offers.propertyleadr.net Open in urlscan Pro
3.69.136.55 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://singasong.site/rd/c38552CYFai7398446ddaz3647GJz53111PolK5645
Effective URL:
https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Submission: On February 23 via manual (February 23rd 2023, 8:57:44 am UTC) from GB — Scanned from GB

Summary HTTP 62 Redirects Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 27 domains to perform 62 HTTP transactions. The main IP is 3.69.136.55, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is offers.propertyleadr.net.
TLS certificate: Issued by R3 on December 24th 2022. Valid for: 3 months.

This is the only time offers.propertyleadr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	122.50.1.165 122.50.1.165	9387 (SHARPTEL-...) (SHARPTEL-AS-AP SHARP TELECOM PRIVATE LIMITED)
1 1	57.128.19.228 57.128.19.228	16276 (OVH) (OVH)
1 1	13.38.173.133 13.38.173.133	16509 (AMAZON-02) (AMAZON-02)
2 2	54.246.129.40 54.246.129.40	16509 (AMAZON-02) (AMAZON-02)
3	46.51.165.61 46.51.165.61	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:225... 2600:9000:225e:3a00:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80e::2008	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b150:c90c:2ea1:7b24:4959	14618 (AMAZON-AES) (AMAZON-AES)
1	34.193.23.165 34.193.23.165	14618 (AMAZON-AES) (AMAZON-AES)
3	151.101.129.44 151.101.129.44	54113 (FASTLY) (FASTLY)
6	151.101.2.137 151.101.2.137	54113 (FASTLY) (FASTLY)
1	162.247.241.14 162.247.241.14	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
1 1	3.248.94.153 3.248.94.153	16509 (AMAZON-02) (AMAZON-02)
1	3.69.136.55 3.69.136.55	16509 (AMAZON-02) (AMAZON-02)
2	50.19.70.165 50.19.70.165	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.230.48 141.226.230.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	3.33.220.150 3.33.220.150	16509 (AMAZON-02) (AMAZON-02)
2	13.32.99.104 13.32.99.104	16509 (AMAZON-02) (AMAZON-02)
4	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400d:80e::200a	15169 (GOOGLE) (GOOGLE)
2	2600:9000:225... 2600:9000:2250:6800:1d:11cf:5800:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	44.227.76.101 44.227.76.101	16509 (AMAZON-02) (AMAZON-02)
1	34.117.59.81 34.117.59.81	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	99.86.4.59 99.86.4.59	16509 (AMAZON-02) (AMAZON-02)
5	52.222.250.12 52.222.250.12	16509 (AMAZON-02) (AMAZON-02)
1	34.238.109.20 34.238.109.20	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.147.34 18.66.147.34	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
62	26

2 122.50.1.165 (Washington, United States) 1 redirects

ASN9387 (SHARPTEL-AS-AP SHARP TELECOM PRIVATE LIMITED, PK)
PTR: singasong.site

singasong.site	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 57.128.19.228 (France) 1 redirects

ASN16276 (OVH, FR)

www.hasadom3.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.38.173.133 (Paris, France) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-38-173-133.eu-west-3.compute.amazonaws.com

05mdsexvt3d2jrj-c.adktrack34.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.129.40 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-129-40.eu-west-1.compute.amazonaws.com

go.oferting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trac.oferting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 46.51.165.61 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-46-51-165-61.eu-west-1.compute.amazonaws.com

r-ext.oferting.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:225e:3a00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b150:c90c:2ea1:7b24:4959 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.193.23.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-193-23-165.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.129.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.2.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.241.14 (Apex, United States)

ASN23467 (NEWRELIC-AS-1, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.248.94.153 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-248-94-153.eu-west-1.compute.amazonaws.com

adleadrnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.69.136.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com

offers.propertyleadr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 50.19.70.165 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-19-70-165.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.230.48 (United States)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.33.220.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.99.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-104.fra60.r.cloudfront.net

builder-assets.unbounce.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80e::200a (Ireland)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2250:6800:1d:11cf:5800:93a1 (United States)

ASN16509 (AMAZON-02, US)

d34qb8suadcc4g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 44.227.76.101 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-227-76-101.us-west-2.compute.amazonaws.com

script.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.59.81 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 81.59.117.34.bc.googleusercontent.com

ipinfo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.4.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-59.fra6.r.cloudfront.net

fonts.ub-assets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.222.250.12 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-250-12.fra60.r.cloudfront.net

d9hhrg4mnvzow.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.238.109.20 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-238-109-20.compute-1.amazonaws.com

events.ub-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.147.34 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-34.fra60.r.cloudfront.net

ads.anura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
7	cloudfront.net d34qb8suadcc4g.cloudfront.net d9hhrg4mnvzow.cloudfront.net	73 KB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 341	11 KB
6	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2597 rp.liadm.com — Cisco Umbrella Rank: 1506 rp4.liadm.com — Cisco Umbrella Rank: 6908 i.liadm.com — Cisco Umbrella Rank: 575	18 KB
5	oferting.org 2 redirects go.oferting.org r-ext.oferting.org trac.oferting.org	68 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 106	249 B
4	ub-assets.com fonts.ub-assets.com — Cisco Umbrella Rank: 25065	52 KB
4	anura.io script.anura.io — Cisco Umbrella Rank: 49459 ads.anura.io — Cisco Umbrella Rank: 81384	21 KB
4	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 196	123 KB
4	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 900 trc.taboola.com — Cisco Umbrella Rank: 644 trc-events.taboola.com — Cisco Umbrella Rank: 1739	20 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 149	244 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	unbounce.com builder-assets.unbounce.com — Cisco Umbrella Rank: 18261	37 KB
2	singasong.site 1 redirects singasong.site	581 B
1	ub-analytics.com events.ub-analytics.com — Cisco Umbrella Rank: 24559	245 B
1	ipinfo.io ipinfo.io — Cisco Umbrella Rank: 6471	557 B
1	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 298	31 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 295	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 460	675 B
1	propertyleadr.net offers.propertyleadr.net	11 KB
1	adleadrnetwork.com 1 redirects adleadrnetwork.com	854 B
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 222
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 50	68 KB
1	adktrack34.xyz 1 redirects 05mdsexvt3d2jrj-c.adktrack34.xyz	248 B
1	hasadom3.com 1 redirects www.hasadom3.com	613 B
0	zemanta.com Failed b1sync.zemanta.com Failed
0	addthis.com Failed x.dlx.addthis.com Failed
0	bidswitch.net Failed x.bidswitch.net Failed
62	27

	Domain	Requested by
6	js-agent.newrelic.com	r-ext.oferting.org
5	d9hhrg4mnvzow.cloudfront.net	offers.propertyleadr.net
4	www.facebook.com	offers.propertyleadr.net
4	fonts.ub-assets.com	builder-assets.unbounce.com fonts.ub-assets.com
4	cdnjs.cloudflare.com	offers.propertyleadr.net cdnjs.cloudflare.com
3	script.anura.io	offers.propertyleadr.net script.anura.io
3	connect.facebook.net	offers.propertyleadr.net connect.facebook.net
3	www.google-analytics.com	r-ext.oferting.org
3	r-ext.oferting.org	singasong.site r-ext.oferting.org
2	d34qb8suadcc4g.cloudfront.net	offers.propertyleadr.net d34qb8suadcc4g.cloudfront.net
2	builder-assets.unbounce.com	offers.propertyleadr.net
2	i.liadm.com	b-code.liadm.com i.liadm.com
2	trc.taboola.com	cdn.taboola.com i.liadm.com
2	b-code.liadm.com	r-ext.oferting.org b-code.liadm.com
2	singasong.site	1 redirects
1	ads.anura.io	script.anura.io
1	events.ub-analytics.com	offers.propertyleadr.net
1	ipinfo.io	ajax.googleapis.com
1	ajax.googleapis.com	offers.propertyleadr.net
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	1 redirects
1	trc-events.taboola.com	cdn.taboola.com
1	offers.propertyleadr.net
1	adleadrnetwork.com	1 redirects
1	trac.oferting.org	1 redirects
1	bam.nr-data.net	js-agent.newrelic.com
1	cdn.taboola.com	singasong.site
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	www.googletagmanager.com	r-ext.oferting.org
1	go.oferting.org	1 redirects
1	05mdsexvt3d2jrj-c.adktrack34.xyz	1 redirects
1	www.hasadom3.com	1 redirects
0	b1sync.zemanta.com Failed	i.liadm.com
0	x.dlx.addthis.com Failed	i.liadm.com
0	x.bidswitch.net Failed	i.liadm.com
62	36

This site contains no links.

Subject Issuer	Validity	Valid
*.oferting.org Amazon RSA 2048 M02	`2023-02-10` - `2023-05-26`	3 months	crt.sh
*.liadm.com Amazon	`2023-01-01` - `2024-01-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh
offers.propertyleadr.net R3	`2022-12-24` - `2023-03-24`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.unbounce.com Amazon RSA 2048 M01	`2023-02-21` - `2024-02-07`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-01` - `2023-04-26`	3 months	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-12-02` - `2023-03-02`	3 months	crt.sh
script.anura.io Amazon RSA 2048 M01	`2023-02-08` - `2023-08-04`	6 months	crt.sh
ipinfo.io R3	`2023-01-18` - `2023-04-18`	3 months	crt.sh
fonts.ub-assets.com Amazon RSA 2048 M02	`2022-11-17` - `2023-12-17`	a year	crt.sh
*.ub-analytics.com Amazon RSA 2048 M01	`2023-02-22` - `2023-05-09`	3 months	crt.sh
ads.anura.io Amazon	`2022-06-29` - `2023-07-28`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Frame ID: DE1E94E09590857081F2B268FBC03951
Requests: 55 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: 48623824BFF5A07637395CABECE02B5B
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://singasong.site/rd/c38552CYFai7398446ddaz3647GJz53111PolK5645 Page URL
http://singasong.site/track/c38552CYFai7398446ddaz3647GJz53111PolK5645 HTTP 302
https://www.hasadom3.com/3MN427Q/2239XZTN/?sub1=8&sub2=5645-38552&sub3=7398446-3647-53111 HTTP 302
https://05mdsexvt3d2jrj-c.adktrack34.xyz/?o=1063&a=101&k=4234&s=79061&d=2446&affclickid=887dbfa42a8a40c59fd1920c1de6a... HTTP 301
https://go.oferting.org/1ok37?vars=_vextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d HTTP 302
https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&o... Page URL
https://trac.oferting.org/of/?extclickid=_adk022f2adafc7f6178e7093a585aaab1938d&emn_i=871&emn_a=5776&e... HTTP 302
https://adleadrnetwork.com/?a=3&c=1843&s1=&s2=05776087100998212309732353391845341f7v1f3jv6arbxg0ax34wr7... HTTP 302
https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

62
Requests

87 %
HTTPS

29 %
IPv6

27
Domains

36
Subdomains

26
IPs

5
Countries

796 kB
Transfer

2242 kB
Size

21
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://singasong.site/rd/c38552CYFai7398446ddaz3647GJz53111PolK5645 Page URL
http://singasong.site/track/c38552CYFai7398446ddaz3647GJz53111PolK5645 HTTP 302
https://www.hasadom3.com/3MN427Q/2239XZTN/?sub1=8&sub2=5645-38552&sub3=7398446-3647-53111 HTTP 302
https://05mdsexvt3d2jrj-c.adktrack34.xyz/?o=1063&a=101&k=4234&s=79061&d=2446&affclickid=887dbfa42a8a40c59fd1920c1de6a676&s1=1645 HTTP 301
https://go.oferting.org/1ok37?vars=_vextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d HTTP 302
https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu Page URL
https://trac.oferting.org/of/?extclickid=_adk022f2adafc7f6178e7093a585aaab1938d&emn_i=871&emn_a=5776&emn_c=391845&emn_rt=0&ol=B&emn_p=&emn_cat=9982123-9732353&term=&emn_t=9732353&ref_offer=9982123&hs=2802240735&go=https%3A%2F%2Fadleadrnetwork.com%2F%3Fa%3D3%26c%3D1843%26s1%3D%26s2%3Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu HTTP 302
https://adleadrnetwork.com/?a=3&c=1843&s1=&s2=05776087100998212309732353391845341f7v1f3jv6arbxg0ax34wr78g4c1ql HTTP 302
https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

http://singasong.site/track/c38552CYFai7398446ddaz3647GJz53111PolK5645 HTTP 302
https://www.hasadom3.com/3MN427Q/2239XZTN/?sub1=8&sub2=5645-38552&sub3=7398446-3647-53111 HTTP 302
https://05mdsexvt3d2jrj-c.adktrack34.xyz/?o=1063&a=101&k=4234&s=79061&d=2446&affclickid=887dbfa42a8a40c59fd1920c1de6a676&s1=1645 HTTP 301
https://go.oferting.org/1ok37?vars=_vextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d HTTP 302
https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu

Request Chain 10

https://rp.liadm.com/j?dtstmp=1677142658363&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&tna=v2.6.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_adk022f2adafc7f6178e7093a585aaab1938d%2526emn_i%253D871%2526emn_a%253D5776%2526emn_c%253D391845%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9982123-9732353%2526term%253D%2526emn_t%253D9732353%2526ref_offer%253D9982123%2526hs%253D2802240735%2526go%253Dhttps%25253A%25252F%25252Fadleadrnetwork.com%25252F%25253Fa%25253D3%252526c%25253D1843%252526s1%25253D%252526s2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&refr=http%3A%2F%2Fsingasong.site%2F&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUHJvcGVydHlsZWFkcidzIHdlYnNpdGU8L3RpdGxlPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1677142658363&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&tna=v2.6.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_adk022f2adafc7f6178e7093a585aaab1938d%2526emn_i%253D871%2526emn_a%253D5776%2526emn_c%253D391845%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9982123-9732353%2526term%253D%2526emn_t%253D9732353%2526ref_offer%253D9982123%2526hs%253D2802240735%2526go%253Dhttps%25253A%25252F%25252Fadleadrnetwork.com%25252F%25253Fa%25253D3%252526c%25253D1843%252526s1%25253D%252526s2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&refr=http%3A%2F%2Fsingasong.site%2F&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUHJvcGVydHlsZWFkcidzIHdlYnNpdGU8L3RpdGxlPg&i6=MjAwMTphYzg6MjE6ZTo6Mw%3D%3D&n3pc=true

Request Chain 22

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F0e0ea1ad45b247058f1120fd8dc424a3%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&36f48899-e2c8-4d50-aeb9-1bbd85e87aac HTTP 302
https://i.liadm.com/s/e/a-00xy/0/0e0ea1ad45b247058f1120fd8dc424a3?mpid=7156&muid=e19a63f7-2a84-4800-8b1d-e7dca1b49991

Request Chain 25

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=36f48899-e2c8-4d50-aeb9-1bbd85e87aac&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F0e0ea1ad45b247058f1120fd8dc424a3%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=36f48899-e2c8-4d50-aeb9-1bbd85e87aac&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F0e0ea1ad45b247058f1120fd8dc424a3%3Fmpid%3D82775%26muid%3D%24%7BDD_UUID%7D HTTP 302
https://i.liadm.com/s/e/a-00xy/0/0e0ea1ad45b247058f1120fd8dc424a3?mpid=82775&muid=30195978000132535223132721244800683464

62 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK c38552CYFai7398446ddaz3647GJz53111PolK5645
singasong.site/rd/ 243 B
360 B 617ms
183ms Document
text/html 122.50.1.165
SHARPTEL-AS-AP SH...

General

Check archive.org

Show headers Download Go to

Full URL: http://singasong.site/rd/c38552CYFai7398446ddaz3647GJz53111PolK5645
Protocol: HTTP/1.1
Server: 122.50.1.165 Washington, United States, ASN9387 (SHARPTEL-AS-AP SHARP TELECOM PRIVATE LIMITED, PK),
Reverse DNS: singasong.site
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Content-Length: 243
Content-Type: text/html; charset=utf-8
Date: Thu, 23 Feb 2023 08:57:36 GMT

GET
H2

200

/ Show response
r-ext.oferting.org/r/
Redirect Chain

http://singasong.site/track/c38552CYFai7398446ddaz3647GJz53111PolK5645
https://www.hasadom3.com/3MN427Q/2239XZTN/?sub1=8&sub2=5645-38552&sub3=7398446-3647-53111
https://05mdsexvt3d2jrj-c.adktrack34.xyz/?o=1063&a=101&k=4234&s=79061&d=2446&affclickid=887dbfa42a8a40c59fd1920c1de6a676&s1=1645
https://go.oferting.org/1ok37?vars=_vextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d
https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2F...

39 KB
15 KB

258ms
91ms

Document
text/html

46.51.165.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Requested by: Host: singasong.site
URL: http://singasong.site/rd/c38552CYFai7398446ddaz3647GJz53111PolK5645
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-165-61.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 9cf1a295d768ebe9757c34f0ddda641b45eb1adb638294b129d540070b76d5c8

Request headers

Referer: http://singasong.site/rd/c38552CYFai7398446ddaz3647GJz53111PolK5645
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, private
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 23 Feb 2023 08:57:37 GMT
server: nginx
vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 20
Content-Type: text/html
Date: Thu, 23 Feb 2023 08:57:36 GMT
Keep-Alive: timeout=2, max=200
Location: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Server: Apache
Vary: Accept-Encoding
X-Powered-By: PHP/5.3.10-1ubuntu3.48

GET
H2 200 a-00xy.min.js Show response
b-code.liadm.com/ 34 KB
12 KB 188ms
56ms Script
application/javascript 2600:9000:225e:3a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-00xy.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 381155c11bc1056001c15459d40b1a9e44f386fc2a9ce85cf1aba05eeeb0f112

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 05:09:54 GMT
content-encoding: gzip
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
age: 13664
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: mCl167gm909RYuge1-uIC3PX5QQaA1J5n8L3zjPLhXeeCDjXUKFU3g==

GET
H2 200 preload.gif
r-ext.oferting.org/images/ 18 KB
18 KB 46ms
46ms Image
image/gif 46.51.165.61
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r-ext.oferting.org/images/preload.gif
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-165-61.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:38 GMT
last-modified: Sat, 23 Jul 2022 07:58:20 GMT
server: nginx
accept-ranges: bytes
etag: "62dbaa1c-47ed"
content-length: 18413
content-type: image/gif

GET
H2 200 jquery-3.3.1.min.js Show response
r-ext.oferting.org/js/ 85 KB
34 KB 49ms
48ms Script
application/javascript 46.51.165.61
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://r-ext.oferting.org/js/jquery-3.3.1.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.51.165.61 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-46-51-165-61.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:38 GMT
content-encoding: gzip
last-modified: Sat, 23 Jul 2022 07:58:20 GMT
server: nginx
etag: W/"62dbaa1c-1538f"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 165ms
58ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 23 Feb 2023 08:54:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 174
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 23 Feb 2023 10:54:44 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
68 KB 227ms
83ms Script
application/javascript 2a00:1450:400d:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-ML8Z3ZJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f98f9ef9c402fbfad2543c4ddf016e7fb61f45c7c57ecda75e6d7f2c0dde1a42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:38 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69491
x-xss-protection: 0
last-modified: Thu, 23 Feb 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 23 Feb 2023 08:57:38 GMT

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ 6 KB
3 KB 51ms
51ms Script
application/javascript 2600:9000:225e:3a00:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-00xy.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225e:3a00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
content-encoding: gzip
via: 1.1 b47ba5841a54cf2d19fc521c78e94514.cloudfront.net (CloudFront)
date: Wed, 08 Feb 2023 01:07:19 GMT
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P4
age: 1324220
x-amz-server-side-encryption: AES256
etag: W/"ae5e94de938b0387eda6df8f20da811a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=2592000
x-amz-cf-id: OzRDS5RBOuVHyAg951-TZI_ZLJuvLeuZelc_7oLe25-GdrspSczJSQ==

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 51ms
50ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=386983482&t=pageview&_s=1&dl=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_adk022f2adafc7f6178e7093a585aaab1938d%2526emn_i%253D871%2526emn_a%253D5776%2526emn_c%253D391845%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9982123-9732353%2526term%253D%2526emn_t%253D9732353%2526ref_offer%253D9982123%2526hs%253D2802240735%2526go%253Dhttps%25253A%25252F%25252Fadleadrnetwork.com%25252F%25253Fa%25253D3%252526c%25253D1843%252526s1%25253D%252526s2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&dr=http%3A%2F%2Fsingasong.site%2F&ul=en-us&de=UTF-8&dt=World%20--%20we%20are%20redirecting%20you%20to%20Propertyleadr%27s%20website&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=4GgACAABBAAAAAAAIE~&cid=1262610259.1677142658&tid=UA-46029424-1&_gid=1096179351.1677142658&z=1011902327

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:16:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45642
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 51ms
51ms Image
image/gif 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Feb 2023 20:16:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 45642
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

j
rp4.liadm.com/
Redirect Chain

https://rp.liadm.com/j?dtstmp=1677142658363&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&tna=v2.6.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_...
https://rp4.liadm.com/j?dtstmp=1677142658363&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&tna=v2.6.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm...

13 B
552 B

626ms
128ms

XHR
application/json

34.193.23.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1677142658363&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&tna=v2.6.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_adk022f2adafc7f6178e7093a585aaab1938d%2526emn_i%253D871%2526emn_a%253D5776%2526emn_c%253D391845%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9982123-9732353%2526term%253D%2526emn_t%253D9732353%2526ref_offer%253D9982123%2526hs%253D2802240735%2526go%253Dhttps%25253A%25252F%25252Fadleadrnetwork.com%25252F%25253Fa%25253D3%252526c%25253D1843%252526s1%25253D%252526s2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&refr=http%3A%2F%2Fsingasong.site%2F&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUHJvcGVydHlsZWFkcidzIHdlYnNpdGU8L3RpdGxlPg&i6=MjAwMTphYzg6MjE6ZTo6Mw%3D%3D&n3pc=true

Protocol

Server

34.193.23.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-193-23-165.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:39 GMT
x-pixel-event-id: 674311a8-5fc3-477e-b177-f626a0bf77a1
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: ac18699e034c04a3
content-length: 13
x-xss-protection: 1; mode=block

Redirect headers

date: Thu, 23 Feb 2023 08:57:39 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1677142658363&aid=a-00xy&se=e30&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&tna=v2.6.0&pu=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_adk022f2adafc7f6178e7093a585aaab1938d%2526emn_i%253D871%2526emn_a%253D5776%2526emn_c%253D391845%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9982123-9732353%2526term%253D%2526emn_t%253D9732353%2526ref_offer%253D9982123%2526hs%253D2802240735%2526go%253Dhttps%25253A%25252F%25252Fadleadrnetwork.com%25252F%25253Fa%25253D3%252526c%25253D1843%252526s1%25253D%252526s2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&wpn=lc-bundle&refr=http%3A%2F%2Fsingasong.site%2F&c=PHRpdGxlPldvcmxkIC0tIHdlIGFyZSByZWRpcmVjdGluZyB5b3UgdG8gUHJvcGVydHlsZWFkcidzIHdlYnNpdGU8L3RpdGxlPg&i6=MjAwMTphYzg6MjE6ZTo6Mw%3D%3D&n3pc=true
access-control-allow-origin: https://r-ext.oferting.org
request-time: 0
access-control-allow-credentials: true
trace-id: 16464774a76ddb91
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1192092/ 58 KB
18 KB 285ms
206ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Requested by: Host: singasong.site
URL: http://singasong.site/rd/c38552CYFai7398446ddaz3647GJz53111PolK5645
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ecfc43c816972f4c69630f4f5c99ad435b7172bab1771f74748063435a003ed4

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: IOkiJ9SQIQKq8zlpaqMBVtsS3kb_hF2d
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Feb 2023 08:57:38 GMT
x-amz-request-id: R73FTRXGW8G2QVKW
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 18385
x-amz-id-2: ldoXkX3iGafBlWbpnT5gZV810+Okd3LzQNSsAhSZ5JVxKBm0iYbFK/0UE+sGibsnLtCPCrPxq2c=
x-served-by: cache-lon420125-LON
last-modified: Sun, 19 Feb 2023 11:10:56 GMT
server: AmazonS3
x-timer: S1677142659.512689,VS0,VE170
etag: "3eb577537300854df52ea31b5fbc828a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 67
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 200 json Show response
trc.taboola.com/1192092/trc/3/ 2 KB
2 KB 64ms
50ms Script
application/javascript 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1192092/trc/3/json?tim=1677142658715&data=%7B%22id%22%3A193%2C%22ii%22%3A%22%2Fr%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1677142658709%2C%22cv%22%3A%2220230219-9-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_adk022f2adafc7f6178e7093a585aaab1938d%2526emn_i%253D871%2526emn_a%253D5776%2526emn_c%253D391845%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9982123-9732353%2526term%253D%2526emn_t%253D9732353%2526ref_offer%253D9982123%2526hs%253D2802240735%2526go%253Dhttps%25253A%25252F%25252Fadleadrnetwork.com%25252F%25253Fa%25253D3%252526c%25253D1843%252526s1%25253D%252526s2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%22%2C%22e%22%3A%22http%3A%2F%2Fsingasong.site%2F%22%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Dtaboolaaccount-asuvoravaemailingnetworkcom%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1677142658714%2C%22ref%22%3A%22http%3A%2F%2Fsingasong.site%2F%22%2C%22item-url%22%3A%22https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_adk022f2adafc7f6178e7093a585aaab1938d%2526emn_i%253D871%2526emn_a%253D5776%2526emn_c%253D391845%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9982123-9732353%2526term%253D%2526emn_t%253D9732353%2526ref_offer%253D9982123%2526hs%253D2802240735%2526go%253Dhttps%25253A%25252F%25252Fadleadrnetwork.com%25252F%25253Fa%25253D3%252526c%25253D1843%252526s1%25253D%252526s2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu%22%2C%22tos%22%3A1%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22ler%22%3A%22other%22%2C%22supv%22%3Atrue%7D%7D&pubit=i
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 24f7deb1b09ba44cc10e7da6cefa49cd9f362ed88bbd0faf5d3bc5bbafad6a5d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 15
date: Thu, 23 Feb 2023 08:57:38 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: cache-lon420125-LON
server: nginx
x-timer: S1677142659.747274,VS0,VE15
vary: Accept-Encoding
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 async-api.6bb277af-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 113ms
35ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: ccu4IA9M.iSFjMQAJQZ9WRC6vNK74xfk
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Feb 2023 08:57:38 GMT
x-amz-request-id: XWMMZ5955RNEXACG
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1094
x-amz-id-2: d/ol7QUPBqv6sXXn+B2XvxdYjIvet24Vs8XGzuAfgwlszcGicJnvmATUjoWgkliRJd/if9n7imo=
x-served-by: cache-lon4283-LON
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677142659.879393,VS0,VE0
etag: "dd573d973dfb2a2559befdfb616d511d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3175

GET
H2 200 lazy-loader.48127245-1225.min.js Show response
js-agent.newrelic.com/ 2 KB
725 B 114ms
36ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.48127245-1225.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: x72sIi24uKUpr9UhD5QY7PCKtNgMfeY4
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Feb 2023 08:57:38 GMT
x-amz-request-id: WZBRGA9VZPQR78G8
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 520
x-amz-id-2: qMh892pjfrXrBbVafP8jnytxnLNH/zNPqBf7SjS9Fqqca/SjyzIiMjPlaNQvKo+2F/sw6nohw2A=
x-served-by: cache-lon4283-LON
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677142659.879502,VS0,VE0
etag: "a3759bbbd15fffd73531bda1e8166ae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3180

GET
H2 200 118.d37755e4-1225.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 36ms
36ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/118.d37755e4-1225.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 8iuwUwYODDWrlAN7lGJW4CKaVaPtd.FC
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Feb 2023 08:57:38 GMT
x-amz-request-id: K8RMV1EZHS710SVK
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3412
x-amz-id-2: 2IXZkHXSU+RBQEiuRp4xZb3Uef+MualNJ2R7Jhmj30XfxwUiPJSLKiVvhXIcrSX6xJI0K7+HtQM=
x-served-by: cache-lon4283-LON
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677142659.918502,VS0,VE0
etag: "9c8a05b5703a1c30e0418f9ba42337df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3148

GET
H2 200 page_view_event-aggregate.29613e65-1225.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 37ms
37ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1225.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: Q2wYJMaFVSMNo7QiSpnsS727o5X3kt_1
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Feb 2023 08:57:38 GMT
x-amz-request-id: Z37GZ0PGS94J1YJE
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1682
x-amz-id-2: DVILA7OyXByQy3pL2xdSLV6OWQt/14iCQ9Smi7+abL+mnAYxjCbE4qsOPGHTzaEA1FnKSZUM6eM=
x-served-by: cache-lon4283-LON
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677142659.918724,VS0,VE0
etag: "0743ee0ec30428f3654ee07d779efb64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3145

GET
H2 200 page_view_timing-aggregate.e791ce32-1225.min.js Show response
js-agent.newrelic.com/ 5 KB
3 KB 38ms
37ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.e791ce32-1225.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 5Hc0bLUe_lA8zF4035AV9Xl5FkevBdYq
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Feb 2023 08:57:38 GMT
x-amz-request-id: 9WCS5AT4G5VNPY4K
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2248
x-amz-id-2: qZK/fQdg/BP7G70n1RGkeXwswg4+5jhQf8HGwHvcFy74N9jBbcJ91jWEV6mrOaYQaw0eXfBLV48=
x-served-by: cache-lon4283-LON
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677142659.919205,VS0,VE0
etag: "84ba19034cf0206a49ecf68893086bdd"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3160

GET
H2 200 metrics-aggregate.b4a54ed9-1225.min.js Show response
js-agent.newrelic.com/ 1 KB
934 B 39ms
38ms Script
application/javascript 151.101.2.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.b4a54ed9-1225.min.js
Requested by: Host: r-ext.oferting.org
URL: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.2.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id: 0sI71h2BU2Q4FabSOYi.9wzegJNG1fuh
content-encoding: gzip
via: 1.1 varnish
date: Thu, 23 Feb 2023 08:57:38 GMT
x-amz-request-id: XWMKGBJXY92RWWDC
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 730
x-amz-id-2: kerLR4fa8v2Vqc22PLLjs2goe8s0XbzzLYS7P1v3I13+NOl+NN69WoRgWuYMFIFUW54nHuzOwZg=
x-served-by: cache-lon4283-LON
last-modified: Fri, 10 Feb 2023 20:23:02 GMT
server: AmazonS3
x-timer: S1677142659.919403,VS0,VE0
etag: "395608505dac1e4fbe08bd146e09f5c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3138

GET
H/1.1 402
Payment Required 801818eb79
bam.nr-data.net/1/ 0
0 593ms
441ms Script
text/plain 162.247.241.14
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/801818eb79?a=67561576&v=1225.PROD&to=b1BbMUZZDxBTAkFYWlYabBddFwgNVgRNH0VQRQ%3D%3D&rst=2875&ck=0&s=cc4ddc9ff362461f&ref=https://r-ext.oferting.org/r/&ap=18&be=1991&fe=726&dc=91&perf=%7B%22timing%22:%7B%22of%22:1677142656067,%22n%22:0,%22f%22:1701,%22dn%22:1702,%22dne%22:1770,%22c%22:1770,%22s%22:1815,%22ce%22:1868,%22rq%22:1868,%22rp%22:1959,%22rpe%22:1971,%22dl%22:1974,%22di%22:2082,%22ds%22:2082,%22de%22:2082,%22dc%22:2716,%22l%22:2716,%22le%22:2718%7D,%22navigation%22:%7B%7D%7D&fp=2024&fcp=2024&at=QxdYRw5DHB4%3D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1225.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.241.14 Apex, United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 08:57:39 GMT
Server: cloudflare
Connection: keep-alive
CF-RAY: 79dec1536a97e597-MAN
Content-Length: 2
Vary: Accept-Encoding
Content-Type: text/plain;charset=UTF-8

GET
H/1.1

200
OK

Primary Request / Show response
offers.propertyleadr.net/birchmore-axiom/
Redirect Chain

https://trac.oferting.org/of/?extclickid=_adk022f2adafc7f6178e7093a585aaab1938d&emn_i=871&emn_a=5776&emn_c=391845&emn_rt=0&ol=B&emn_p=&emn_cat=9982123-9732353&term=&emn_t=9732353&ref_offer=9982123&...
https://adleadrnetwork.com/?a=3&c=1843&s1=&s2=05776087100998212309732353391845341f7v1f3jv6arbxg0ax34wr78g4c1ql
https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

48 KB
11 KB

507ms
98ms

Document
text/html

3.69.136.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.69.136.55 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-69-136-55.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: a799d28c460ace92c850b994d9a0b83f2a7a1f1f633bac361b0d165fcfd1bbd6

Request headers

Referer: https://r-ext.oferting.org/r/?utm_source=propertyleadr&utm_medium=sopext&utm_campaign=9982123-9732353&orig=automatic&utm_term=generica&rtt=&f=0&c=finance&g=&partner=world&redirection=https%3A%2F%2Ftrac.oferting.org%2Fof%2F%3Fextclickid%3D_adk022f2adafc7f6178e7093a585aaab1938d%26emn_i%3D871%26emn_a%3D5776%26emn_c%3D391845%26emn_rt%3D0%26ol%3DB%26emn_p%3D%26emn_cat%3D9982123-9732353%26term%3D%26emn_t%3D9732353%26ref_offer%3D9982123%26hs%3D2802240735%26go%3Dhttps%253A%252F%252Fadleadrnetwork.com%252F%253Fa%253D3%2526c%253D1843%2526s1%253D%2526s2%253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-length: 10113
content-location: https://offers.propertyleadr.net/birchmore-axiom/
content-type: text/html; charset=utf-8
date: Thu, 23 Feb 2023 08:57:40 GMT
etag: "a:03fd9b08755b4710a90b405e5ed3d87a"
link: <https://offers.propertyleadr.net/birchmore-axiom/>; rel="canonical"
x-proxy-backend: page-server
x-unbounce-pageid: 8034c347-dd14-46cd-b2d1-c89ae73a0498
x-unbounce-variant: a
x-unbounce-visitorid: 03fd9b08-755b-4710-a90b-405e5ed3d87a

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 236
Content-Type: text/html; charset=utf-8
Date: Thu, 23 Feb 2023 08:57:40 GMT
Location: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
P3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"

GET
H/1.1 200
OK a-00xy
i.liadm.com/s/c/ Frame 4862 1 KB
1 KB 563ms
129ms Document
text/html 50.19.70.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

50.19.70.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-70-165.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://r-ext.oferting.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 676
Content-Type: text/html; charset=UTF-8
Date: Thu, 23 Feb 2023 08:57:40 GMT
ETag: 1.61803398874
Request-Time: 6
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 204 unip
trc-events.taboola.com/1192092/log/3/ 0
249 B 703ms
178ms XHR
text/plain 141.226.230.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1192092/log/3/unip?en=pre_d_eng_tb&tos=1551&scd=0&ssd=1&est=1677142658712&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1677142660264&vi=1677142658709&ri=14eb6f0ca1f13766891d9198e1a4e61c&ref=http%3A%2F%2Fsingasong.site%2F&cv=20230219-9-RELEASE&item-url=https%3A%2F%2Fr-ext.oferting.org%2Fr%2F%3Futm_source%3Dpropertyleadr%26utm_medium%3Dsopext%26utm_campaign%3D9982123-9732353%26orig%3Dautomatic%26utm_term%3Dgenerica%26rtt%3D%26f%3D0%26c%3Dfinance%26g%3D%26partner%3Dworld%26redirection%3Dhttps%253A%252F%252Ftrac.oferting.org%252Fof%252F%253Fextclickid%253D_adk022f2adafc7f6178e7093a585aaab1938d%2526emn_i%253D871%2526emn_a%253D5776%2526emn_c%253D391845%2526emn_rt%253D0%2526ol%253DB%2526emn_p%253D%2526emn_cat%253D9982123-9732353%2526term%253D%2526emn_t%253D9732353%2526ref_offer%253D9982123%2526hs%253D2802240735%2526go%253Dhttps%25253A%25252F%25252Fadleadrnetwork.com%25252F%25253Fa%25253D3%252526c%25253D1843%252526s1%25253D%252526s2%25253Daaaaaiiiiooooooooonnnnnnnnccccccuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuuu&ler=other
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1192092/tfa.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.230.48 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://r-ext.oferting.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: https://r-ext.oferting.org
pragma: no-cache
date: Thu, 23 Feb 2023 08:57:40 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H/1.1

200
OK

0e0ea1ad45b247058f1120fd8dc424a3
i.liadm.com/s/e/a-00xy/0/ Frame 4862
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F0e0ea1ad45b247058f1120fd8dc424a3%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&36f48899-e2c8-4d50-aeb9-1bb...
https://i.liadm.com/s/e/a-00xy/0/0e0ea1ad45b247058f1120fd8dc424a3?mpid=7156&muid=e19a63f7-2a84-4800-8b1d-e7dca1b49991

43 B
274 B

122ms
122ms

Image
image/gif

50.19.70.165
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-00xy/0/0e0ea1ad45b247058f1120fd8dc424a3?mpid=7156&muid=e19a63f7-2a84-4800-8b1d-e7dca1b49991

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Server

50.19.70.165 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-50-19-70-165.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date: Thu, 23 Feb 2023 08:57:40 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 0
Content-Type: image/gif

Redirect headers

Date: Thu, 23 Feb 2023 08:57:40 GMT
Server: MT3 475 4bd2ccd master cdg-pixel-x27 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-00xy/0/0e0ea1ad45b247058f1120fd8dc424a3?mpid=7156&muid=e19a63f7-2a84-4800-8b1d-e7dca1b49991
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 23 Feb 2023 08:57:39 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame 4862 70 B
265 B 172ms
49ms Image
image/gif 3.33.220.150
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.33.220.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Thu, 23 Feb 2023 08:57:40 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET syncd
x.bidswitch.net/ Frame 4862 0
0

GET

0e0ea1ad45b247058f1120fd8dc424a3
i.liadm.com/s/e/a-00xy/0/ Frame 4862
Redirect Chain

https://dpm.demdex.net/ibs:dpid=127444&dpuuid=36f48899-e2c8-4d50-aeb9-1bbd85e87aac&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F0e0ea1ad45b247058f1120fd8dc424a3%3Fmpid%3D82775%26muid%3D%2...
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=127444&dpuuid=36f48899-e2c8-4d50-aeb9-1bbd85e87aac&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-00xy%2F0%2F0e0ea1ad45b247058f1120fd8dc424a3%3Fmp...
https://i.liadm.com/s/e/a-00xy/0/0e0ea1ad45b247058f1120fd8dc424a3?mpid=82775&muid=30195978000132535223132721244800683464

0
0

GET live_intent_sync
x.dlx.addthis.com/e/ Frame 4862 0
0

GET
H2 200 /
trc.taboola.com/sg/liveintent/1/cm/ Frame 4862 43 B
151 B 45ms
44ms Image
image/gif 151.101.129.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/liveintent/1/cm/
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-00xy?s=&cim=&ps=true&ls=true&duid=0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Thu, 23 Feb 2023 08:57:40 GMT
via: 1.1 varnish
x-served-by: cache-lon420125-LON
server: nginx
x-timer: S1677142661.606546,VS0,VE9
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET /
b1sync.zemanta.com/usersync/liveintent/ Frame 4862 0
0

GET
H2 200 main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 15 KB
3 KB 167ms
50ms Stylesheet
text/css 13.32.99.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 01:22:01 GMT
content-encoding: gzip
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-version-id: F0XZlkUrGu6OlrfKzU_C7UXh1V6i6hug
last-modified: Wed, 23 Nov 2022 23:24:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 2878541
etag: "3d27e56a34e34b278ab5e182cbc3b587"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 2902
x-amz-cf-id: pNLq48Qi5rAUGUEkDuEdo3I-xe4b7nqJFLpbsWBmWtWxqQn2hCgFcA==

GET
H2 200 intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/ 25 KB
2 KB 181ms
106ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css

Requested by

Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 10946926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1970
last-modified: Tue, 31 May 2022 01:06:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62956a21-7b2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3evVaC%2B2Zzaz%2Fjybq6vcOmQCRAiHoblgMI0vzl7EPoZHw5cQX6tWK%2BWvYdK0zAnLdq1Yv%2F4uLlqyL60%2FfRLz23iwXbw%2BiMG8FIcacPIOM6s1beN3dRHCy%2FEgUmtxCaRMHnE7Q2iuVfzY3cX9sUXQbJxj"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79dec1603cbf0672-LHR
expires: Tue, 13 Feb 2024 08:57:41 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 204ms
61ms Script
text/javascript 2a00:1450:400d:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 21 Feb 2023 17:09:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 21 Feb 2024 17:09:58 GMT

GET
H2 200 ub.js Show response
d34qb8suadcc4g.cloudfront.net/ 5 KB
2 KB 154ms
47ms Script
application/javascript 2600:9000:2250:6800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Tue, 17 Jan 2023 21:41:41 GMT
content-encoding: gzip
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-version-id: TrrSG85SsnvjrZ_OWFs2jLqOdvnUHg06
last-modified: Tue, 17 Jan 2023 21:14:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 3150961
etag: "fde4d3457a50df6eb5c2e00c8f2ae5b3"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1865
x-amz-cf-id: YS6gWPRLAPhA7mJpmPFnGvzuOZxpYjMQ8pUS2AHFMFI3DshsjCjtow==

GET
H2 200 intlTelInput.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/ 29 KB
9 KB 179ms
104ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js

Requested by

Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e1c3be98af0f5091cbe3e28e515bab230453f9d7c0b8e9d0282af12fd0bb5e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 261545
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8923
last-modified: Tue, 31 May 2022 01:06:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62956a21-22db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HKQHi%2Fj%2Fp8R9HPhPREmFuqBuKKHbsbphhaj1zwCS6O8vvlsLL%2Fz%2F6rVcqPj2yt4ng2zi19bQyMjfmkIVY%2FTByWaO9zvOC1ZPLE%2FUN5Hv8S1a3I9eaN9zYGCU4oSVo%2B%2BbFFpEFQKM6aqU4ePrKenBLte0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79dec1603cc10672-LHR
expires: Tue, 13 Feb 2024 08:57:41 GMT

GET
H2 200 main.bundle-e1f0b93.z.js Show response
builder-assets.unbounce.com/published-js/ 104 KB
34 KB 61ms
60ms Script
application/javascript 13.32.99.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.99.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-99-104.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e1f0b93051ab9d1f671fdc1d489817df439cf571d9184c55e09a8a2de3d14234

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 09 Feb 2023 23:57:42 GMT
content-encoding: gzip
via: 1.1 89f400f550feb1d74a18ecb2070103ac.cloudfront.net (CloudFront)
x-amz-version-id: 17zN0KsTjJudzmBpRx16GR4geRdzQrok
last-modified: Thu, 09 Feb 2023 23:08:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 1155600
etag: "66a5c759b0a898469971e281c08667e4"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 33858
x-amz-cf-id: 9S75ChlmTGQznOHSGLgE2VNAd_3qjuvUKOXfQ09D57ZmMQrxJUaN6w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 787ms
93ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Feb 2023 08:57:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: kFTnZ1Y87vtwa3DFc327RBNxGrqcdg8Dkioav/NYPi2S+CFxia9K/zBbpGyXOvgcM9upyjjecFExFjNk+O2n3A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 request.js Show response
script.anura.io/ 55 KB
20 KB 827ms
439ms Script
application/javascript 44.227.76.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/request.js?instance=3552465468&source=3-&campaign=330&callback=anuraCallbackFunction&314862203990

Requested by

Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.76.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-76-101.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

cc051fe836ad6e4da7b0751f5565f7bb8e5e2127bf480d458f1d2de51ce3dd38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 08:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 / Show response
ipinfo.io/ 323 B
557 B 467ms
134ms Script
text/javascript 34.117.59.81
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://ipinfo.io/?token=6d3626439c7bd0&callback=jQuery360040855999133231946_1677142661287&_=1677142661288

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.117.59.81 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

81.59.117.34.bc.googleusercontent.com

Software

Resource Hash

e4b1b069a3bf87ce297f5f829f5cfb7b55285c8ce882feaeaa7ae9efde578ec7

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:41 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
content-encoding: gzip
via: 1.1 google
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 1; mode=block

GET
H2 200 flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/img/ 66 KB
66 KB 42ms
41ms Image
image/png 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/img/flags.png

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2181
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 67650
last-modified: Tue, 31 May 2022 01:06:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62956a21-10842"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OFcAw30SMu%2FFHC0MDFkv43bbaYL91Ab78xOOugbUIyEuKpTZ6kH2YKtP7C2Io0e4mhfn%2BZcuvhXZRzj9WfytuwLx0j4j84fx%2F39qIIGOOmwKtW4%2FXNDgMxxkuiypKWQuEYd%2BYEAqpLXTliVcqgvOPUGv"}],"group":"cf-nel","max_age":604800}
content-type: image/png; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79dec1615d800672-LHR
expires: Tue, 13 Feb 2024 08:57:41 GMT

GET
H2 200 sp-2.14.0.js Show response
d34qb8suadcc4g.cloudfront.net/ 98 KB
30 KB 58ms
58ms Script
application/javascript 2600:9000:2250:6800:1d:11cf:5800:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d34qb8suadcc4g.cloudfront.net/sp-2.14.0.js
Requested by: Host: d34qb8suadcc4g.cloudfront.net
URL: https://d34qb8suadcc4g.cloudfront.net/ub.js?1673990108
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2250:6800:1d:11cf:5800:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 05 Mar 2022 17:27:36 GMT
content-encoding: gzip
via: 1.1 4b07e670df891a80bcae1d5be052af3c.cloudfront.net (CloudFront)
x-amz-version-id: rVTqklA1qqyT_0VdOCY323BKPISR0uej
last-modified: Wed, 04 Nov 2020 01:35:32 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P2
age: 30641406
etag: "73de733c308b8b5e44d2a6242dc4bd99"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 30399
x-amz-cf-id: V_Sa65BBHRzEaDmy0U6DiHZ1_Cgb_5XEsLPBB8hxSETrKz_TBnK1kA==

GET
BLOB 200
OK 2161698e-7037-4102-b480-ae2b0e29bc71
https://offers.propertyleadr.net/ 5 KB
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://offers.propertyleadr.net/2161698e-7037-4102-b480-ae2b0e29bc71
Requested by: Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1dea7d05f3ac6b4c9702a5f77a4421fbb964e84886751bd78860f65b53c8c5b1

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length: 5579
Content-Type: text/css

GET
H2 200 css
fonts.ub-assets.com/ 4 KB
1 KB 300ms
186ms Stylesheet
text/css 99.86.4.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/css?family=Roboto:regular%7CLato:regular%7COswald:regular

Requested by

Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-e1f0b93.z.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-59.fra6.r.cloudfront.net

Software

Resource Hash

2ee20254e2a1995e8542177ce84da38ad8e91ab1e72d4452c59251c68f25bf1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
via: 1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amzn-requestid: 55622bf6-0e75-4e76-9d82-7baea287a9c1
x-cache: Miss from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: AyOU6GCIIAMFp6A=
content-length: 653
x-xss-protection: 0
cross-origin-opener-policy: same-origin-allow-popups
x-amzn-trace-id: Root=1-63f72a85-10b0329153ebf6f34ae3b237
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
x-amz-cf-id: LJF95ldcOWJSvWptMsqwJSZe-Mk1UD0jpLqalqXvY2jxMz_7XNaA4w==

GET
H2 200 b812fe36-birchmore-axiom_10hq0av00000000000001o.jpg
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/ 33 KB
33 KB 166ms
59ms Image
image/jpeg 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/b812fe36-birchmore-axiom_10hq0av00000000000001o.jpg
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ddfcd396746c545b74e9f11121613a1952834a94300cd8874a24699c030b81fd

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:11:26 GMT
x-amz-version-id: 72ksWomwvGvyYCOGTi6gi1bcLeQz6zkM
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 11:21:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 693976
etag: "8b29647a98865e3096e13b2fd3e3176c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 33555
x-amz-cf-id: R5JhAbUsP80dN3YMdij_yHYANILLBaOa0e_qPap4RO6whNxBaADEjg==

GET
H2 200 a558a888-birchmore-logo-white_106501a000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/ 2 KB
2 KB 204ms
97ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/a558a888-birchmore-logo-white_106501a000000000000028.png
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 4439e028ba9db0960be28bf0509fdbca630b98100778940533627c0fc675db8a

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:11:26 GMT
x-amz-version-id: q2HkX0nFszKJyuED0BH0L2icxJ40vCBX
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 11:21:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 693976
etag: "ae46e91f93d851c6d4877dd856d15757"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1604
x-amz-cf-id: lYvbmM8HrYfjhK7WKgu1R4tVPVy7F3F3MIyQ7ma6ukzIw9otKjjdKw==

GET
H2 200 e42e03f6-birchmore-axiom-furniture_1032034000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/ 2 KB
2 KB 205ms
98ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/e42e03f6-birchmore-axiom-furniture_1032034000000000000028.png
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e995219cd5fce77a5fdd4a30a2dbb11add8e36d36625141be81f4e86188427a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:11:26 GMT
x-amz-version-id: TnqcLkGYlcTQVJCcvKsRf21rUfKAlWUM
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 11:21:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 693976
etag: "d817200f0c2c0437ac221e94f36fd573"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1546
x-amz-cf-id: UGn2SpK5KMVjC1zIuh78UB7trl1TFdaTs6Jx222dSFuaZCpvmfaT7Q==

GET
H2 200 9c3b4a9c-birchmore-axiom-3-percent_1032034000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/ 1 KB
2 KB 202ms
95ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/9c3b4a9c-birchmore-axiom-3-percent_1032034000000000000028.png
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dadb87c60a559e9e26eddf924415668643cc3686cfb56b1c9757f1bf52a5bfb8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:11:26 GMT
x-amz-version-id: ofgW_5bWJb2NJlS95MMHCQgKCHz5ghM9
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 11:21:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 693976
etag: "ed22343ccf91ec53b148b8a67dc5e58a"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1212
x-amz-cf-id: aNJYrzKSgZqYq72U2vmUN3undCkdfYBADTMmOvy74mp4YAiyOFGuTA==

GET
H2 200 ccb5dd98-birchmore-axiom-handshake_1032034000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/ 2 KB
2 KB 205ms
99ms Image
image/png 52.222.250.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/birchmore-axiom/ccb5dd98-birchmore-axiom-handshake_1032034000000000000028.png
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.250.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-250-12.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 74b995f874c89ed7be6491ba627315212291d80f2c9884c694ef4d34422812cb

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 15 Feb 2023 08:11:26 GMT
x-amz-version-id: KrbW1_N6QDefccme8BsHqDTeQAcgZBiE
via: 1.1 74c5b19a4695b76162adbf07ed9ef370.cloudfront.net (CloudFront)
last-modified: Wed, 08 Feb 2023 11:21:38 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P3
age: 693976
etag: "6b103bf82b3e8558723616622efe1f07"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 1608
x-amz-cf-id: _AbRbCiL748HtqMjVIsJuSPrXhW6bMV3WZ0xOVqiCLTCl4w8-E8TVA==

GET
H2 200 i
events.ub-analytics.com/ 43 B
245 B 509ms
185ms Image
image/gif 34.238.109.20
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.ub-analytics.com/i?stm=1677142661453&e=pv&url=https%3A%2F%2Foffers.propertyleadr.net%2Fbirchmore-axiom%2F%3Faffiliate_id%3D3%26sub_id%3D%26ckm_request_id%3D99530835%26country%3DGB&refr=https%3A%2F%2Fr-ext.oferting.org%2F&tv=js-2.14.0&tna=sp-ub&aid=landing_page&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&eid=30e85302-ee87-451e-b5ae-0a3b5c7c8075&dtm=1677142661451&vp=1600x1200&ds=1600x1270&vid=1&sid=676d0ba9-b9de-424d-a31c-b532b98e6f23&duid=81a18d8c-d6c9-40f0-af73-ea03f345bc24&uid=03fd9b08-755b-4710-a90b-405e5ed3d87a&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoianNfdHJhY2tlcl9jb250ZXh0X3YxLjEuanNvbiIsImRhdGEiOnsicGFnZUlkIjoiODAzNGMzNDctZGQxNC00NmNkLWIyZDEtYzg5YWU3M2EwNDk4IiwidmFyaWFudElkIjoiYSIsImV2ZW50VHlwZSI6InZpc2l0IiwiZXZlbnRNZXRhZGF0YSI6W10sInJvdXRpbmdTdHJhdGVneSI6InNpbmdsZSJ9fV19
Requested by: Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.238.109.20 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-238-109-20.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-origin: *
date: Thu, 23 Feb 2023 08:57:41 GMT
access-control-allow-credentials: true
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
server: akka-http/10.0.9
content-length: 43
content-type: image/gif

GET
H2 200 TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
fonts.ub-assets.com/fonts/s/oswald/v49/ 10 KB
10 KB 294ms
193ms Font
font/woff2 99.86.4.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/oswald/v49/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular%7CLato:regular%7COswald:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-59.fra6.r.cloudfront.net

Software

Resource Hash

81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:regular%7CLato:regular%7COswald:regular
Origin: https://offers.propertyleadr.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 10:45:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 9840
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7855943
x-amzn-requestid: e715c557-9be6-43ee-bd02-42a14a1cdb28
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cGixwEdyIAMF9Rg=
content-length: 9863
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:24:04 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637f4b3e-251ac16d3aceb13a2fa2b231
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: NKRO6m9CeR8dothFe2qaCI2kyaxn7lJVJtm3qMorm9lFVip9chXZQQ==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.ub-assets.com/fonts/s/roboto/v30/ 15 KB
16 KB 294ms
194ms Font
font/woff2 99.86.4.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular%7CLato:regular%7COswald:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-59.fra6.r.cloudfront.net

Software

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:regular%7CLato:regular%7COswald:regular
Origin: https://offers.propertyleadr.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 24 Nov 2022 01:16:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 15744
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 7890058
x-amzn-requestid: 0d806ba1-5c21-4cc0-a8d8-223c0880d621
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: cFPfOEgpoAMFwVA=
content-length: 15767
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-637ec5fa-54f3fdb951696a132c8fb828
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: PkDsbMZjWU_dMAjImEvzfQ3vAwO3U6bLAQLv4FC64iX03qVVux0hzg==

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.ub-assets.com/fonts/s/lato/v23/ 23 KB
24 KB 287ms
194ms Font
font/woff2 99.86.4.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.ub-assets.com/fonts/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Roboto:regular%7CLato:regular%7COswald:regular

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.4.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-59.fra6.r.cloudfront.net

Software

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.ub-assets.com/css?family=Roboto:regular%7CLato:regular%7COswald:regular
Origin: https://offers.propertyleadr.net
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Sat, 21 Jan 2023 04:15:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-amzn-remapped-content-length: 23580
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2868153
x-amzn-requestid: 013f78c5-4c90-4218-97ac-520a20d485b2
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
x-amz-apigw-id: fEz_6EftoAMF6hw=
content-length: 23578
x-xss-protection: 0
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
cross-origin-opener-policy: same-origin; report-to="apps-themes"
x-amzn-trace-id: Root=1-63cb66cc-7a77ca1857547dd628802e05
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
timing-allow-origin: *
x-amz-cf-id: BjqUXSQTR-h64ArWag37SQ9BsbJ3AnYhGUN96kUdjn3dSs32E4-FPA==

GET
H2 200 2183216491990889 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 171ms
170ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2183216491990889?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7a73c68fb8f4a9078201ab31fd50405c013c1ed9c11344e01e53e9936f321b68

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Feb 2023 08:57:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: ej5UIda7iGbw/ns/h+wwI97UltW95376aoSrRya4Kj8NAwLKggiFEbzVOQY5AUIUbDKe3oAVi2YrxtQigKwlQg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 showads.js Show response
ads.anura.io/ 0
352 B 162ms
50ms XHR
application/javascript 18.66.147.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.anura.io/showads.js?917936848474
Requested by: Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3552465468&source=3-&campaign=330&callback=anuraCallbackFunction&314862203990
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.147.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-147-34.fra60.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Wed, 22 Feb 2023 14:31:11 GMT
content-encoding: gzip
via: 1.1 cfa647edefc0769e715b9781478b0626.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA60-P4
age: 66391
vary: Accept-Encoding
x-cache: Hit from cloudfront
access-control-allow-methods: GET
access-control-allow-origin: *
content-type: application/javascript; charset=utf-8
x-amz-cf-id: up3isbzB7jSWji7eqkB9hot6N6BjSRoN9DPSsS323VWh0FQFRXEYYg==

GET
H2 200 820979408346016 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 244ms
244ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/820979408346016?v=2.9.96&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc93a85e1ee53b2fa67a4c07e6655aba061b4358a5a3d75e9b6fc1d10d848651

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 23 Feb 2023 08:57:42 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: vSadK/Y5jIKanmyC/pYuvO4OXqaAYBH5oMXUJv+nuot5RbyTcskl2gAJpLY6ZAIyOqLpP6eeP+/VLlf90M9zTg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 163ms
48ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2183216491990889&ev=PageView&dl=https%3A%2F%2Foffers.propertyleadr.net%2Fbirchmore-axiom%2F%3Faffiliate_id%3D3%26sub_id%3D%26ckm_request_id%3D99530835%26country%3DGB&rl=https%3A%2F%2Fr-ext.oferting.org%2F&if=false&ts=1677142662410&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677142662409.1047321601&it=1677142662117&coo=false&rqm=GET

Requested by

Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Feb 2023 08:57:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 response.json Show response
script.anura.io/ 52 B
405 B 763ms
393ms XHR
application/json 44.227.76.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/response.json

Requested by

Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3552465468&source=3-&campaign=330&callback=anuraCallbackFunction&314862203990

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.76.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-76-101.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

723e1960de259551e9f7deef60050be89faeb8c1909f55e25d58e67cc2c077fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.propertyleadr.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 08:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

GET
H2 200 /
www.facebook.com/tr/ 0
31 B 49ms
48ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=820979408346016&ev=PageView&dl=https%3A%2F%2Foffers.propertyleadr.net%2Fbirchmore-axiom%2F%3Faffiliate_id%3D3%26sub_id%3D%26ckm_request_id%3D99530835%26country%3DGB&rl=https%3A%2F%2Fr-ext.oferting.org%2F&if=false&ts=1677142662693&sw=1600&sh=1200&v=2.9.96&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677142662409.1047321601&it=1677142662117&coo=false&rqm=GET

Requested by

Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Feb 2023 08:57:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 utils.min.js Show response
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/ 243 KB
45 KB 45ms
45ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/utils.min.js?1638200991544

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c0e60fe564204f7212e981e84dccc15221911aa597c238e9d0783f9151c652b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date: Thu, 23 Feb 2023 08:57:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 14582
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45533
last-modified: Tue, 31 May 2022 01:06:41 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "62956a21-b1dd"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2RBjoPtwxZbBmPYhs2k1nmmeq%2Bxdrdb1DPA8M5Iw7ZLVOWslyF2kkT2ei2uOfxFQp7POcxv8%2BwAA%2BjbCKNnkM8FAVlhvJAolEyt4Q8xVaG4M93uTjR7p8QmuVo7MxqECv0J%2FmnqGytw2tQMubTmIeAyP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 79dec16a48ec7572-LHR
expires: Tue, 13 Feb 2024 08:57:42 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 50ms
49ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2183216491990889&ev=Microdata&dl=https%3A%2F%2Foffers.propertyleadr.net%2Fbirchmore-axiom%2F%3Faffiliate_id%3D3%26sub_id%3D%26ckm_request_id%3D99530835%26country%3DGB&rl=https%3A%2F%2Fr-ext.oferting.org%2F&if=false&ts=1677142662912&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Foffers.propertyleadr.net%2Fbirchmore-axiom%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.1.1677142662409.1047321601&it=1677142662117&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Feb 2023 08:57:42 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 49ms
49ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=820979408346016&ev=Microdata&dl=https%3A%2F%2Foffers.propertyleadr.net%2Fbirchmore-axiom%2F%3Faffiliate_id%3D3%26sub_id%3D%26ckm_request_id%3D99530835%26country%3DGB&rl=https%3A%2F%2Fr-ext.oferting.org%2F&if=false&ts=1677142663195&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Atitle%22%3A%22http%3A%2F%2Foffers.propertyleadr.net%2Fbirchmore-axiom%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.96&r=stable&ec=1&o=30&fbp=fb.1.1677142662409.1047321601&it=1677142662117&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://offers.propertyleadr.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 23 Feb 2023 08:57:43 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

POST
H2 200 result.json Show response
script.anura.io/ 41 B
397 B 206ms
205ms XHR
application/json 44.227.76.101
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.anura.io/result.json

Requested by

Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/birchmore-axiom/?affiliate_id=3&sub_id=&ckm_request_id=99530835&country=GB

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.227.76.101 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-44-227-76-101.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.propertyleadr.net/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Thu, 23 Feb 2023 08:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires: Sun, 28 Dec 1980 18:57:00 EST

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: x.bidswitch.net
URL: https://x.bidswitch.net/syncd?dsp_id=256&user_group=2&user_id=36f48899-e2c8-4d50-aeb9-1bbd85e87aac&redir=%2F%2Fi.liadm.com%2Fs%2F52176%3Fbidder_id%3D5298%26bidder_uuid%3D%24%7BBSW_UID%7D

Domain: i.liadm.com
URL: https://i.liadm.com/s/e/a-00xy/0/0e0ea1ad45b247058f1120fd8dc424a3?mpid=82775&muid=30195978000132535223132721244800683464

Domain: x.dlx.addthis.com
URL: https://x.dlx.addthis.com/e/live_intent_sync?na_exid=36f48899-e2c8-4d50-aeb9-1bbd85e87aac

Domain: b1sync.zemanta.com
URL: https://b1sync.zemanta.com/usersync/liveintent/?cb=%2F%2Fi.liadm.com%2Fs%2F35004%3Fbidder_id%3D98254%26bidder_uuid%3D__ZUID__

Verdicts & Comments Add Verdict or Comment

34 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
offers.propertyleadr.net/birchmore-axiom/	1970-01-20 14:17:20	Name: ubpv Value: a%2C8034c347-dd14-46cd-b2d1-c89ae73a0498
trac.oferting.org/of	1970-01-20 09:52:22	Name: emntkgidentifiant Value: 341f7v1f3jv6arbxg0ax34wr78g4c1ql
trac.oferting.org/of	1970-01-20 10:35:34	Name: emntkgidentifiant_cpl Value: 341f7v1f3jv6arbxg0ax34wr78g4c1ql
trac.oferting.org/of	1970-01-20 10:35:34	Name: emntkgidentifiant_cpv Value: 341f7v1f3jv6arbxg0ax34wr78g4c1ql
trac.oferting.org/of	1970-01-20 09:52:22	Name: emntkg_b9bd3c7a94a13c110227336e53e16ec9 Value: 5776%7C391845%7C871%7C0%7C
trac.oferting.org/of	1970-01-20 10:35:34	Name: emntkg_cpl_b9bd3c7a94a13c110227336e53e16ec9 Value: 5776%7C391845%7C871%7C0%7C
trac.oferting.org/of	1970-01-20 10:35:34	Name: emntkg_cpv_b9bd3c7a94a13c110227336e53e16ec9 Value: 5776%7C391845%7C871%7C0%7C
r-ext.oferting.org/r	1970-01-20 09:52:22	Name: _liChk Value: 0.9947155854176486
i.liadm.com/s	1970-01-20 10:35:34	Name: _li_ss Value: CjMKBQgKELcUCgUIeRC3FAoFCAYQtxQKBgiBARC3FAoFCAsQtxQKBgiLARC3FAoFCH4QtxQ
.oferting.org/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .oferting.org
.oferting.org/	1970-01-20 19:28:22	Name: _lc2_fpi Value: 0d3d1fb3a190--01gsyqw360zwzx1gjn159ndmm4
.liadm.com/	1970-01-20 19:28:22	Name: lidid Value: 36f48899-e2c8-4d50-aeb9-1bbd85e87aac
.adleadrnetwork.com/	1969-12-31 23:59:59	Name: sid Value: RHGcWsRvE8hTFLV0LPTlT05gwiVdg7+0mhSYDawJNv/YE+O5mmzFgw==
.adleadrnetwork.com/	1970-01-20 19:28:22	Name: trk Value: aMQl2xkMiEJTFLV0LPTlT05gwiVdg7+0mhSYDawJNv/YE+O5mmzFgw==
.adleadrnetwork.com/	1970-01-20 10:35:34	Name: c330 Value: RHGcWsRvE8hTj+7QBcU9hoLEkjief/6ICEkVHviE1Z0=
.mathtag.com/	1970-01-20 19:18:17	Name: uuid Value: e19a63f7-2a84-4800-8b1d-e7dca1b49991
.demdex.net/	1970-01-20 14:11:34	Name: demdex Value: 30195978000132535223132721244800683464
.dpm.demdex.net/	1970-01-20 14:11:34	Name: dpm Value: 30195978000132535223132721244800683464
offers.propertyleadr.net/	1970-01-20 14:11:34	Name: ubvs Value: 03fd9b08-755b-4710-a90b-405e5ed3d87a
.propertyleadr.net/	1970-01-20 09:56:41	Name: ubvt Value: v2%7C03fd9b08-755b-4710-a90b-405e5ed3d87a%7C8034c347-dd14-46cd-b2d1-c89ae73a0498%3Aa%3Asingle
.propertyleadr.net/	1970-01-20 12:01:58	Name: _fbp Value: fb.1.1677142662409.1047321601

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bam.nr-data.net/1/801818eb79?a=67561576&v=1225.PROD&to=b1BbMUZZDxBTAkFYWlYabBddFwgNVgRNH0VQRQ%3D%3D&rst=2875&ck=0&s=cc4ddc9ff362461f&ref=https://r-ext.oferting.org/r/&ap=18&be=1991&fe=726&dc=91&perf=%7B%22timing%22:%7B%22of%22:1677142656067,%22n%22:0,%22f%22:1701,%22dn%22:1702,%22dne%22:1770,%22c%22:1770,%22s%22:1815,%22ce%22:1868,%22rq%22:1868,%22rp%22:1959,%22rpe%22:1971,%22dl%22:1974,%22di%22:2082,%22ds%22:2082,%22de%22:2082,%22dc%22:2716,%22l%22:2716,%22le%22:2718%7D,%22navigation%22:%7B%7D%7D&fp=2024&fcp=2024&at=QxdYRw5DHB4%3D&jsonp=NREUM.setToken Message: Failed to load resource: the server responded with a status of 402 (Payment Required)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

05mdsexvt3d2jrj-c.adktrack34.xyz
adleadrnetwork.com
ads.anura.io
ajax.googleapis.com
b-code.liadm.com
b1sync.zemanta.com
bam.nr-data.net
builder-assets.unbounce.com
cdn.taboola.com
cdnjs.cloudflare.com
connect.facebook.net
d34qb8suadcc4g.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
events.ub-analytics.com
fonts.ub-assets.com
go.oferting.org
i.liadm.com
ipinfo.io
js-agent.newrelic.com
match.adsrvr.org
offers.propertyleadr.net
r-ext.oferting.org
rp.liadm.com
rp4.liadm.com
script.anura.io
singasong.site
sync.mathtag.com
trac.oferting.org
trc-events.taboola.com
trc.taboola.com
www.facebook.com
www.google-analytics.com
www.googletagmanager.com
www.hasadom3.com
x.bidswitch.net
x.dlx.addthis.com
b1sync.zemanta.com
i.liadm.com
x.bidswitch.net
x.dlx.addthis.com
122.50.1.165
13.32.99.104
13.38.173.133
141.226.230.48
151.101.129.44
151.101.2.137
162.247.241.14
18.66.147.34
185.29.134.244
2600:1f18:730:b150:c90c:2ea1:7b24:4959
2600:9000:2250:6800:1d:11cf:5800:93a1
2600:9000:225e:3a00:8:8845:1500:93a1
2606:4700::6811:190e
2a00:1450:4001:829::200e
2a00:1450:400d:80e::2008
2a00:1450:400d:80e::200a
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.248.94.153
3.33.220.150
3.69.136.55
34.117.59.81
34.193.23.165
34.238.109.20
44.227.76.101
46.51.165.61
50.19.70.165
52.222.250.12
54.246.129.40
57.128.19.228
99.86.4.59
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1dea7d05f3ac6b4c9702a5f77a4421fbb964e84886751bd78860f65b53c8c5b1
24f7deb1b09ba44cc10e7da6cefa49cd9f362ed88bbd0faf5d3bc5bbafad6a5d
2e8292b18fc2acc297e1aa6acc6abe05136604137e744ba1b49984df330562bb
2ee20254e2a1995e8542177ce84da38ad8e91ab1e72d4452c59251c68f25bf1a
381155c11bc1056001c15459d40b1a9e44f386fc2a9ce85cf1aba05eeeb0f112
4439e028ba9db0960be28bf0509fdbca630b98100778940533627c0fc675db8a
5251292502f489870fd167ed3da10585b68bfc903dbcc086c8729b35f00a60aa
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
6e1c3be98af0f5091cbe3e28e515bab230453f9d7c0b8e9d0282af12fd0bb5e1
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
723e1960de259551e9f7deef60050be89faeb8c1909f55e25d58e67cc2c077fc
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
74b995f874c89ed7be6491ba627315212291d80f2c9884c694ef4d34422812cb
7929082d8761c3db532e83d1630ad642747808517060e2432056f4050f4ebd9a
7a73c68fb8f4a9078201ab31fd50405c013c1ed9c11344e01e53e9936f321b68
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
81cd29d1413ecf75834fb3ce1da572fe5c39e53b22c61f5dafec5b14ed4ee12e
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c0e60fe564204f7212e981e84dccc15221911aa597c238e9d0783f9151c652b
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9cf1a295d768ebe9757c34f0ddda641b45eb1adb638294b129d540070b76d5c8
a799d28c460ace92c850b994d9a0b83f2a7a1f1f633bac361b0d165fcfd1bbd6
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
bc93a85e1ee53b2fa67a4c07e6655aba061b4358a5a3d75e9b6fc1d10d848651
bd5fb37fcb57bc894324f4096be92a631840e147576b9fc3bf2767e6c248778d
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc051fe836ad6e4da7b0751f5565f7bb8e5e2127bf480d458f1d2de51ce3dd38
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
dadb87c60a559e9e26eddf924415668643cc3686cfb56b1c9757f1bf52a5bfb8
dca9b6afcb6c37d6a32456973fe5f2986a348a70d11774e102de6fc420992a19
ddfcd396746c545b74e9f11121613a1952834a94300cd8874a24699c030b81fd
e1f0b93051ab9d1f671fdc1d489817df439cf571d9184c55e09a8a2de3d14234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b1b069a3bf87ce297f5f829f5cfb7b55285c8ce882feaeaa7ae9efde578ec7
e995219cd5fce77a5fdd4a30a2dbb11add8e36d36625141be81f4e86188427a7
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
ecfc43c816972f4c69630f4f5c99ad435b7172bab1771f74748063435a003ed4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321
f98f9ef9c402fbfad2543c4ddf016e7fb61f45c7c57ecda75e6d7f2c0dde1a42
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

offers.propertyleadr.net Open in urlscan Pro 3.69.136.55 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

87 %HTTPS

29 %IPv6

27 Domains

36 Subdomains

26 IPs

5 Countries

796 kBTransfer

2242 kBSize

21 Cookies

0 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

offers.propertyleadr.net Open in urlscan Pro
3.69.136.55 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

87 %
HTTPS

29 %
IPv6

27
Domains

36
Subdomains

26
IPs

5
Countries

796 kB
Transfer

2242 kB
Size

21
Cookies

62 HTTP transactions
1 data transactions