urlscan.io logo urlscan.io
SecurityTrails logo

leadmy.pl Open in urlscan Pro
2606:4700:30::681b:aadb  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://rossmannbonyzakupowe.grvdc.eu/
Effective URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Submission: On August 13 via manual from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 12 domains to perform 13 HTTP transactions. The main IP is 2606:4700:30::681b:aadb, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is leadmy.pl.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on August 5th 2019. Valid for: 6 months.
This is the only time leadmy.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 69.197.18.173 25761 (STAMINUS-...)
3 2606:4700:30:... 13335 (CLOUDFLAR...)
1 104.109.85.152 20940 (AKAMAI-ASN1)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 23.8.13.219 20940 (AKAMAI-ASN1)
1 2 23.45.236.130 20940 (AKAMAI-ASN1)
1 1 54.76.70.54 16509 (AMAZON-02)
1 2 35.244.189.130 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
13 9
1    69.197.18.173 (Newport Beach, United States)

ASN25761 (STAMINUS-COMM - Staminus Communications, US)
PTR: ns7.afraid.org
rossmannbonyzakupowe.grvdc.eu
3    2606:4700:30::681b:aadb (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
leadmy.pl
1    104.109.85.152 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a104-109-85-152.deploy.static.akamaitechnologies.com
www.g2a.com
1    2606:4700:20::6819:6a6e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
app.autoinvestor.io
1    2606:4700:10::6814:5ade (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
web.bitpanda.com
1    23.8.13.219 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-13-219.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
2    23.45.236.130 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-45-236-130.deploy.static.akamaitechnologies.com
sale.aliexpress.com
1    54.76.70.54 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-76-70-54.eu-west-1.compute.amazonaws.com
revolut.ngih.net
2    35.244.189.130 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 130.189.244.35.bc.googleusercontent.com
www.revolut.com
3    2a00:1450:4001:820::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
Domain Requested by
3 www.google-analytics.com 1 redirects leadmy.pl
www.google-analytics.com
3 leadmy.pl leadmy.pl
2 www.revolut.com 1 redirects leadmy.pl
2 sale.aliexpress.com 1 redirects leadmy.pl
1 stats.g.doubleclick.net leadmy.pl
1 revolut.ngih.net 1 redirects
1 s.click.aliexpress.com 1 redirects
1 web.bitpanda.com leadmy.pl
1 app.autoinvestor.io leadmy.pl
1 www.g2a.com leadmy.pl
1 rossmannbonyzakupowe.grvdc.eu 1 redirects
0 56j35.trueharborcarrier.com Failed leadmy.pl
0 auth.bitbay.net Failed leadmy.pl
13 13

This site contains no links.

Subject Issuer Validity Valid
sni53744.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-05 -
2020-02-11		 6 months crt.sh
www.g2a.com
DigiCert SHA2 Extended Validation Server CA		 2018-04-24 -
2020-04-23		 2 years crt.sh
ssl372350.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-07 -
2020-02-13		 6 months crt.sh
bitpanda.com
Go Daddy Secure Certificate Authority - G2		 2019-07-03 -
2020-07-03		 a year crt.sh
ae01.alicdn.com
DigiCert SHA2 Secure Server CA		 2019-05-18 -
2020-08-16		 a year crt.sh
*.revolut.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-28 -
2020-09-27		 2 years crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-07-29 -
2019-10-21		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2019-07-29 -
2019-10-27		 3 months crt.sh

This page contains 7 frames:

Frame: https://56j35.trueharborcarrier.com/
Frame ID: FF5CAE8C87DDAA53D1BD798059C76F09
Requests: 7 HTTP requests in this frame

Frame: https://auth.bitbay.net/ref/PjUbTG
Frame ID: E7B39D543FBB1895D3A7805E74C25334
Requests: 1 HTTP requests in this frame

Frame: https://www.g2a.com/r/user-5b2d088386a83
Frame ID: A7AA7411BD402434004EB299B5947456
Requests: 1 HTTP requests in this frame

Frame: https://app.autoinvestor.io/
Frame ID: 6A71E73EEA055D8A90000AD159CA8021
Requests: 1 HTTP requests in this frame

Frame: https://web.bitpanda.com/user/register/230147760107644845
Frame ID: FE0AECF2EA44ACB8AC4859DE899AA978
Requests: 1 HTTP requests in this frame

Frame: https://sale.aliexpress.com/__pc/ultimate1111shoppinglist.htm?scm=1007.22893.125781.0&pvid=dac6f85c-e4cf-4271-8bee-83c47e30934e&onelink_thrd=0.015&onelink_page_from=EXPLOSIVESHOPPINGLIST&onelink_duration=0.007332&onelink_status=dorpl&onelink_score=-1.0&onelink_page_to=EXPLOSIVESHOPPINGLIST&aff_platform=promotion&cpt=1565720098402&sk=bFHHznyG&aff_trace_key=5023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG&terminal_id=1dbb9112e1314e6ba18ddb765ad93aa5
Frame ID: C95208A1333A2F022864251A49FCAF4A
Requests: 1 HTTP requests in this frame

Frame: https://www.revolut.com/en-DE/aff/1633545_paciborskir@gmail.com_?irgwc=1&p=i&ext=1633545_
Frame ID: 36DEBBC5D685D7F3FADB46E21D27E3F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://rossmannbonyzakupowe.grvdc.eu/ HTTP 301
    https://leadmy.pl/p/k87T/l0z3/mFcv Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

13
Requests

85 %
HTTPS

45 %
IPv6

12
Domains

13
Subdomains

9
IPs

5
Countries

32 kB
Transfer

103 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://rossmannbonyzakupowe.grvdc.eu/ HTTP 301
    https://leadmy.pl/p/k87T/l0z3/mFcv Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5
  • https://s.click.aliexpress.com/e/bFHHznyG HTTP 302
  • https://sale.aliexpress.com/ultimate1111shoppinglist.htm?scm=1007.22893.125781.0&pvid=dac6f85c-e4cf-4271-8bee-83c47e30934e&onelink_thrd=0.015&onelink_page_from=EXPLOSIVESHOPPINGLIST&onelink_duration=0.007332&onelink_status=dorpl&onelink_score=-1.0&onelink_page_to=EXPLOSIVESHOPPINGLIST&aff_platform=promotion&cpt=1565720098402&sk=bFHHznyG&aff_trace_key=5023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG&terminal_id=1dbb9112e1314e6ba18ddb765ad93aa5 HTTP 302
  • https://sale.aliexpress.com/__pc/ultimate1111shoppinglist.htm?scm=1007.22893.125781.0&pvid=dac6f85c-e4cf-4271-8bee-83c47e30934e&onelink_thrd=0.015&onelink_page_from=EXPLOSIVESHOPPINGLIST&onelink_duration=0.007332&onelink_status=dorpl&onelink_score=-1.0&onelink_page_to=EXPLOSIVESHOPPINGLIST&aff_platform=promotion&cpt=1565720098402&sk=bFHHznyG&aff_trace_key=5023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG&terminal_id=1dbb9112e1314e6ba18ddb765ad93aa5
Request Chain 6
  • https://revolut.ngih.net/c/1633545/589915/9626 HTTP 301
  • https://www.revolut.com/aff/1633545_paciborskir%40gmail.com_?irgwc=1&p=i&ext=1633545_ HTTP 301
  • https://www.revolut.com/en-DE/aff/1633545_paciborskir@gmail.com_?irgwc=1&p=i&ext=1633545_
Request Chain 9
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=797748114&t=pageview&_s=1&dl=https%3A%2F%2Fleadmy.pl%2Fp%2Fk87T%2Fl0z3%2FmFcv&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=828677018&gjid=1137046714&cid=987358310.1565720095&tid=UA-110090096-2&_gid=1548236331.1565720095&_r=1&z=1960354487 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=987358310.1565720095&jid=828677018&_gid=1548236331.1565720095&gjid=1137046714&_v=j78&z=1960354487
Request Chain 11
  • https://goto.wyspaofert.com/?gpb=003500610732/rossman&set=1&click_id=mlClick-JzvSroMZ&ref=rossman&val=32852 HTTP 302
  • https://goto.wyspaofert.com/003500610732/rossman HTTP 301
  • https://wyspaofert.com/wingames/PL-pl/rossman/2858/welcome HTTP 301
  • https://wyspaofert.com/wingames/PL-pl/rossman/2858/welcome/ HTTP 303
  • https://56j35.trueharborcarrier.com/

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request mFcv
leadmy.pl/p/k87T/l0z3/
Redirect Chain
  • http://rossmannbonyzakupowe.grvdc.eu/
  • https://leadmy.pl/p/k87T/l0z3/mFcv
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:aadb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8cfba818224a251c84eb7548267af56fa39e7dcb890382892f7d0744cc02321

Request headers

:method
GET
:authority
leadmy.pl
:scheme
https
:path
/p/k87T/l0z3/mFcv
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 13 Aug 2019 18:14:55 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d519f1f1a981dec18830294b2c675986b1565720095; expires=Wed, 12-Aug-20 18:14:55 GMT; path=/; domain=.leadmy.pl; HttpOnly 675c74d5f114ba25a49fb0f4cb02f70f=675c74d5f114ba25a49fb0f4cb02f70f; expires=Wed, 12-Aug-2020 18:14:55 GMT; Max-Age=31536000; path=/; httponly
vary
Accept-Encoding
cache-control
no-cache, no-store, private
x-robots-tag
noindex, nofollow
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
505cabe28cf4d6c9-FRA
content-encoding
br

Redirect headers

Server
nginx/1.10.2
Date
Tue, 13 Aug 2019 18:14:54 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
0
Connection
keep-alive
Cache-Control
public, max-age=15
X-Abuse
URL redirection provided by freedns.afraid.org - please report any misuse of this service
Location
https://leadmy.pl/p/k87T/l0z3/mFcv
jjj.js
leadmy.pl/js/ 		58 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leadmy.pl/js/jjj.js
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:aadb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a23cdfc9caa9177c25831da4e2a1b048ee0c2aec5e6d3e179fa375bfe60402c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://leadmy.pl/p/k87T/l0z3/mFcv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 13 Aug 2019 18:14:55 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2019 13:43:09 GMT
server
cloudflare
age
1986
etag
W/"5cfa69ed-e710"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
505cabe3884fd6c9-FRA
expires
Tue, 13 Aug 2019 22:14:55 GMT
PjUbTG
auth.bitbay.net/ref/ Frame E7B3 		0
0
user-5b2d088386a83
www.g2a.com/r/ Frame A7AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.g2a.com/r/user-5b2d088386a83
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.109.85.152 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a104-109-85-152.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash

Request headers

:method
GET
:authority
www.g2a.com
:scheme
https
:path
/r/user-5b2d088386a83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://leadmy.pl/p/k87T/l0z3/mFcv
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://leadmy.pl/p/k87T/l0z3/mFcv

Response headers

status
403
server
AkamaiGHost
mime-version
1.0
content-type
text/html
content-length
288
expires
Tue, 13 Aug 2019 18:15:00 GMT
date
Tue, 13 Aug 2019 18:15:00 GMT
/
app.autoinvestor.io/ Frame 6A71 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.autoinvestor.io/
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:6a6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
app.autoinvestor.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://leadmy.pl/p/k87T/l0z3/mFcv
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://leadmy.pl/p/k87T/l0z3/mFcv

Response headers

status
200
date
Tue, 13 Aug 2019 18:14:55 GMT
content-type
text/html
set-cookie
__cfduid=d05bfa3bc447f2de5a5b747537e4761231565720095; expires=Wed, 12-Aug-20 18:14:55 GMT; path=/; domain=.autoinvestor.io; HttpOnly
last-modified
Tue, 06 Aug 2019 10:29:10 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
505cabe3ea4be007-FRA
content-encoding
br
230147760107644845
web.bitpanda.com/user/register/ Frame FE0A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://web.bitpanda.com/user/register/230147760107644845
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5ade , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
web.bitpanda.com
:scheme
https
:path
/user/register/230147760107644845
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://leadmy.pl/p/k87T/l0z3/mFcv
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://leadmy.pl/p/k87T/l0z3/mFcv

Response headers

status
200
date
Tue, 13 Aug 2019 18:14:58 GMT
content-type
text/html
set-cookie
__cfduid=d9745054e9e7657258f1ec860102c4fcf1565720098; expires=Wed, 12-Aug-20 18:14:58 GMT; path=/; domain=.bitpanda.com; HttpOnly; Secure
last-modified
Tue, 13 Aug 2019 07:19:29 GMT
cache-control
max-age=0
expires
Tue, 13 Aug 2019 18:14:58 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://*.cloudfront.net/atrk.js https://s.adroll.com/j/roundtrip.js https://bat.bing.com/bat.js https://script.hotjar.com https://www.googleadservices.com https://cdn.siftscience.com/s.js https://www.google.com/recaptcha/api.js https://static.ads-twitter.com/uwt.js https://connect.facebook.net/en_US/fbevents.js https://static.zdassets.com https://analytics.twitter.com https://www.gstatic.com/recaptcha/ https://connect.facebook.net/signals/ https://static.hotjar.com https://googleads.g.doubleclick.net https://d.adroll.com https://ajax.googleapis.com; style-src 'self' 'unsafe-inline' data: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css https://fonts.googleapis.com; img-src 'self' data: https://www.google-analytics.com https://d.adroll.com/ https://www.facebook.com https://pixel.rubiconproject.com/tap.php https://bat.bing.com https://certify.alexametrics.com/atrk.gif https://stats.g.doubleclick.net https://www.google.at/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.google.com/pagead/1p-user-list/ https://www.google.at/pagead/1p-user-list/ https://us-u.openx.net https://ads.yahoo.com https://x.bidswitch.net https://pixel.advertising.com https://trc.taboola.com/sg/adroll-network/1/rtb-h https://simage2.pubmatic.com/AdServer/Pug https://sync.outbrain.com/adroll/pixel https://idsync.rlcdn.com/377928.gif https://eb2.3lift.com/xuid https://t.co/i/adsct https://ib.adnxs.com/ https://dsum-sec.casalemedia.com; frame-src 'self' vars.hotjar.com https://www.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://api.exchange.bitpanda.com https://sentry.io https://bitpanda.zendesk.com https://in.hotjar.com https://api.waskurzes.com https://socket.waskurzes.com:8888 https://vc.hotjar.io; media-src 'none'; object-src 'none'; base-uri 'self'; report-uri https://bpreport21.report-uri.com/r/d/csp/reportOnly
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
505cabf8cba9d6c1-FRA
content-encoding
br
ultimate1111shoppinglist.htm
sale.aliexpress.com/__pc/ Frame C952
Redirect Chain
  • https://s.click.aliexpress.com/e/bFHHznyG
  • https://sale.aliexpress.com/ultimate1111shoppinglist.htm?scm=1007.22893.125781.0&pvid=dac6f85c-e4cf-4271-8bee-83c47e30934e&onelink_thrd=0.015&onelink_page_from=EXPLOSIVESHOPPINGLIST&onelink_duratio...
  • https://sale.aliexpress.com/__pc/ultimate1111shoppinglist.htm?scm=1007.22893.125781.0&pvid=dac6f85c-e4cf-4271-8bee-83c47e30934e&onelink_thrd=0.015&onelink_page_from=EXPLOSIVESHOPPINGLIST&onelink_du...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sale.aliexpress.com/__pc/ultimate1111shoppinglist.htm?scm=1007.22893.125781.0&pvid=dac6f85c-e4cf-4271-8bee-83c47e30934e&onelink_thrd=0.015&onelink_page_from=EXPLOSIVESHOPPINGLIST&onelink_duration=0.007332&onelink_status=dorpl&onelink_score=-1.0&onelink_page_to=EXPLOSIVESHOPPINGLIST&aff_platform=promotion&cpt=1565720098402&sk=bFHHznyG&aff_trace_key=5023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG&terminal_id=1dbb9112e1314e6ba18ddb765ad93aa5
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.45.236.130 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a23-45-236-130.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
sale.aliexpress.com
:scheme
https
:path
/__pc/ultimate1111shoppinglist.htm?scm=1007.22893.125781.0&pvid=dac6f85c-e4cf-4271-8bee-83c47e30934e&onelink_thrd=0.015&onelink_page_from=EXPLOSIVESHOPPINGLIST&onelink_duration=0.007332&onelink_status=dorpl&onelink_score=-1.0&onelink_page_to=EXPLOSIVESHOPPINGLIST&aff_platform=promotion&cpt=1565720098402&sk=bFHHznyG&aff_trace_key=5023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG&terminal_id=1dbb9112e1314e6ba18ddb765ad93aa5
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
referer
https://leadmy.pl/p/k87T/l0z3/mFcv
accept-encoding
gzip, deflate, br
cookie
ali_apache_id=10.182.214.121.1565720098399.472844.3; acs_usuc_t=x_csrf=u79xyy04w3d1&acs_rt=1dbb9112e1314e6ba18ddb765ad93aa5; aeu_cid=5023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG; xman_t=WpU761KU6IXgACxF2lioADu4e8BquJNaRqHJ6/fbfzxWgnIQnKGfB5uXtEqDckFu; xman_f=LorFybTVBZ3tTZYTtD6B6kqDeB7UtQE/PKHomUqzTYQkX18UueaIHlDLjx1I3wyle1geYMb9Nf6aAADeHOrNaxZ/guZ+gdspkUTU/bOL+78Ecgf7JvrlCA==; xman_us_f=x_locale=en_US&x_l=0&x_as_i=%7B%22aeuCID%22%3A%225023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG%22%2C%22af%22%3A%222081345757%22%2C%22affiliateKey%22%3A%22bFHHznyG%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210010060004%22%2C%22cv%22%3A%227%22%2C%22ms%22%3A%221%22%2C%22src%22%3A%22promotion%22%2C%22tagtime%22%3A1565720098402%7D; intl_locale=en_US; aep_usuc_f=c_tp=USD&region=US&b_locale=en_US; intl_common_forever=x+Dx9msI0V5DYMxEkbdanKL5+jn84q6g7Lz4ywSlHuXziAS83EuMqQ==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate
Referer
https://leadmy.pl/p/k87T/l0z3/mFcv

Response headers

status
200
content-type
text/html;charset=UTF-8
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
server
Tengine/Aserver
eagleeye-traceid
0ab6fb8815657200564806315e943a
timing-allow-origin
*
content-encoding
gzip
content-length
9869
cache-control
public, no-transform, max-age=44, s-maxage=120
expires
Tue, 13 Aug 2019 18:15:42 GMT
date
Tue, 13 Aug 2019 18:14:58 GMT

Redirect headers

status
302
content-length
0
p3p
CP="CAO PSA OUR"
location
https://sale.aliexpress.com/__pc/ultimate1111shoppinglist.htm?scm=1007.22893.125781.0&pvid=dac6f85c-e4cf-4271-8bee-83c47e30934e&onelink_thrd=0.015&onelink_page_from=EXPLOSIVESHOPPINGLIST&onelink_duration=0.007332&onelink_status=dorpl&onelink_score=-1.0&onelink_page_to=EXPLOSIVESHOPPINGLIST&aff_platform=promotion&cpt=1565720098402&sk=bFHHznyG&aff_trace_key=5023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG&terminal_id=1dbb9112e1314e6ba18ddb765ad93aa5
x-content-type-options
nosniff
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
server
Tengine/Aserver
eagleeye-traceid
0be3764515657200986315471ef089
timing-allow-origin
*
cache-control
public, no-transform, max-age=0, s-maxage=0
expires
Tue, 13 Aug 2019 18:14:58 GMT
date
Tue, 13 Aug 2019 18:14:58 GMT
set-cookie
xman_us_f=x_locale=en_US&x_l=0&x_as_i=%7B%22aeuCID%22%3A%225023c2ddf1374e5f87399d53a2da0b7c-1565720098402-00444-bFHHznyG%22%2C%22af%22%3A%222081345757%22%2C%22affiliateKey%22%3A%22bFHHznyG%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210010060004%22%2C%22cv%22%3A%227%22%2C%22ms%22%3A%221%22%2C%22src%22%3A%22promotion%22%2C%22tagtime%22%3A1565720098402%7D; Domain=.aliexpress.com; Expires=Sun, 31-Aug-2087 21:29:05 GMT; Path=/ intl_locale=en_US; Domain=.aliexpress.com; Path=/ aep_usuc_f=c_tp=USD&region=US&b_locale=en_US; Domain=.aliexpress.com; Expires=Sun, 31-Aug-2087 21:29:05 GMT; Path=/ intl_common_forever=x+Dx9msI0V5DYMxEkbdanKL5+jn84q6g7Lz4ywSlHuXziAS83EuMqQ==; Domain=.aliexpress.com; Expires=Sun, 31-Aug-2087 21:29:05 GMT; Path=/; HttpOnly
1633545_paciborskir@gmail.com_
www.revolut.com/en-DE/aff/ Frame 36DE
Redirect Chain
  • https://revolut.ngih.net/c/1633545/589915/9626
  • https://www.revolut.com/aff/1633545_paciborskir%40gmail.com_?irgwc=1&p=i&ext=1633545_
  • https://www.revolut.com/en-DE/aff/1633545_paciborskir@gmail.com_?irgwc=1&p=i&ext=1633545_
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.revolut.com/en-DE/aff/1633545_paciborskir@gmail.com_?irgwc=1&p=i&ext=1633545_
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.244.189.130 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
130.189.244.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.revolut.com
:scheme
https
:path
/en-DE/aff/1633545_paciborskir@gmail.com_?irgwc=1&p=i&ext=1633545_
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
nested-navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
nested-navigate

Response headers

status
200
server
nginx
date
Tue, 13 Aug 2019 18:15:14 GMT
content-type
text/html
last-modified
Tue, 13 Aug 2019 14:47:22 GMT
vary
Accept-Encoding
etag
W/"5d52cd7a-127c0"
strict-transport-security
max-age=63072000; includeSubdomains;
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
no-referrer
content-encoding
gzip
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43,39"

Redirect headers

status
301
server
nginx
date
Tue, 13 Aug 2019 18:15:14 GMT
content-type
text/html
content-length
162
location
https://www.revolut.com/en-DE/aff/1633545_paciborskir@gmail.com_?irgwc=1&p=i&ext=1633545_
strict-transport-security
max-age=63072000; includeSubdomains;
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
no-referrer
via
1.1 google
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
cec3748d0c3da4700300d5424aaea375b03550b0ee8b3dd38e242c4022261446
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://leadmy.pl/p/k87T/l0z3/mFcv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 29 Jul 2019 21:35:27 GMT
server
Golfe2
age
2305
date
Tue, 13 Aug 2019 17:36:30 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17724
expires
Tue, 13 Aug 2019 19:36:30 GMT
collect
www.google-analytics.com/ 		35 B
116 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://leadmy.pl/p/k87T/l0z3/mFcv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 13 Aug 2019 18:14:55 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
https://leadmy.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j78&a=797748114&t=pageview&_s=1&dl=https%3A%2F%2Fleadmy.pl%2Fp%2Fk87T%2Fl0z3%2FmFcv&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=I...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=987358310.1565720095&jid=828677018&_gid=1548236331.1565720095&gjid=1137046714&_v=j78&z=1960354487
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=987358310.1565720095&jid=828677018&_gid=1548236331.1565720095&gjid=1137046714&_v=j78&z=1960354487
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/k87T/l0z3/mFcv
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://leadmy.pl/p/k87T/l0z3/mFcv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Tue, 13 Aug 2019 18:14:55 GMT
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Aug 2019 18:14:55 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
302
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=987358310.1565720095&jid=828677018&_gid=1548236331.1565720095&gjid=1137046714&_v=j78&z=1960354487
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
419
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
leadmy.pl/ 		20 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadmy.pl/finger
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/js/jjj.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:aadb , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://leadmy.pl/p/k87T/l0z3/mFcv
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Aug 2019 18:14:55 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
no-cache, private
cf-ray
505cabe48bdcd6c9-FRA
/
56j35.trueharborcarrier.com/
Redirect Chain
  • https://goto.wyspaofert.com/?gpb=003500610732/rossman&set=1&click_id=mlClick-JzvSroMZ&ref=rossman&val=32852
  • https://goto.wyspaofert.com/003500610732/rossman
  • https://wyspaofert.com/wingames/PL-pl/rossman/2858/welcome
  • https://wyspaofert.com/wingames/PL-pl/rossman/2858/welcome/
  • https://56j35.trueharborcarrier.com/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
auth.bitbay.net
URL
https://auth.bitbay.net/ref/PjUbTG
Domain
56j35.trueharborcarrier.com
URL
https://56j35.trueharborcarrier.com/

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies