urlscan.io logo urlscan.io
SecurityTrails logo

offers.propertyleadr.online Open in urlscan Pro
3.126.202.50  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://click.bemail.it/click/ef6f1f3af4_MTdpZ185aF8ydmdfbmg2X2FhZXY0XzNiODhhMjU2ZmMzNzEzYWRkZDZiZjgwODVjMTAzNWIxXzJfYzA...
Effective URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Submission: On October 26 via api from IE — Scanned from IT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 15 IPs in 5 countries across 13 domains to perform 39 HTTP transactions. The main IP is 3.126.202.50, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is offers.propertyleadr.online.
TLS certificate: Issued by R3 on September 23rd 2022. Valid for: 3 months.
This is the only time offers.propertyleadr.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 151.1.205.172 3242 (ASN-ITNET)
1 1 52.51.96.204 16509 (AMAZON-02)
1 3.126.202.50 16509 (AMAZON-02)
2 99.86.4.108 16509 (AMAZON-02)
4 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:218... 16509 (AMAZON-02)
3 2a03:2880:f01... 32934 (FACEBOOK)
3 35.177.111.21 16509 (AMAZON-02)
1 34.117.59.81 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
9 143.204.214.118 16509 (AMAZON-02)
1 3.227.155.3 14618 (AMAZON-AES)
5 2a00:1450:400... 15169 (GOOGLE)
1 18.66.147.34 16509 (AMAZON-02)
4 2a03:2880:f12... 32934 (FACEBOOK)
39 15
1    151.1.205.172 (Rogeno, Italy)

ASN3242 (ASN-ITNET, IT)
click.bemail.it
1    52.51.96.204 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-96-204.eu-west-1.compute.amazonaws.com
adleadrnetwork.com
1    3.126.202.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
offers.propertyleadr.online
2    99.86.4.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-108.fra6.r.cloudfront.net
builder-assets.unbounce.com
4    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
2    2600:9000:2182:3600:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)
d34qb8suadcc4g.cloudfront.net
3    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
3    35.177.111.21 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-177-111-21.eu-west-2.compute.amazonaws.com
script.anura.io
1    34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com
ipinfo.io
1    2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
9    143.204.214.118 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-118.fra53.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
1    3.227.155.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-227-155-3.compute-1.amazonaws.com
events.ub-analytics.com
5    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    18.66.147.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-34.fra60.r.cloudfront.net
ads.anura.io
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
11 cloudfront.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
93 KB
5 gstatic.com
fonts.gstatic.com
45 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 107
233 B
4 anura.io
script.anura.io — Cisco Umbrella Rank: 49715
ads.anura.io — Cisco Umbrella Rank: 84127
21 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 216
122 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 151
196 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 306
fonts.googleapis.com — Cisco Umbrella Rank: 44
89 KB
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 18762
36 KB
1 ub-analytics.com
events.ub-analytics.com — Cisco Umbrella Rank: 27415
245 B
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 6888
552 B
1 propertyleadr.online
offers.propertyleadr.online
14 KB
1 adleadrnetwork.com
adleadrnetwork.com — Cisco Umbrella Rank: 707081
876 B
1 bemail.it
click.bemail.it
255 B
39 13
Domain Requested by
9 d9hhrg4mnvzow.cloudfront.net offers.propertyleadr.online
5 fonts.gstatic.com fonts.googleapis.com
4 www.facebook.com offers.propertyleadr.online
4 cdnjs.cloudflare.com offers.propertyleadr.online
cdnjs.cloudflare.com
3 script.anura.io offers.propertyleadr.online
script.anura.io
3 connect.facebook.net offers.propertyleadr.online
connect.facebook.net
2 d34qb8suadcc4g.cloudfront.net offers.propertyleadr.online
d34qb8suadcc4g.cloudfront.net
2 builder-assets.unbounce.com offers.propertyleadr.online
1 ads.anura.io script.anura.io
1 events.ub-analytics.com offers.propertyleadr.online
1 fonts.googleapis.com builder-assets.unbounce.com
1 ipinfo.io ajax.googleapis.com
1 ajax.googleapis.com offers.propertyleadr.online
1 offers.propertyleadr.online
1 adleadrnetwork.com 1 redirects
1 click.bemail.it 1 redirects
39 16

This site contains no links.

Subject Issuer Validity Valid
offers.propertyleadr.online
R3		 2022-09-23 -
2022-12-22		 3 months crt.sh
*.unbounce.com
Amazon		 2022-02-08 -
2023-03-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-08-04 -
2022-11-02		 3 months crt.sh
script.anura.io
Amazon		 2022-07-12 -
2023-08-10		 a year crt.sh
ipinfo.io
GTS CA 1D4		 2022-10-11 -
2023-01-09		 3 months crt.sh
*.ub-analytics.com
Amazon		 2022-04-10 -
2023-05-09		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
ads.anura.io
Amazon		 2022-06-29 -
2023-07-28		 a year crt.sh

This page contains 1 frames:

Primary Page: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Frame ID: DBC59F60D72EDA531E67D64633C94572
Requests: 40 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://click.bemail.it/click/ef6f1f3af4_MTdpZ185aF8ydmdfbmg2X2FhZXY0XzNiODhhMjU2ZmMzNzEzYWRkZDZiZjg... HTTP 302
    https://adleadrnetwork.com/?a=1321&c=1790&s1= HTTP 302
    https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

39
Requests

97 %
HTTPS

44 %
IPv6

13
Domains

16
Subdomains

15
IPs

5
Countries

617 kB
Transfer

1597 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://click.bemail.it/click/ef6f1f3af4_MTdpZ185aF8ydmdfbmg2X2FhZXY0XzNiODhhMjU2ZmMzNzEzYWRkZDZiZjgwODVjMTAzNWIxXzJfYzAwNzkyZDY2MTQ0Y2U4MWFjOTYyOWEyNjQ4MjU3MzY=_c00792d66144ce81ac9629a264825736_273cc86f2c HTTP 302
    https://adleadrnetwork.com/?a=1321&c=1790&s1= HTTP 302
    https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

39 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offers.propertyleadr.online/propiteer-capital-property-bond/
Redirect Chain
  • https://click.bemail.it/click/ef6f1f3af4_MTdpZ185aF8ydmdfbmg2X2FhZXY0XzNiODhhMjU2ZmMzNzEzYWRkZDZiZjgwODVjMTAzNWIxXzJfYzAwNzkyZDY2MTQ0Y2U4MWFjOTYyOWEyNjQ4MjU3MzY=_c00792d66144ce81ac9629a264825736_27...
  • https://adleadrnetwork.com/?a=1321&c=1790&s1=
  • https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
71 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
3.126.202.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-202-50.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a432d41937fbe46fc2a479a66595b4f2dc06b1527e3900676bbe89a693e6e796

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
it-IT,it;q=0.9

Response headers

connection
close
content-encoding
gzip
content-length
13064
content-location
https://offers.propertyleadr.online/propiteer-capital-property-bond/
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 13:35:55 GMT
etag
"a:6ab59efb0cec40ed90605068d7621ede"
link
<https://offers.propertyleadr.online/propiteer-capital-property-bond/>; rel="canonical"
x-proxy-backend
page-server
x-unbounce-pageid
41937a48-4c18-4a56-8c8a-800e431c7db6
x-unbounce-variant
a
x-unbounce-visitorid
6ab59efb-0cec-40ed-9060-5068d7621ede

Redirect headers

Cache-Control
private
Connection
close
Content-Length
258
Content-Type
text/html; charset=utf-8
Date
Wed, 26 Oct 2022 13:35:55 GMT
Location
https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 02:28:13 GMT
content-encoding
gzip
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-version-id
L4ZmeoxkTVchyWCkJ77TONE89Elaj8X7
last-modified
Mon, 04 Jul 2022 16:47:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
4964863
etag
"4458a4d76a70cb207bcc34d6bc6f872f"
x-cache
Hit from cloudfront
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
content-length
2902
x-amz-cf-id
AxBhbnVPZ11Azg4r-Kxq3ANWEkRRMSMLmHEmNpX9OynE22Obj6cCnw==
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 13:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
1784225
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1970
last-modified
Tue, 31 May 2022 01:06:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62956a21-7b2"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760393f5be070f7a-MXP
expires
Mon, 16 Oct 2023 13:35:55 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 12:41:03 GMT
x-content-type-options
nosniff
age
3292
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
89501
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 26 Oct 2023 12:41:03 GMT
ub.js
d34qb8suadcc4g.cloudfront.net/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 29 Aug 2022 01:57:45 GMT
content-encoding
gzip
via
1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
x-amz-version-id
bKC28ufbc849z_LglraHgQe9TbPw1SIU
last-modified
Thu, 15 Apr 2021 19:15:08 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
5053091
etag
"f6420c864830b5860bfaadd47a2bb21b"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
1856
x-amz-cf-id
1rIsY-hg4HHFzjx_2geM4qEaV4miXq26uHiobdi7tR_t4kmzieJRCQ==
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1c3be98af0f5091cbe3e28e515bab230453f9d7c0b8e9d0282af12fd0bb5e1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 13:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
2901759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8923
last-modified
Tue, 31 May 2022 01:06:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62956a21-22db"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760393f5be080f7a-MXP
expires
Mon, 16 Oct 2023 13:35:55 GMT
main.bundle-384ff03.z.js
builder-assets.unbounce.com/published-js/ 		103 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.108 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-108.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 30 Aug 2022 01:41:30 GMT
content-encoding
gzip
via
1.1 71b147cd3102755b55ba8b6fd34e3f4a.cloudfront.net (CloudFront)
x-amz-version-id
8Zp2fnRnJC.CRCK1CKEZXPX8nFkHjX8u
last-modified
Mon, 04 Jul 2022 16:47:26 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
4967666
etag
"1825a0c47b2e38b6cf30a4072987bce1"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
33495
x-amz-cf-id
VxnxFiIiFPrkc2waE-LiElTNrLBmA2j3fRQACMPxILOnSbdA8x3K3Q==
fbevents.js
connect.facebook.net/en_US/ 		102 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e432523f77f554cf143883486329c1e97472bed166a3efd6c2a8ec8299caafca
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Oct 2022 13:35:55 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27045
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
sSLrsnxGaUE/r0cMQ8f0WgfKFvuU9NLuQ9AAhcpM/YZLhMNpOAp5oNlz1QjLc+6qIhikwIDbkHmOKsFWHZP6wQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
request.js
script.anura.io/ 		54 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=3552465468&source=1321-&campaign=308&callback=anuraCallbackFunction&565612572332
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.111.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-111-21.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
af2884fed79f68a3c6da563d7b77b141fee0c29b45a3dabe523b0f908b866ac1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 13:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type
image/gif
/
ipinfo.io/ 		319 B
552 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/?token=6d3626439c7bd0&callback=jQuery360028834043929179987_1666791355895&_=1666791355896
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
81.59.117.34.bc.googleusercontent.com
Software
/
Resource Hash
21914b4152e340d5e1d801ba2bc3ba95cac384992a051d5afba1c5ebcb13c515
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 13:35:56 GMT
strict-transport-security
max-age=2592000; includeSubDomains
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
content-encoding
gzip
via
1.1 google
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
2
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/img/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/img/flags.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 13:35:55 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
2031083
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
67650
last-modified
Tue, 31 May 2022 01:06:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62956a21-10842"
vary
Accept-Encoding
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760393f69f140f7a-MXP
expires
Mon, 16 Oct 2023 13:35:55 GMT
c8100ed1-03ea-431a-8f2e-cd29526b7585
https://offers.propertyleadr.online/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://offers.propertyleadr.online/c8100ed1-03ea-431a-8f2e-cd29526b7585
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994

Request headers

accept-language
it-IT,it;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Length
5611
Content-Type
text/css
css
fonts.googleapis.com/ 		6 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:300,500,regular,300italic%7CMontserrat:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-384ff03.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6440a286f76975ca1602712a8a4403382ad3e47e3a1752f35cf11382126c6b1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 26 Oct 2022 13:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 26 Oct 2022 13:35:56 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Oct 2022 13:35:56 GMT
fb75d955-next-arrow.gif
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		39 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/fb75d955-next-arrow.gif
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c90d3c71abd81a8baea3653b8b8a27fa3fe4f398832d4ac30688a0e0d414438f

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:46:39 GMT
x-amz-version-id
GSHiD6UOQfRg0oBZKAAXIwECAteIguZq
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 09:51:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
334158
etag
"5d0d36f084a29bb09038e35b7941d119"
x-cache
Hit from cloudfront
content-type
image/gif
cache-control
max-age=31557600
accept-ranges
bytes
content-length
39658
x-amz-cf-id
3arQE7EntFVcw5z9cDsp0d66S3wNd1GWm3hxuawIV0sxrbAkrYTOLg==
fef80769-propiteer-capital-logo_107c03v000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/fef80769-propiteer-capital-logo_107c03v000000000000028.png
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b831da41d719f7f2c424f02aed36bf8e537bcd073b20836731b5651e11dc82c6

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:46:39 GMT
x-amz-version-id
9Oa81811vT3ojAboQTb___tugKBpyAG_
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 09:51:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
334158
etag
"3bca02d0d379984f773bdca49c2e92da"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2765
x-amz-cf-id
uyrsrNqyeYcZSaN4350Ka_VKWQIZ6zgOVzSIydPG-mohUlpPrfcG2g==
4e84c2a2-propiteer-property-bond-shield_1046046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/4e84c2a2-propiteer-property-bond-shield_1046046000000000000028.png
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
50f9d365ccb50b9223c8cf9939dccc25871dda9cab290fc8137242ac5a18f85b

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:46:39 GMT
x-amz-version-id
hIETFLmHiivs.DYpcQCjsntbXOrAu6bV
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 09:51:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
334158
etag
"9a7061e5dd5fef70c9bcbf0623e8ed53"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2106
x-amz-cf-id
XQPXUqqGHmvvflETxuqCMFa3pyo-JX0-UIvUy76ycjDxVw8jq2_Ytw==
e63266fe-propiteer-property-bond-piechart_1046046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/e63266fe-propiteer-property-bond-piechart_1046046000000000000028.png
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a84a0a05992807c73024d15742f5685262d99c7f1344ba76fb44dfd2bd3eb5df

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:46:39 GMT
x-amz-version-id
eA2fXPSh.jm03uFhNOIAlX8GKPqsI9ky
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 09:51:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
334158
etag
"a89bea7bdc1d338194049a407a345b19"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2266
x-amz-cf-id
51zgARlou0hUGj-TjjIzgNauEJAfXeOSAHIcY8jNV_kx9GLMTgNMQA==
fd8824a5-propiteer-property-bond-arrows_1046046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/fd8824a5-propiteer-property-bond-arrows_1046046000000000000028.png
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ee853507f9e62cf687bb39bce356723a279c4ff4f6f2ae9ad5b68a282eecee7a

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:46:39 GMT
x-amz-version-id
xvKBPL8pJ8AarXpY8Ey07aQuHSwYFWLD
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 09:51:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
334158
etag
"dfdb7a5d159fcc19d891b68e00668130"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2067
x-amz-cf-id
rv11Id3ti-N1IGi6axqnQ8Fz0w8N55zEYgSBp8lceEcawBxsWHdF_w==
0c0d31d4-vcap-logo-white_108z01o000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/0c0d31d4-vcap-logo-white_108z01o000000000000028.png
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
28deb818275e3b73ae7c3ff587e41a9633a376bdd40add9c04e4c54f0417ead8

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 11 Oct 2022 15:25:33 GMT
x-amz-version-id
id8SWXunWJSpgbneyHssizPI_iRFp4Ez
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Tue, 11 Oct 2022 15:13:45 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
1289424
etag
"d8a82a6a3ba6d5d937fdb4dd30d06525"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
4022
x-amz-cf-id
qZlgin2McWuHip5fOFQ95iNycpoOc3-vYdXQ1PB6_5q9fFzB8DktWQ==
d553928f-propiteer-property-bond-6-percent_1046046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/d553928f-propiteer-property-bond-6-percent_1046046000000000000028.png
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d631f49e6b842a5dc88009811c26d3ea2fa6a9c42e6d97e513ff3f94da430484

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 00:18:04 GMT
x-amz-version-id
5kUcMT3.YelhprAGkI_vLiP1BvjfpuUV
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 09:51:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
47872
etag
"157a0afa93d449c01e5f7e5e3471acc4"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2056
x-amz-cf-id
inyYOCvfDLqxxiSfofjN3tslF6LAHPq1uSDMbEw-h4KloN8CHsLQ3A==
098d894c-propiteer-property-bond-8-percent_1046046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/098d894c-propiteer-property-bond-8-percent_1046046000000000000028.png
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
2ee5d7f91ef3f1cdbd7f6eb0b814f7af16742535128588f6cf6c63d94bcbff37

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:46:39 GMT
x-amz-version-id
YzGArKNFvvWrgpjkTX0mRQhfn3ZVlZT5
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 09:51:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
334158
etag
"87426fe04f1ab1f4cf25f8b18ba5e6ef"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1974
x-amz-cf-id
aRqLoXzXE1f0-B9HL6e24RgvINnF2I5RlaIh_zs8zhVIgN_QrLlwtw==
965ed133-propiteer-property-bond-10-percent_1046046000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.online/propiteer-capital-property-bond/965ed133-propiteer-property-bond-10-percent_1046046000000000000028.png
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.118 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-118.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
44a48f684f29d9b8ef8b9ac43d704851df45248bd1b7c8ceaf310efe394bb8f4

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Sat, 22 Oct 2022 16:46:39 GMT
x-amz-version-id
w0oUueMU6zgtP_RPSyqEbUDMrz0IOx9i
via
1.1 e7377cc861b31102786678df3616bf68.cloudfront.net (CloudFront)
last-modified
Mon, 17 Oct 2022 09:51:55 GMT
server
AmazonS3
x-amz-cf-pop
FRA53-C1
age
334158
etag
"a691c323af1763e2683cc79efc4cc90c"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1952
x-amz-cf-id
KXhqr-Jsw7FmYQFVvbXvgmwQFvscMSC-mfQ63SzQ-LIpemdYVLH9DQ==
sp-2.14.0.js
d34qb8suadcc4g.cloudfront.net/ 		98 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by
Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1618514269
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2182:3600:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 31 Aug 2022 03:46:21 GMT
content-encoding
gzip
via
1.1 bb45d9db269295920003af6514d7e7ea.cloudfront.net (CloudFront)
x-amz-version-id
rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified
Wed, 04 Nov 2020 01:35:32 GMT
server
AmazonS3
x-amz-cf-pop
DUS51-C1
age
4873774
etag
"73de733c308b8b5e44d2a6242dc4bd99"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
content-length
30399
x-amz-cf-id
HUBK5uqCmVF4WIJYlqYSTKG7MhsngjlAd8APZgJrqauv_MWYdasnGw==
i
events.ub-analytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://events.ub-analytics.com/i?stm=1666791356014&e=pv&url=https%3A%2F%2Foffers.propertyleadr.online%2Fpropiteer-capital-property-bond%2F%3Faffiliate_id%3D1321%26sub_id%3D%26ckm_request_id%3D83263378%26country%3DIT&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=23de2836-d234-4b4e-b65c-b25e1af67f9f&dtm=1666791356013&vp=1600x1200&ds=1600x2194&vid=1&sid=acc76eac-c403-441b-a875-a59ec38be355&duid=fd7b1dd9-c1de-48fd-8fcb-8a94fbfc5d80&uid=6ab59efb-0cec-40ed-9060-5068d7621ede&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiNDE5MzdhNDgtNGMxOC00YTU2LThjOGEtODAwZTQzMWM3ZGI2IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.227.155.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-227-155-3.compute-1.amazonaws.com
Software
akka-http/10.0.9 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 26 Oct 2022 13:35:56 GMT
access-control-allow-credentials
true
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server
akka-http/10.0.9
content-length
43
content-type
image/gif
2183216491990889
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2183216491990889?v=2.9.88&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0ad171d5c7a80890c590155a2d045a4594065f721eff750fba77be4141112b91
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Oct 2022 13:35:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86306
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
qx8mSGJSSvm+UC3d4w3sT1FspZHkk68grwMAkCYhmmx/5UCXX7tyKGeX88X5HPNwkgeKxuAJ24wzMLGZk9H3NA==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,500,regular,300italic%7CMontserrat:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.propertyleadr.online
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:24:53 GMT
x-content-type-options
nosniff
age
583863
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:24:53 GMT
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,500,regular,300italic%7CMontserrat:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.propertyleadr.online
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 23:09:49 GMT
x-content-type-options
nosniff
age
138367
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7840
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 24 Oct 2023 23:09:49 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,500,regular,300italic%7CMontserrat:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.propertyleadr.online
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 19:25:44 GMT
x-content-type-options
nosniff
age
583812
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 19:25:44 GMT
JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
fonts.gstatic.com/s/montserrat/v25/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v25/JTUHjIg1_i6t8kCHKm4532VJOt5-QNFgpCtr6Hw5aXo.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,500,regular,300italic%7CMontserrat:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.propertyleadr.online
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Thu, 20 Oct 2022 05:41:25 GMT
x-content-type-options
nosniff
age
546871
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12708
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:55:59 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 20 Oct 2023 05:41:25 GMT
pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
fonts.gstatic.com/s/poppins/v20/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiDyp8kv8JHgFVrJJLm21lVF9eO.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:300,500,regular,300italic%7CMontserrat:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://offers.propertyleadr.online
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 19 Oct 2022 22:19:23 GMT
x-content-type-options
nosniff
age
573393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8712
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:05:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2023 22:19:23 GMT
showads.js
ads.anura.io/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?401235352154
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3552465468&source=1321-&campaign=308&callback=anuraCallbackFunction&565612572332
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-34.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 03:53:20 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P4
age
34956
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
x-amz-cf-id
rhkOnCSsnlyf4zXDbQlVIz3-hPN9FeZ_tUily2Uu2-B4TuYfPJGYHw==
820979408346016
connect.facebook.net/signals/config/ 		293 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/820979408346016?v=2.9.88&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c37b413b87ec38056336d18f6d98f0b7c2c4ee43182d300693a483d75f66ae2e
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 26 Oct 2022 13:35:56 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
86285
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
G3ifUmDdS/5kKnmEUOFB7KoMPnD5E/WKdV0gSeEBpxQfcRCrprWTEj3iSHNMYBlJaS31DAlI0FOxyNHUM4KZ/A==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
cache-control
public, max-age=1200
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2183216491990889&ev=PageView&dl=https%3A%2F%2Foffers.propertyleadr.online%2Fpropiteer-capital-property-bond%2F%3Faffiliate_id%3D1321%26sub_id%3D%26ckm_request_id%3D83263378%26country%3DIT&rl=&if=false&ts=1666791356276&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666791356275.710193349&it=1666791356022&coo=false&rqm=GET
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 13:35:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.facebook.com/tr/ 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=820979408346016&ev=PageView&dl=https%3A%2F%2Foffers.propertyleadr.online%2Fpropiteer-capital-property-bond%2F%3Faffiliate_id%3D1321%26sub_id%3D%26ckm_request_id%3D83263378%26country%3DIT&rl=&if=false&ts=1666791356377&sw=1600&sh=1200&v=2.9.88&r=stable&ec=0&o=30&fbp=fb.1.1666791356275.710193349&it=1666791356022&coo=false&rqm=GET
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 13:35:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/ 		243 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/utils.min.js?1638200991544
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c0e60fe564204f7212e981e84dccc15221911aa597c238e9d0783f9151c652b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 13:35:56 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
strict-transport-security
max-age=15780000
age
11376028
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45533
last-modified
Tue, 31 May 2022 01:06:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62956a21-b1dd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
760393f9cd57839a-MXP
expires
Mon, 16 Oct 2023 13:35:56 GMT
response.json
script.anura.io/ 		52 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3552465468&source=1321-&campaign=308&callback=anuraCallbackFunction&565612572332
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.111.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-111-21.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a116c0f8bdb8144a1a9f02dd11c0bba7a2fe533c48c413e951c8be71a808f7ab
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.propertyleadr.online/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 13:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2183216491990889&ev=Microdata&dl=https%3A%2F%2Foffers.propertyleadr.online%2Fpropiteer-capital-property-bond%2F%3Faffiliate_id%3D1321%26sub_id%3D%26ckm_request_id%3D83263378%26country%3DIT&rl=&if=false&ts=1666791356780&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Foffers.propertyleadr.online%2Fpropiteer-capital-property-bond%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.88&r=stable&ec=1&o=30&fbp=fb.1.1666791356275.710193349&it=1666791356022&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 13:35:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
result.json
script.anura.io/ 		41 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/result.json
Requested by
Host: offers.propertyleadr.online
URL: https://offers.propertyleadr.online/propiteer-capital-property-bond/?affiliate_id=1321&sub_id=&ckm_request_id=83263378&country=IT
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.177.111.21 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-177-111-21.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://offers.propertyleadr.online/
accept-language
it-IT,it;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 13:35:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
/
www.facebook.com/tr/ 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=820979408346016&ev=Microdata&dl=https%3A%2F%2Foffers.propertyleadr.online%2Fpropiteer-capital-property-bond%2F%3Faffiliate_id%3D1321%26sub_id%3D%26ckm_request_id%3D83263378%26country%3DIT&rl=&if=false&ts=1666791356878&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Foffers.propertyleadr.online%2Fpropiteer-capital-property-bond%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.88&r=stable&ec=1&o=30&fbp=fb.1.1666791356275.710193349&it=1666791356022&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
it-IT,it;q=0.9
Referer
https://offers.propertyleadr.online/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 26 Oct 2022 13:35:56 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| ub object| module function| fbq function| _fbq function| anuraProcessFunction function| anuraCallbackFunction function| getResult function| $ function| jQuery object| d8Validation function| startData8Validation function| validateEmailAsync function| validatePhoneAsync function| reportValidationResult function| checkForErrors object| intlTelInputGlobals function| intlTelInput object| input object| iti function| handleChange function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ object| UnbounceSnowplowNamespace function| ubSnowplow function| ownKeys function| _objectSpread function| _defineProperty function| _typeof object| Snowplow object| Anura object| intlTelInputUtils

7 Cookies

Domain/Path Name / Value
offers.propertyleadr.online/propiteer-capital-property-bond/ Name: ubpv
Value: a%2C41937a48-4c18-4a56-8c8a-800e431c7db6
.adleadrnetwork.com/ Name: sid
Value: B+TijSTkanhetNWi2Tk4+hlJsF2vqkorX4dOMTmSxDp/ZrPv81YOFw==
.adleadrnetwork.com/ Name: trk
Value: GKBGvtaLna9etNWi2Tk4+hlJsF2vqkorX4dOMTmSxDp/ZrPv81YOFw==
.adleadrnetwork.com/ Name: c308
Value: B+TijSTkaniMfPbhV/373iz83zBMuvQ5HPyaKpHX+UE=
offers.propertyleadr.online/ Name: ubvs
Value: 6ab59efb-0cec-40ed-9060-5068d7621ede
.propertyleadr.online/ Name: ubvt
Value: 6ab59efb-0cec-40ed-9060-5068d7621ede
.propertyleadr.online/ Name: _fbp
Value: fb.1.1666791356275.710193349

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adleadrnetwork.com
ads.anura.io
ajax.googleapis.com
builder-assets.unbounce.com
cdnjs.cloudflare.com
click.bemail.it
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.googleapis.com
fonts.gstatic.com
ipinfo.io
offers.propertyleadr.online
script.anura.io
www.facebook.com
143.204.214.118
151.1.205.172
18.66.147.34
2600:9000:2182:3600:1d:11cf:5800:93a1
2606:4700::6811:180e
2a00:1450:4001:803::200a
2a00:1450:4001:829::200a
2a00:1450:4001:831::2003
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
3.126.202.50
3.227.155.3
34.117.59.81
35.177.111.21
52.51.96.204
99.86.4.108
0ad171d5c7a80890c590155a2d045a4594065f721eff750fba77be4141112b91
0bbb0c157e8aad81455cc5e2d258b835053a0b404b32632adaed6a9075042bc4
21914b4152e340d5e1d801ba2bc3ba95cac384992a051d5afba1c5ebcb13c515
28deb818275e3b73ae7c3ff587e41a9633a376bdd40add9c04e4c54f0417ead8
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2ee5d7f91ef3f1cdbd7f6eb0b814f7af16742535128588f6cf6c63d94bcbff37
384ff03fc8a3d581c80d2b6956bc90be45373d63743a45a252b1bb219db5ec5a
44a48f684f29d9b8ef8b9ac43d704851df45248bd1b7c8ceaf310efe394bb8f4
50f9d365ccb50b9223c8cf9939dccc25871dda9cab290fc8137242ac5a18f85b
6e1c3be98af0f5091cbe3e28e515bab230453f9d7c0b8e9d0282af12fd0bb5e1
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8c0e60fe564204f7212e981e84dccc15221911aa597c238e9d0783f9151c652b
9af91bb0b9327c5bc74760fed3cd024dbde1c5b90ede3fab5c8c54850e757994
a116c0f8bdb8144a1a9f02dd11c0bba7a2fe533c48c413e951c8be71a808f7ab
a432d41937fbe46fc2a479a66595b4f2dc06b1527e3900676bbe89a693e6e796
a6440a286f76975ca1602712a8a4403382ad3e47e3a1752f35cf11382126c6b1
a84a0a05992807c73024d15742f5685262d99c7f1344ba76fb44dfd2bd3eb5df
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
af2884fed79f68a3c6da563d7b77b141fee0c29b45a3dabe523b0f908b866ac1
b831da41d719f7f2c424f02aed36bf8e537bcd073b20836731b5651e11dc82c6
c37b413b87ec38056336d18f6d98f0b7c2c4ee43182d300693a483d75f66ae2e
c90d3c71abd81a8baea3653b8b8a27fa3fe4f398832d4ac30688a0e0d414438f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
d631f49e6b842a5dc88009811c26d3ea2fa6a9c42e6d97e513ff3f94da430484
ddc148b8a0a27b1449fda6033f4a0defac9bd43210117b50d5d7ad1eda09f394
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e432523f77f554cf143883486329c1e97472bed166a3efd6c2a8ec8299caafca
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
ee853507f9e62cf687bb39bce356723a279c4ff4f6f2ae9ad5b68a282eecee7a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ae296f5c19db047491f1311d621ff18960b34cfa9cb07b69932a02ec298366
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e