urlscan.io logo urlscan.io
SecurityTrails logo

anmdev.dateufriend.com Open in urlscan Pro
54.228.153.41  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tracehere.page.link/cl-private-profile
Effective URL: https://anmdev.dateufriend.com/c/1e3a4e532f1c7040?s1=123803&s2=1305870&s3=56200&click_id=mlClick-rfs220Og&j1=1&j3=1
Submission: On September 12 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 10 IPs in 3 countries across 10 domains to perform 16 HTTP transactions. The main IP is 54.228.153.41, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is anmdev.dateufriend.com.
TLS certificate: Issued by R3 on August 10th 2021. Valid for: 3 months.
This is the only time anmdev.dateufriend.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 64.233.184.138 15169 (GOOGLE)
3 172.67.218.21 13335 (CLOUDFLAR...)
1 23.79.157.45 16625 (AKAMAI-AS)
1 2 104.117.218.66 16625 (AKAMAI-AS)
1 184.24.7.88 16625 (AKAMAI-AS)
3 74.125.206.102 15169 (GOOGLE)
1 66.102.1.156 15169 (GOOGLE)
1 151.101.114.137 54113 (FASTLY)
1 185.221.87.248 206998 (NEW-2)
1 54.228.153.41 16509 (AMAZON-02)
16 10
1    64.233.184.138 (United States)

ASN15169 (GOOGLE, US)
PTR: wa-in-f138.1e100.net
tracehere.page.link
3    172.67.218.21 (United States)

ASN13335 (CLOUDFLARENET, US)
lead2.pl
1    23.79.157.45 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-157-45.deploy.static.akamaitechnologies.com
www.g2a.com
2    104.117.218.66 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-117-218-66.deploy.static.akamaitechnologies.com
s.click.aliexpress.com
best.aliexpress.com
1    184.24.7.88 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-24-7-88.deploy.static.akamaitechnologies.com
www.gearbest.com
3    74.125.206.102 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f102.1e100.net
www.google-analytics.com
1    66.102.1.156 (United States)

ASN15169 (GOOGLE, US)
PTR: wb-in-f156.1e100.net
stats.g.doubleclick.net
1    151.101.114.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
js-agent.newrelic.com
1    185.221.87.248 (Ireland)

ASN206998 (NEW-2, IE)
bam.eu01.nr-data.net
1    54.228.153.41 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-228-153-41.eu-west-1.compute.amazonaws.com
anmdev.dateufriend.com
Domain Requested by
3 www.google-analytics.com lead2.pl
www.google-analytics.com
3 lead2.pl lead2.pl
1 anmdev.dateufriend.com lead2.pl
1 bam.eu01.nr-data.net lead2.pl
js-agent.newrelic.com
1 js-agent.newrelic.com lead2.pl
1 stats.g.doubleclick.net lead2.pl
1 www.gearbest.com lead2.pl
1 best.aliexpress.com lead2.pl
1 s.click.aliexpress.com 1 redirects
1 www.g2a.com lead2.pl
1 tracehere.page.link 1 redirects
16 11

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-12-28 -
2021-12-27		 a year crt.sh
www.g2a.com
DigiCert SHA2 Extended Validation Server CA		 2019-09-12 -
2021-10-11		 2 years crt.sh
ae01.alicdn.com
DigiCert SHA2 Secure Server CA		 2021-04-01 -
2022-03-28		 a year crt.sh
*.gearbest.com
DigiCert SHA2 Secure Server CA		 2021-05-14 -
2022-05-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-23 -
2021-11-15		 3 months crt.sh
*.newrelic.com
R3		 2021-07-19 -
2021-10-17		 3 months crt.sh
*.eu01.nr-data.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-24 -
2022-06-24		 a year crt.sh
*.dateufriend.com
R3		 2021-08-10 -
2021-11-08		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://anmdev.dateufriend.com/c/1e3a4e532f1c7040?s1=123803&s2=1305870&s3=56200&click_id=mlClick-rfs220Og&j1=1&j3=1
Frame ID: 6E7FEECDA766D34C55DBBC84913892C3
Requests: 13 HTTP requests in this frame

Frame: https://www.g2a.com/n/reflink-381235804a
Frame ID: FF88BC2C26ABB8AAB525A8EE725B6599
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?aff_fcid=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&terminal_id=e35cd14b76cb425fb212eb779890daca
Frame ID: EFC6C7F8F00315ACED2F3D7254E96FBB
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=78540179
Frame ID: F7A905D8E6CA0BB9F1A018B34A7ABCC2
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://tracehere.page.link/cl-private-profile HTTP 302
    https://lead2.pl/p/5b5R/6Z3r/RFEN Page URL
  2. https://anmdev.dateufriend.com/c/1e3a4e532f1c7040?s1=123803&s2=1305870&s3=56200&click_id=mlClick-rfs220Og&j... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

16
Requests

81 %
HTTPS

0 %
IPv6

10
Domains

11
Subdomains

10
IPs

3
Countries

62 kB
Transfer

153 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tracehere.page.link/cl-private-profile HTTP 302
    https://lead2.pl/p/5b5R/6Z3r/RFEN Page URL
  2. https://anmdev.dateufriend.com/c/1e3a4e532f1c7040?s1=123803&s2=1305870&s3=56200&click_id=mlClick-rfs220Og&j1=1&j3=1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://tracehere.page.link/cl-private-profile HTTP 302
  • https://lead2.pl/p/5b5R/6Z3r/RFEN
Request Chain 3
  • https://s.click.aliexpress.com/e/_d6GDFTu HTTP 302
  • https://best.aliexpress.com/?aff_fcid=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&terminal_id=e35cd14b76cb425fb212eb779890daca

16 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
RFEN
lead2.pl/p/5b5R/6Z3r/
Redirect Chain
  • https://tracehere.page.link/cl-private-profile
  • https://lead2.pl/p/5b5R/6Z3r/RFEN
31 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
04aa61be502172baa316076d9b4348e17c1ff20b99225258fa7513c73866d906

Request headers

:method
GET
:authority
lead2.pl
:scheme
https
:path
/p/5b5R/6Z3r/RFEN
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Sun, 12 Sep 2021 03:11:31 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
cache-control
no-cache, no-store, private
x-robots-tag
noindex, nofollow
set-cookie
605f01b1409979f1b4f5151f8eefb28a=605f01b1409979f1b4f5151f8eefb28a; expires=Mon, 12-Sep-2022 03:11:31 GMT; Max-Age=31536000; path=/; secure; httponly; samesite=lax
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ywu6oEEyelCzA1axYHYzYDAHlf0GVO58IAUhk4d8Ctv39hFIQYN%2BPX%2FlwfUF1CdV0VOuYZhjpwelvBJDukRqJiV%2Fu2ft4FXmdNVIndbW1gQM4jnQfDB5h8DFVg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
68d5f2e9b8aa2784-PRG
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

content-type
application/binary
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Sun, 12 Sep 2021 03:11:30 GMT
location
https://lead2.pl/p/5b5R/6Z3r/RFEN
content-security-policy
script-src 'report-sample' 'nonce-r4ylRtNY3f7xgqrLtkBkJQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/DurableDeepLinkUi/cspreport;worker-src 'self' script-src 'nonce-r4ylRtNY3f7xgqrLtkBkJQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com https://www.googleapis.com/appsmarket/v2/installedApps/;report-uri /_/DurableDeepLinkUi/cspreport require-trusted-types-for 'script';report-uri /_/DurableDeepLinkUi/cspreport
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
same-site
server
ESF
content-length
0
x-xss-protection
0
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
03032020.min.js
lead2.pl/js/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lead2.pl/js/03032020.min.js
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.218.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4a0dd05cafdce90b48c1b89ae4d86f1120a0fdc7a9e929edb1ebe0404f663dad

Request headers

sec-fetch-mode
no-cors
device-memory
8
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
script
cookie
605f01b1409979f1b4f5151f8eefb28a=605f01b1409979f1b4f5151f8eefb28a
:path
/js/03032020.min.js
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
lead2.pl
referer
https://lead2.pl/p/5b5R/6Z3r/RFEN
:scheme
https
sec-fetch-site
same-origin
:method
GET
Device-Memory
8
Referer
https://lead2.pl/p/5b5R/6Z3r/RFEN
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date
Sun, 12 Sep 2021 03:11:31 GMT
content-encoding
br
cf-cache-status
REVALIDATED
last-modified
Tue, 03 Mar 2020 10:38:41 GMT
server
cloudflare
etag
W/"5e5e33b1-813d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yRrYSvoHesORuJRPZ%2BXeX0xdqVIG1SKsi%2F7qQwPo2e6jqXxbIm5ATqEXWr0LRTDTT%2B1CexA1yz67gpFzff42OtYf%2BiZxvsj%2FIHSMNF3GchVFh5Ga8Eb3d%2BNrDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d5f2ec39d82784-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
reflink-381235804a
www.g2a.com/n/ Frame FF88 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.g2a.com/n/reflink-381235804a
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.79.157.45 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-157-45.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'none'
Strict-Transport-Security max-age=15724800; includeSubDomains
X-Frame-Options DENY

Request headers

:method
GET
:authority
www.g2a.com
:scheme
https
:path
/n/reflink-381235804a
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lead2.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lead2.pl/

Response headers

content-type
text/html; charset=utf-8
content-security-policy
frame-ancestors 'none'
request-id
|cd99add5-8513-40c0-88c0-e477c6a3f8f5.
x-frame-options
DENY
strict-transport-security
max-age=15724800; includeSubDomains
x-akamai-transformed
9 2943 0 pmb=mTOE,3mRUM,1
vary
Accept-Encoding
content-encoding
gzip
date
Sun, 12 Sep 2021 03:11:31 GMT
content-length
3275
server-timing
cdn-cache; desc=MISS edge; dur=7 origin; dur=17
set-cookie
bm_mi=CED2609E35EBEDB93A6D98B8D0BE9CA8~eVbpImlP3RzgnSyT2W0BzVYN1bfoeFVmxiy4wtbEx3Frapo7YHmO4MR/3FkJt6lYfP7vIxBSv0mODXlCHXLbsDgTW24AX0z8pu2XWOJbbVbR/ClWehYZZXSvmlKbMrcYPAwo47TRpyd8vtT0Rcpr3nrCF8kSmglBSFtGZvkL7B+Qs57qc9KUPxc+b17GobhDVQ/3Kfv3tfn2IDm+Gpeg6GbksfXDXMGYEJm7WDDY5TLCtyN3LEH/zM63WMtLMWbD; Domain=.g2a.com; Path=/; Max-Age=0; HttpOnly _abck=51FA3DA1F812087E3626D53009189BD8~-1~YAAQ3GQRAmZM0cV7AQAAIBD91wZX3IlMEqTt8s8mUzVNT81DTaZKPDpFjITP0H5BY92KrwODj3D1rqRL2RJs8iIlP5f4osicgBwagFEA65Cdw5gnzAYdPTUA9K0NFt3JrsX8n/GWroMlDkKWWyb0NpmnqNTpqYVIULmZPLNKfByjF4hoOAFV0z1LS48SYyh+HWqFM6ZzsX+PNh49HVGbV63CYqtjBaMPRhZOC1yl6U8lNu3vT1anAWWqQikTlzCq/CQr7UB1CuV4c2M+tr9/hi/p4341jY8uHa1Yz2o0IwDyJ3AjocN4wVEV8fVXXE2pE0GaLLUbPzrPBhkj6naXk5WBXKEgxrdAZjxWjdRTvqaryAvhQaxq8jQ=~-1~-1~-1; Domain=.g2a.com; Path=/; Expires=Mon, 12 Sep 2022 03:11:31 GMT; Max-Age=31536000; Secure ak_bmsc=5BE13AFE7FA9F928D96B946B47DC5770~000000000000000000000000000000~YAAQ3GQRAmdM0cV7AQAAIBD91w0D3njDw5O2irRVWHKkUeIflQyBSwkWmfh9lsjdO2JJB5Y+bVLrswfB0xdq8agmV1jS5g9AyIUbt3RGF7oFhi8nYDr1pB2RBTUjz2lRXM+l5la8Aql4ajeqriTQUasKEiFHaZGTdb2XWBZGq4aR4wUygwV9/LUFrIrAjrCajJEWDGTfc1DRKMsv2qlpKUYBdDY7jsH4FoHmSNjcX5GxF+CTj853LxZdAtYYZB2zXKZDcac/o4unmz5tSr1K3taYzUYuKYu9WT2tlGrhzaVSrbFXpREmARDChYMumTpTuH70FBtLWD0RfHR7YM3UozeLt9aPx86SPJMtxss3YX1OKDV4elO7JeoyxVVK9T3sowES+G4839RD; Domain=.g2a.com; Path=/; Expires=Sun, 12 Sep 2021 05:11:31 GMT; Max-Age=7200; HttpOnly bm_sz=2205B4FF077B2827DE7EB9EB7ED1AB7D~YAAQ3GQRAmhM0cV7AQAAIBD91w36KVfKjc3pK3gE78aln2FGMr0bq5txCJ6UczCzH3+M4Ad5ez0rXYi625Ug8IaToNh/Kx8gkbwTAkQYSS4VHuYbODfVoJrD6jBiJpdu/J6VLxnnjo9g5eDH+8xG7cxsqLC2DJpR3BbaWkuHCfosA0J6Z0hu2RH3THRvabLJQKQr9+PNwgN+xnSHnhthlNRRmIiR71JVurimSXKvl+AdYNcAovxKm4cJGwFJpuSwfvu7kn7v/TZ8pmqFTMlobnuV9jpsn2af1Bb0dj/QUB4=~3551283~3289397; Domain=.g2a.com; Path=/; Expires=Sun, 12 Sep 2021 07:11:31 GMT; Max-Age=14400
/
best.aliexpress.com/ Frame EFC6
Redirect Chain
  • https://s.click.aliexpress.com/e/_d6GDFTu
  • https://best.aliexpress.com/?aff_fcid=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=1908b8e678ec411cbbc9cb9...
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://best.aliexpress.com/?aff_fcid=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&terminal_id=e35cd14b76cb425fb212eb779890daca
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.117.218.66 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-117-218-66.deploy.static.akamaitechnologies.com
Software
Tengine/Aserver /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
best.aliexpress.com
:scheme
https
:path
/?aff_fcid=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&terminal_id=e35cd14b76cb425fb212eb779890daca
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://lead2.pl/
accept-encoding
gzip, deflate, br
cookie
xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%221908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu%22%2C%22affiliateKey%22%3A%22_d6GDFTu%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008100042%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222081345757%22%2C%22tagtime%22%3A1631416291453%7D&acs_rt=e35cd14b76cb425fb212eb779890daca; acs_usuc_t=x_csrf=1akb1wppfo6ei&acs_rt=e35cd14b76cb425fb212eb779890daca; aeu_cid=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu; xman_t=vmjwMbWsoRsEXM0Pq+1+l362aM0VtIlqFx5Uz4+wraXBBO+wfZoDi7lVj3G1t8j0; xman_f=xlK02APC1BUTSwDPfMu+Q3CDE69M+0dusoTI8JIpBdeUCe2mCiPLss16UNBU8YZGvsrxlFFFaP6is1Lxm95X6wHErDqo6g5tjiLTH+Ju7mbVzAptH1wQ0Q==; af_ss_a=1
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lead2.pl/

Response headers

content-type
text/html;charset=UTF-8
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
x-application-context
ae-traffic-affiliateweb-f:prod,de:7001
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
x-frame-options
DENY
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
content-language
de-DE
content-encoding
gzip
server
Tengine/Aserver
eagleeye-traceid
2100bb4916314162836182591ed125
timing-allow-origin
*
content-length
14229
date
Sun, 12 Sep 2021 03:11:31 GMT
set-cookie
aep_usuc_f=site=deu&b_locale=de_DE; Expires=Wed, 10 Sep 2031 03:11:31 GMT; Path=/; Domain=.aliexpress.com e_id=pt50; Expires=Wed, 10 Sep 2031 03:11:31 GMT; Path=/; Domain=.aliexpress.com

Redirect headers

content-length
0
x-application-context
global-traffic-holmes-f:production:7001
p3p
CP="CAO PSA OUR"
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
0
strict-transport-security
max-age=31536000 ; includeSubDomains max-age=31536000
location
https://best.aliexpress.com/?aff_fcid=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu&terminal_id=e35cd14b76cb425fb212eb779890daca
content-language
en-US
server
Tengine/Aserver
eagleeye-traceid
0b0a555e16314162914496553e9499
timing-allow-origin
*
date
Sun, 12 Sep 2021 03:11:31 GMT
set-cookie
xman_us_f=x_l=0&x_as_i=%7B%22aeuCID%22%3A%221908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu%22%2C%22affiliateKey%22%3A%22_d6GDFTu%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008100042%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222081345757%22%2C%22tagtime%22%3A1631416291453%7D&acs_rt=e35cd14b76cb425fb212eb779890daca; Domain=.aliexpress.com; Expires=Fri, 30-Sep-2089 06:25:38 GMT; Path=/; Secure; SameSite=None acs_usuc_t=x_csrf=1akb1wppfo6ei&acs_rt=e35cd14b76cb425fb212eb779890daca; Domain=.aliexpress.com; Path=/; Secure; SameSite=None aeu_cid=1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu; Domain=.aliexpress.com; Expires=Fri, 30-Sep-2089 06:25:38 GMT; Path=/; Secure; SameSite=None xman_t=vmjwMbWsoRsEXM0Pq+1+l362aM0VtIlqFx5Uz4+wraXBBO+wfZoDi7lVj3G1t8j0; Domain=.aliexpress.com; Expires=Sat, 11-Dec-2021 03:11:31 GMT; Path=/; Secure; SameSite=None; HttpOnly xman_f=xlK02APC1BUTSwDPfMu+Q3CDE69M+0dusoTI8JIpBdeUCe2mCiPLss16UNBU8YZGvsrxlFFFaP6is1Lxm95X6wHErDqo6g5tjiLTH+Ju7mbVzAptH1wQ0Q==; Domain=.aliexpress.com; Expires=Fri, 30-Sep-2089 06:25:38 GMT; Path=/; Secure; SameSite=None; HttpOnly traffic_se_co=%7B%7D; Domain=aliexpress.com; Expires=Fri, 30-Sep-2089 06:25:38 GMT; Path=/ af_ss_a=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; Secure; SameSite=None af_ss_b=1; Path=/; Domain=.aliexpress.com; Max-Age=2147483647; SameSite=Lax
x-akamai-fwd-auth-sha
E59A9905A71B4FB3D4F89A2F74EBFA86BFAB913F46999605C4A3316252CA01FA
x-akamai-fwd-auth-data
153429225, 92.123.122.192, 1631416291, 216.131.114.222
x-akamai-fwd-auth-sign
Oii4dqQMhmGoggSPahL9vPR921Rz34HwwmSjjygMskfFDYgaZF5ZfJ0+bYO+8UISVXNUdtdQibAeCx/Q9SORdWM1FxyInwWwYg2IqfLdfmU=
/
www.gearbest.com/ Frame F7A9 		209 B
419 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.gearbest.com/?lkid=78540179
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.24.7.88 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-24-7-88.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash
d3911ea96b18f5be2d8c11f57dee765b13d1011c7ab59fa92360f9657e1391f0

Request headers

Host
www.gearbest.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://lead2.pl/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lead2.pl/

Response headers

Server
AkamaiGHost
Mime-Version
1.0
Content-Type
text/html
Content-Length
209
Expires
Sun, 12 Sep 2021 03:11:31 GMT
Date
Sun, 12 Sep 2021 03:11:31 GMT
Connection
close
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.206.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lead2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
779
date
Sun, 12 Sep 2021 02:58:32 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
19747
expires
Sun, 12 Sep 2021 04:58:32 GMT
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=475862106&t=pageview&_s=1&dl=https%3A%2F%2Flead2.pl%2Fp%2F5b5R%2F6Z3r%2FRFEN&ul=en-us&de=UTF-8&dt=lead2.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=182227385&gjid=740695413&cid=1935661727.1631416291&tid=UA-110090096-2&_gid=1109711952.1631416291&_r=1&_slc=1&z=578401025
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lead2.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 03:11:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://lead2.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
74.125.206.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wk-in-f102.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://lead2.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sun, 12 Sep 2021 03:11:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
https://lead2.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
455 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-110090096-2&cid=1935661727.1631416291&jid=182227385&gjid=740695413&_gid=1109711952.1631416291&_u=IEBAAEAAAAAAAC~&z=1281311445
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
66.102.1.156 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wb-in-f156.1e100.net
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://lead2.pl/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 12 Sep 2021 03:11:31 GMT
content-type
text/plain
access-control-allow-origin
https://lead2.pl
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
lead2.pl/ 		20 B
744 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lead2.pl/finger
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.218.21 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

sec-fetch-mode
cors
device-memory
8
origin
https://lead2.pl
accept-encoding
gzip, deflate, br
tracestate
3274699@nr=0-1-3274699-294446110-333759b5e18d6ecc----1631416291585
accept-language
de-DE,de;q=0.9
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyNzQ2OTkiLCJhcCI6IjI5NDQ0NjExMCIsImlkIjoiMzMzNzU5YjVlMThkNmVjYyIsInRyIjoiNTNjMjYyOGRjOGZhM2ZlNjI5NzQ5ZmMzMjQ0NWQ1NzAiLCJ0aSI6MTYzMTQxNjI5MTU4NX19
sec-fetch-dest
empty
cookie
605f01b1409979f1b4f5151f8eefb28a=605f01b1409979f1b4f5151f8eefb28a; _ga=GA1.2.1935661727.1631416291; _gid=GA1.2.1109711952.1631416291; _gat=1
content-length
946
:path
/finger
pragma
no-cache
x-newrelic-id
VwQAVVBaARACXVVWAwUFUFY=
traceparent
00-53c2628dc8fa3fe629749fc32445d570-333759b5e18d6ecc-01
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
content-type
application/json
accept
*/*
cache-control
no-cache
:authority
lead2.pl
referer
https://lead2.pl/p/5b5R/6Z3r/RFEN
:scheme
https
sec-fetch-site
same-origin
:method
POST
Device-Memory
8
X-NewRelic-ID
VwQAVVBaARACXVVWAwUFUFY=
tracestate
3274699@nr=0-1-3274699-294446110-333759b5e18d6ecc----1631416291585
traceparent
00-53c2628dc8fa3fe629749fc32445d570-333759b5e18d6ecc-01
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
newrelic
eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjMyNzQ2OTkiLCJhcCI6IjI5NDQ0NjExMCIsImlkIjoiMzMzNzU5YjVlMThkNmVjYyIsInRyIjoiNTNjMjYyOGRjOGZhM2ZlNjI5NzQ5ZmMzMjQ0NWQ1NzAiLCJ0aSI6MTYzMTQxNjI5MTU4NX19
Content-Type
application/json
Referer
https://lead2.pl/p/5b5R/6Z3r/RFEN

Response headers

date
Sun, 12 Sep 2021 03:11:31 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-newrelic-app-data
PxQEU1FXDgoJR1NbAwUDUlYHBBFORDQHUjZKA1ZLVVFHDFYPbU5yARBfWA86TH5aXgMEEEdDXggQclldFhQMDlwHSiJeUVpVVhdJE1gPR0BIBhlRVlMIAxxUT1MGAg9RSBwHH0BQB1EGAwEDAQkGBVFXClRQQx8EBVpEBDs=
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qfocR90PJsDRrXH%2FmepbI0fHzl8SKtw9UIt6Unf5cxgu1dW6qTJOE9D%2F1HZ07lenhSBfv8DqiKECWtWieJwvdwjuNwKVvcPptDZJbjctyIUTXRvaCzO2jFim7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json
cache-control
no-cache, private
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
68d5f2ee7de2411a-PRG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
nr-spa-1210.min.js
js-agent.newrelic.com/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-agent.newrelic.com/nr-spa-1210.min.js
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ae2fc8f8e0697701399521441a03445a3c11d79719accd0099f41687c1536c49

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lead2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

x-amz-version-id
S2ZWAVF_bOLxH9dSP4fxyD9xCbMCwnq9
content-encoding
gzip
etag
"d5eff122d09ab2c851fb1780f0287cbf"
x-amz-request-id
B8QMTPR75V5Z4GRG
x-cache
HIT
content-length
15563
x-amz-id-2
tKCNGqOtFrX1wcERsjXgFggUdx1CsHy3qifsNvKr4XioQUExnWtpuimFq6jyo1VQiJpt8e5OkJA=
x-served-by
cache-hhn4058-HHN
last-modified
Tue, 22 Jun 2021 22:47:08 GMT
server
AmazonS3
x-timer
S1631416292.714155,VS0,VE0
date
Sun, 12 Sep 2021 03:11:31 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=7200, stale-if-error=604800
accept-ranges
bytes
x-cache-hits
3036
NRJS-6dd3950211b5010cd9b
bam.eu01.nr-data.net/1/ 		57 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bam.eu01.nr-data.net/1/NRJS-6dd3950211b5010cd9b?a=294444262,294453778&v=1210.e2a3f80&to=MhBSZQoZWkcFVRFYXwtacVIMEVtaS3cDV1kJHFFFHTtbWhBECl1cAAdwVh0MeF0KXQ%3D%3D&rst=1319&ck=1&ref=https://lead2.pl/p/5b5R/6Z3r/RFEN&ap=144&be=818&fe=1278&dc=941&af=err,xhr,stn,ins,spa&perf=%7B%22timing%22:%7B%22of%22:1631416290407,%22n%22:0,%22f%22:354,%22dn%22:355,%22dne%22:386,%22c%22:386,%22s%22:402,%22ce%22:424,%22rq%22:424,%22rp%22:792,%22rpe%22:793,%22dl%22:795,%22di%22:941,%22ds%22:941,%22de%22:941,%22dc%22:1278,%22l%22:1278,%22le%22:1278%7D,%22navigation%22:%7B%7D%7D&fp=858&fcp=858&at=HldRE0IDSUk%3D&jsonp=NREUM.setToken
Requested by
Host: lead2.pl
URL: https://lead2.pl/p/5b5R/6Z3r/RFEN
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.221.87.248 , Ireland, ASN206998 (NEW-2, IE),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://lead2.pl/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date
Sun, 12 Sep 2021 03:11:31 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Server
cloudflare
Expect-CT
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary
Accept-Encoding
Content-Type
text/javascript;charset=iso-8859-1
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
CF-Ray
68d5f2efbdc04120-PRG
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Primary Request 1e3a4e532f1c7040
anmdev.dateufriend.com/c/ 		8 B
85 B 		Document
General
Check archive.org
Download Go to
Full URL
https://anmdev.dateufriend.com/c/1e3a4e532f1c7040?s1=123803&s2=1305870&s3=56200&click_id=mlClick-rfs220Og&j1=1&j3=1
Requested by
Host: lead2.pl
URL: https://lead2.pl/js/03032020.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.153.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-153-41.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
8f234bf4323fabaa02d627f4a633652ea5bc6d5323fd528b7c12ef3b6f57b6b9

Request headers

:method
GET
:authority
anmdev.dateufriend.com
:scheme
https
:path
/c/1e3a4e532f1c7040?s1=123803&s2=1305870&s3=56200&click_id=mlClick-rfs220Og&j1=1&j3=1
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://lead2.pl/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://lead2.pl/

Response headers

server
nginx
date
Sun, 12 Sep 2021 03:11:31 GMT
content-type
text/plain; charset=utf-8
content-length
8
NRJS-6dd3950211b5010cd9b
bam.eu01.nr-data.net/events/1/ 		0
0
NRJS-6dd3950211b5010cd9b
bam.eu01.nr-data.net/events/1/ 		0
0
NRJS-6dd3950211b5010cd9b
bam.eu01.nr-data.net/jserrors/1/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
bam.eu01.nr-data.net
URL
https://bam.eu01.nr-data.net/events/1/NRJS-6dd3950211b5010cd9b?a=294444262,294453778&v=1210.e2a3f80&to=MhBSZQoZWkcFVRFYXwtacVIMEVtaS3cDV1kJHFFFHTtbWhBECl1cAAdwVh0MeF0KXQ%3D%3D&rst=1485&ck=1&ref=https://lead2.pl/p/5b5R/6Z3r/RFEN
Domain
bam.eu01.nr-data.net
URL
https://bam.eu01.nr-data.net/events/1/NRJS-6dd3950211b5010cd9b?a=294444262,294453778&v=1210.e2a3f80&to=MhBSZQoZWkcFVRFYXwtacVIMEVtaS3cDV1kJHFFFHTtbWhBECl1cAAdwVh0MeF0KXQ%3D%3D&rst=1583&ck=1&ref=https://lead2.pl/p/5b5R/6Z3r/RFEN
Domain
bam.eu01.nr-data.net
URL
https://bam.eu01.nr-data.net/jserrors/1/NRJS-6dd3950211b5010cd9b?a=294444262,294453778&v=1210.e2a3f80&to=MhBSZQoZWkcFVRFYXwtacVIMEVtaS3cDV1kJHFFFHTtbWhBECl1cAAdwVh0MeF0KXQ%3D%3D&rst=1583&ck=1&ref=https://lead2.pl/p/5b5R/6Z3r/RFEN

Verdicts & Comments Add Verdict or Comment

2 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect boolean| originAgentCluster

11 Cookies

Domain/Path Name / Value
lead2.pl/ Name: 605f01b1409979f1b4f5151f8eefb28a
Value: 605f01b1409979f1b4f5151f8eefb28a
.lead2.pl/ Name: _ga
Value: GA1.2.1935661727.1631416291
.lead2.pl/ Name: _gid
Value: GA1.2.1109711952.1631416291
.lead2.pl/ Name: _gat
Value: 1
.aliexpress.com/ Name: xman_us_f
Value: x_l=0&x_as_i=%7B%22aeuCID%22%3A%221908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu%22%2C%22affiliateKey%22%3A%22_d6GDFTu%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cn%22%3A%2210008100042%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%222081345757%22%2C%22tagtime%22%3A1631416291453%7D&acs_rt=e35cd14b76cb425fb212eb779890daca
.aliexpress.com/ Name: acs_usuc_t
Value: x_csrf=1akb1wppfo6ei&acs_rt=e35cd14b76cb425fb212eb779890daca
.aliexpress.com/ Name: aeu_cid
Value: 1908b8e678ec411cbbc9cb96b7ca0569-1631416291453-03683-_d6GDFTu
.aliexpress.com/ Name: xman_t
Value: vmjwMbWsoRsEXM0Pq+1+l362aM0VtIlqFx5Uz4+wraXBBO+wfZoDi7lVj3G1t8j0
.aliexpress.com/ Name: xman_f
Value: xlK02APC1BUTSwDPfMu+Q3CDE69M+0dusoTI8JIpBdeUCe2mCiPLss16UNBU8YZGvsrxlFFFaP6is1Lxm95X6wHErDqo6g5tjiLTH+Ju7mbVzAptH1wQ0Q==
.aliexpress.com/ Name: af_ss_a
Value: 1
.nr-data.net/ Name: JSESSIONID
Value: 2114b8c3d0772830

4 Console Messages

Source Level URL
Text
network error URL: https://www.gearbest.com/?lkid=78540179
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security error
Message:
Refused to frame 'https://www.g2a.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
other error URL: chrome-error://chromewebdata/
Message:
Refused to display 'https://best.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.
network error URL: https://anmdev.dateufriend.com/c/1e3a4e532f1c7040?s1=123803&s2=1305870&s3=56200&click_id=mlClick-rfs220Og&j1=1&j3=1
Message:
Failed to load resource: the server responded with a status of 410 ()