google.com gstatic.com *.gstatic.com; style-src 'self' 'unsafe-inline' gstatic.com; font-src 'self' gstatic.com; connect-src *.bitbay.net; frame-src 'self' google.com *.google.com

Request headers

:method
GET
:authority
auth.bitbay.net
:scheme
https
:path
/ref/PjUbTG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv

Response headers

status
200
date
Tue, 23 Oct 2018 16:46:26 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d9ad53a3b00b4b2cb3dfd5bbfa9b6d66c1540313186; expires=Wed, 23-Oct-19 16:46:26 GMT; path=/; domain=.bitbay.net; HttpOnly
vary
Accept-Encoding Accept-Encoding
last-modified
Wed, 10 Oct 2018 16:30:48 GMT
content-security-policy
frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com google.com gstatic.com *.gstatic.com; style-src 'self' 'unsafe-inline' gstatic.com; font-src 'self' gstatic.com; connect-src *.bitbay.net; frame-src 'self' google.com *.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
46e5ae075c87c274-FRA
content-encoding
gzip
/
www.g2a.com/ Frame E951
Redirect Chain
  • https://www.g2a.com/r/user-5b2d088386a83
  • https://www.g2a.com/?reflink=user-5b2d088386a83
0
0
Document
General
Full URL
https://www.g2a.com/?reflink=user-5b2d088386a83
Requested by
Host: leadmy.pl
URL: http://leadmy.pl/p/W4Tx/Vc3H/P6kv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.85.152 Amsterdam, Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-85-152.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains max-age=31536000;
X-Content-Type-Options nosniff nosniff
X-Frame-Options SAMEORIGIN SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.g2a.com
:scheme
https
:path
/?reflink=user-5b2d088386a83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
accept-encoding
gzip, deflate
cookie
store=german; G2ACOM=alfl0f6eptgld7d4agn8uce302; currency=EUR; ref_reference=8134923; xyz=9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv

Response headers

status
200
content-type
text/html; charset=utf-8
vary
Accept-Encoding
request-context
appId=cid-v1:9cbe444e-0c0b-495e-b2eb-c3f4e14a15e2
x-dns-prefetch-control
off
x-frame-options
SAMEORIGIN SAMEORIGIN
strict-transport-security
max-age=15552000; includeSubDomains max-age=31536000;
x-download-options
noopen
x-content-type-options
nosniff nosniff
x-xss-protection
1; mode=block
cache-control
no-store, must-revalidate, max-age=0
x-g2a-cl
1
etag
W/"3b460-4NhRWZqPH0zQzbEmqIAn3OFf3Pc"
content-encoding
gzip
x-backend
new-layout
content-length
63200
date
Tue, 23 Oct 2018 16:46:26 GMT
set-cookie
referer=http%3A%2F%2Fleadmy.pl%2Fp%2FW4Tx%2FVc3H%2FP6kv; Domain=g2a.com; Path=/; Expires=Wed, 24 Oct 2018 16:46:26 GMT gtm_client_id=2699259892.1540313186617; Path=/ skc=00370845-f168-4550-8cdd-c972b5096e28-1540313187; Domain=g2a.com; Path=/; Expires=Wed, 23 Oct 2019 16:46:26 GMT; HttpOnly; Secure
x-clacks-overhead
GNU Terry Pratchett

Redirect headers

status
302
content-type
text/html; charset=UTF-8
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
location
https://www.g2a.com/?reflink=user-5b2d088386a83
x-robots-tag
noindex
link
<https://www.g2a.com/>; rel="canonical"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000;
x-content-type-options
nosniff
content-length
0
date
Tue, 23 Oct 2018 16:46:26 GMT
set-cookie
store=german; expires=Fri, 22-Mar-2019 16:46:26 GMT; Max-Age=12960000; path=/; domain=www.g2a.com; HttpOnly G2ACOM=alfl0f6eptgld7d4agn8uce302; expires=Tue, 23-Oct-2018 17:46:26 GMT; Max-Age=3600; path=/; domain=www.g2a.com; HttpOnly currency=EUR; expires=Thu, 22-Nov-2018 16:46:26 GMT; Max-Age=2592000; path=/; domain=www.g2a.com; secure; HttpOnly ref_reference=8134923; expires=Thu, 22-Nov-2018 16:46:26 GMT; Max-Age=2592000; path=/; domain=www.g2a.com; secure; HttpOnly xyz=9; expires=Wed, 24-Oct-2018 16:46:26 GMT; Max-Age=86400; path=/; domain=www.g2a.com; secure
x-clacks-overhead
GNU Terry Pratchett
/
app.autoinvestor.io/ Frame B7E6
0
0
Document
General
Full URL
https://app.autoinvestor.io/
Requested by
Host: leadmy.pl
URL: http://leadmy.pl/p/W4Tx/Vc3H/P6kv
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2606:4700:20::6819:6a6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

:method
GET
:authority
app.autoinvestor.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv

Response headers

status
200
date
Tue, 23 Oct 2018 16:46:26 GMT
content-type
text/html
set-cookie
__cfduid=d946389573d22fc28e1d1db629b6e27ce1540313186; expires=Wed, 23-Oct-19 16:46:26 GMT; path=/; domain=.autoinvestor.io; HttpOnly
last-modified
Thu, 11 Oct 2018 09:57:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
46e5ae0778d8237e-FRA
content-encoding
gzip
230147760107644845
web.bitpanda.com/user/register/ Frame 3615
0
0
Document
General
Full URL
https://web.bitpanda.com/user/register/230147760107644845
Requested by
Host: leadmy.pl
URL: http://leadmy.pl/p/W4Tx/Vc3H/P6kv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700:10::6814:1132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
web.bitpanda.com
:scheme
https
:path
/user/register/230147760107644845
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv

Response headers

status
200
date
Tue, 23 Oct 2018 16:46:26 GMT
content-type
text/html
set-cookie
__cfduid=d2039142f02c1bb57481cb421f117d6421540313186; expires=Wed, 23-Oct-19 16:46:26 GMT; path=/; domain=.bitpanda.com; HttpOnly; Secure
last-modified
Tue, 16 Oct 2018 07:04:03 GMT
cache-control
max-age=0
expires
Tue, 23 Oct 2018 16:46:26 GMT
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
46e5ae078c93c279-FRA
content-encoding
gzip
analytics.js
www.google-analytics.com/
42 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: leadmy.pl
URL: http://leadmy.pl/p/W4Tx/Vc3H/P6kv
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8cb05b675fe6419a9e91eb587c60902c7ed1cb6c42b8cff8ce404ef89f635cde
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 11 Oct 2018 19:41:26 GMT
server
Golfe2
age
1443
date
Tue, 23 Oct 2018 16:22:23 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
17301
expires
Tue, 23 Oct 2018 18:22:23 GMT
collect
www.google-analytics.com/
35 B
117 B
Other
General
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:81a::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
Origin
http://leadmy.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 23 Oct 2018 16:46:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
http://leadmy.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j71&a=2129403892&t=pageview&_s=1&dl=http%3A%2F%2Fleadmy.pl%2Fp%2FW4Tx%2FVc3H%2FP6kv&dr=http%3A%2F%2Fkieruje.ml%2F77711&ul=en-us&de=UTF-8&sd=24-bit&...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1945931730.1540313186&jid=1929983726&_gid=394538543.1540313186&gjid=721923218&_v=j71&z=770323922
35 B
113 B
Image
General
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1945931730.1540313186&jid=1929983726&_gid=394538543.1540313186&gjid=721923218&_v=j71&z=770323922
Requested by
Host: leadmy.pl
URL: http://leadmy.pl/p/W4Tx/Vc3H/P6kv
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:400c:c00::9c , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 23 Oct 2018 16:46:26 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 Oct 2018 16:46:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1945931730.1540313186&jid=1929983726&_gid=394538543.1540313186&gjid=721923218&_v=j71&z=770323922
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
418
expires
Fri, 01 Jan 1990 00:00:00 GMT
Primary Request /
totrck.com/
Redirect Chain
  • https://go-sex.com/tds/int?tdsId=a4016kov_r&tds_campaign=a4016kov&utm_source=int&utm_campaign=9e3e9ef3&utm_content=1463&data2=mlClick-t4yAYZC7&utm_sub=opnfnlconf
  • https://totrck.com/?a=151&c=732&p=&s5=wde&tds_campaign=a4669zle&tds_id=a4669zle_resale_b_531480696782&tds_oid=resale2&tdsId=a4669zle_r&utm_source=int&utm_campaign=9e3e9ef3&utm_content=1463&data2=ml...
1 KB
2 KB
Document
General
Full URL
https://totrck.com/?a=151&c=732&p=&s5=wde&tds_campaign=a4669zle&tds_id=a4669zle_resale_b_531480696782&tds_oid=resale2&tdsId=a4669zle_r&utm_source=int&utm_campaign=9e3e9ef3&utm_content=1463&data2=mlClick-t4yAYZC7&utm_sub=opnfnlconf&tds_cid=fc0352838f9b367ee11a1030e7d862460779b069&p_tds_cid=
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.254.118.46 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-254-118-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
dc1d54dab6ec8c00f70137927504e4f222c8395f10760b6beecfcfa94e08249f

Request headers

:method
GET
:authority
totrck.com
:scheme
https
:path
/?a=151&c=732&p=&s5=wde&tds_campaign=a4669zle&tds_id=a4669zle_resale_b_531480696782&tds_oid=resale2&tdsId=a4669zle_r&utm_source=int&utm_campaign=9e3e9ef3&utm_content=1463&data2=mlClick-t4yAYZC7&utm_sub=opnfnlconf&tds_cid=fc0352838f9b367ee11a1030e7d862460779b069&p_tds_cid=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv
accept-encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
http://leadmy.pl/p/W4Tx/Vc3H/P6kv

Response headers

status
404
cache-control
private
content-type
text/html
date
Tue, 23 Oct 2018 16:46:35 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
set-cookie
sid=DCwZNS8Szi04IlwbNGwz/JYeVZ/6Wyg1cMq87G0gdrU6liV40Hh0eA==; domain=.totrck.com; path=/; HttpOnly trk=zNjZBeEXVO44IlwbNGwz/JYeVZ/6Wyg1cMq87G0gdrU6liV40Hh0eA==; domain=.totrck.com; expires=Mon, 23-Oct-2023 17:46:35 GMT; path=/; HttpOnly
content-length
1245

Redirect headers

status
302
date
Tue, 23 Oct 2018 16:46:27 GMT
location
https://totrck.com/?a=151&c=732&p=&s5=wde&tds_campaign=a4669zle&tds_id=a4669zle_resale_b_531480696782&tds_oid=resale2&tdsId=a4669zle_r&utm_source=int&utm_campaign=9e3e9ef3&utm_content=1463&data2=mlClick-t4yAYZC7&utm_sub=opnfnlconf&tds_cid=fc0352838f9b367ee11a1030e7d862460779b069&p_tds_cid=
server
nginx
set-cookie
AWSALB=AOAhF19sw0IYeoplXuF5BTLIb9YiSugpilo7pSI9MH9vDEW2tsVpXLEhZ3CAr579tW6dg1p3tff15TbgaMjGBF3MFiwYsYjD3HnkaRduKzWZLljn0VZYselk2500; Expires=Tue, 30 Oct 2018 16:46:27 GMT; Path=/ dci=365e864040af8824b67d9ae6782315cecbd1643d; Max-Age=31536000; Domain=.go-sex.com; Path=/; Expires=Wed, 23 Oct 2019 16:46:27 GMT
x-powered-by
Express
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
access-control-allow-origin
*

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Domain/Path Name / Value
.totrck.com/ Name: trk
Value: zNjZBeEXVO44IlwbNGwz/JYeVZ/6Wyg1cMq87G0gdrU6liV40Hh0eA==
.totrck.com/ Name: sid
Value: DCwZNS8Szi04IlwbNGwz/JYeVZ/6Wyg1cMq87G0gdrU6liV40Hh0eA==