urlscan.io logo urlscan.io
SecurityTrails logo

offers.propertyleadr.net Open in urlscan Pro
172.64.153.235  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H
Effective URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Submission: On April 24 via api from DE — Scanned from PL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 6 countries across 12 domains to perform 33 HTTP transactions. The main IP is 172.64.153.235, located in San Francisco, United States and belongs to CLOUDFLARENET, US. The main domain is offers.propertyleadr.net.
TLS certificate: Issued by R3 on March 28th 2024. Valid for: 3 months.
This is the only time offers.propertyleadr.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 185.24.219.112 59491 (LIVENET-)
2 2 54.76.124.8 16509 (AMAZON-02)
4 172.64.153.235 13335 (CLOUDFLAR...)
2 13.224.189.14 16509 (AMAZON-02)
4 104.17.25.14 13335 (CLOUDFLAR...)
1 142.250.186.106 15169 (GOOGLE)
3 157.240.0.6 32934 (FACEBOOK)
3 18.135.89.82 16509 (AMAZON-02)
1 34.117.186.192 396982 (GOOGLE-CL...)
5 3.160.156.5 16509 (AMAZON-02)
6 13.32.99.123 16509 (AMAZON-02)
1 18.66.147.40 16509 (AMAZON-02)
2 157.240.0.35 32934 (FACEBOOK)
33 12
1    185.24.219.112 (Poland)

ASN59491 (LIVENET-, PL)
PTR: propertie4less.info
www.propertie4less.info
2    54.76.124.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-124-8.eu-west-1.compute.amazonaws.com
adleadrperformance.com
4    172.64.153.235 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
offers.propertyleadr.net
2    13.224.189.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-14.fra2.r.cloudfront.net
builder-assets.unbounce.com
4    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    142.250.186.106 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f10.1e100.net
ajax.googleapis.com
3    157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net
connect.facebook.net
3    18.135.89.82 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-89-82.eu-west-2.compute.amazonaws.com
script.anura.io
1    34.117.186.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.186.117.34.bc.googleusercontent.com
ipinfo.io
5    3.160.156.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-160-156-5.fra60.r.cloudfront.net
d9hhrg4mnvzow.cloudfront.net
6    13.32.99.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-99-123.fra60.r.cloudfront.net
fonts.ub-assets.com
1    18.66.147.40 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-40.fra60.r.cloudfront.net
ads.anura.io
2    157.240.0.35 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: edge-star-mini-shv-02-fra3.facebook.com
www.facebook.com
Apex Domain
Subdomains		 Transfer
6 ub-assets.com
fonts.ub-assets.com — Cisco Umbrella Rank: 28419
55 KB
5 cloudfront.net
d9hhrg4mnvzow.cloudfront.net
135 KB
4 anura.io
script.anura.io — Cisco Umbrella Rank: 55112
ads.anura.io — Cisco Umbrella Rank: 70611
22 KB
4 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
124 KB
4 propertyleadr.net
offers.propertyleadr.net
26 KB
3 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
73 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 97
306 B
2 unbounce.com
builder-assets.unbounce.com — Cisco Umbrella Rank: 22871
43 KB
2 adleadrperformance.com
adleadrperformance.com
1 KB
1 ipinfo.io
ipinfo.io — Cisco Umbrella Rank: 7609
738 B
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 363
31 KB
1 propertie4less.info
www.propertie4less.info
265 B
33 12
Domain Requested by
6 fonts.ub-assets.com builder-assets.unbounce.com
fonts.ub-assets.com
5 d9hhrg4mnvzow.cloudfront.net offers.propertyleadr.net
4 cdnjs.cloudflare.com offers.propertyleadr.net
cdnjs.cloudflare.com
4 offers.propertyleadr.net offers.propertyleadr.net
3 script.anura.io offers.propertyleadr.net
script.anura.io
3 connect.facebook.net offers.propertyleadr.net
connect.facebook.net
2 www.facebook.com offers.propertyleadr.net
2 builder-assets.unbounce.com offers.propertyleadr.net
2 adleadrperformance.com 2 redirects
1 ads.anura.io script.anura.io
1 ipinfo.io ajax.googleapis.com
1 ajax.googleapis.com offers.propertyleadr.net
1 www.propertie4less.info 1 redirects
33 13

This site contains no links.

Subject Issuer Validity Valid
offers.propertyleadr.net
R3		 2024-03-28 -
2024-06-26		 3 months crt.sh
*.unbounce.com
Amazon RSA 2048 M03		 2023-12-10 -
2025-01-07		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-03-18 -
2024-06-10		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2024-02-01 -
2024-05-01		 3 months crt.sh
script.anura.io
Amazon RSA 2048 M02		 2023-10-16 -
2024-11-13		 a year crt.sh
ipinfo.io
R3		 2024-04-19 -
2024-07-18		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
fonts.ub-assets.com
Amazon RSA 2048 M02		 2023-06-01 -
2024-06-29		 a year crt.sh
ads.anura.io
Amazon RSA 2048 M01		 2023-05-30 -
2024-06-27		 a year crt.sh

This page contains 1 frames:

Primary Page: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Frame ID: 72C29789780D3146DB7F47D84550AC4B
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H HTTP 307
    https://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H HTTP 307
    http://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H HTTP 302
    https://adleadrperformance.com/?a=12&c=2054&s1= HTTP 302
    https://adleadrperformance.com/?a=12&c=2054&s1=&ch-redir=1&ckmxid=cokahstj0000vg4vmdo0 HTTP 302
    https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&countr... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

33
Requests

97 %
HTTPS

0 %
IPv6

12
Domains

13
Subdomains

12
IPs

6
Countries

510 kB
Transfer

1234 kB
Size

8
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H HTTP 307
    https://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H HTTP 307
    http://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H HTTP 302
    https://adleadrperformance.com/?a=12&c=2054&s1= HTTP 302
    https://adleadrperformance.com/?a=12&c=2054&s1=&ch-redir=1&ckmxid=cokahstj0000vg4vmdo0 HTTP 302
    https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
offers.propertyleadr.net/acorn-property-bond/
Redirect Chain
  • http://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H
  • https://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H
  • http://www.propertie4less.info/email/link.php?M=233319&N=3938&L=173&F=H
  • https://adleadrperformance.com/?a=12&c=2054&s1=
  • https://adleadrperformance.com/?a=12&c=2054&s1=&ch-redir=1&ckmxid=cokahstj0000vg4vmdo0
  • https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
52 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d7ef5e2e19dac73892d74ca6abaa27e68bbd3726ad869e239712f2845a31cac

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

cf-cache-status
DYNAMIC
cf-ray
879417933e151c3e-FRA
content-encoding
br
content-location
https://offers.propertyleadr.net/acorn-property-bond/
content-type
text/html; charset=utf-8
date
Wed, 24 Apr 2024 06:38:43 GMT
etag
W/"a:90f24d4a16654dc6bf0e5e8a62ea9eae"
link
<https://offers.propertyleadr.net/acorn-property-bond/>; rel="canonical"
server
cloudflare
x-unbounce-pageid
6f35d39a-b0d1-45d2-bcd0-8c1b031d3d48
x-unbounce-variant
a
x-unbounce-visitorid
90f24d4a-1665-4dc6-bf0e-5e8a62ea9eae

Redirect headers

Cache-Control
private
Connection
close
Content-Length
242
Content-Type
text/html; charset=utf-8
Date
Wed, 24 Apr 2024 06:38:43 GMT
Location
https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
P3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
main-7b78720.z.css
builder-assets.unbounce.com/published-css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-css/main-7b78720.z.css
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-14.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 20 Dec 2023 02:43:46 GMT
content-encoding
gzip
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-version-id
GVFgUU1TNBfYZFxmy4v_rBGa7MxrBKpW
x-amz-cf-pop
FRA2-C1
age
10900498
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
2902
last-modified
Fri, 15 Dec 2023 17:54:33 GMT
server
AmazonS3
etag
"65d94e355664eb0c202cee7db35a61b5"
content-type
text/css
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
wyHxMZSfVVvVRNHfFNgsHqDVEyXtezsN14NOhnsxFVRDC7RDnbqbBg==
intlTelInput.css
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/ 		25 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 06:38:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
479743
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1970
last-modified
Tue, 31 May 2022 01:06:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62956a21-7b2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QjVlc4dhEBvzJdBiKa3DG%2BJ3DZaGT8o5a%2Byqy8RfZomz1vr2GnAlDOUH6f%2BLQ7zBcMyom%2FjW%2Fuvq6Egzk6Y5%2F7xHA1mkHQQdgz%2Bgvz3pNdsWi9%2F43sQToxY%2F2KG8356W9zrkrULi"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
879417943998924a-FRA
expires
Mon, 14 Apr 2025 06:38:43 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.106 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f10.1e100.net
Software
sffe /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 14:12:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59149
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31017
x-xss-protection
0
last-modified
Wed, 10 Mar 2021 14:28:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 23 Apr 2025 14:12:55 GMT
b907c51d6869e69d8a396f17f7ba15905e81aff2.js
offers.propertyleadr.net/_ub/static/ts/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://offers.propertyleadr.net/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2.js
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 06:38:44 GMT
content-encoding
br
via
1.1 ef4ff53b101ef123a46ec560b6c94cb8.cloudfront.net (CloudFront)
x-amz-version-id
TThSs9K50fISFfh18X9t.nFN4cUMwlpR
cf-cache-status
HIT
x-amz-cf-pop
FRA56-C2
age
1026510
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Wed, 27 Mar 2024 15:44:09 GMT
server
cloudflare
etag
W/"7b3939265cdcbe6834a9c54d2dfcdfa2"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
87941794ef941c3e-FRA
x-amz-cf-id
100OCkKU5OZ0c625HJ9Yuwo_aejip5SINxpsjqncFUfUUM6PwjkZlQ==
expires
Thu, 24 Apr 2025 06:38:44 GMT
intlTelInput.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1c3be98af0f5091cbe3e28e515bab230453f9d7c0b8e9d0282af12fd0bb5e1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 06:38:43 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1073199
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
8923
last-modified
Tue, 31 May 2022 01:06:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62956a21-22db"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QDPmOpP3BHXsZVlY8651dTiHfWzxdELeylH%2FF2o82YTXXwDO9bnSiNlGZT21pMBArwwouJpuikgCJut%2BPc2lhI6iHKeJxe38Niy03k6xqwhc%2BkqAjnDYwfjGN%2BfslgRPn8wU%2BmUy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
879417943994924a-FRA
expires
Mon, 14 Apr 2025 06:38:43 GMT
main.bundle-c3f2a09.z.js
builder-assets.unbounce.com/published-js/ 		125 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-14.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 05 Apr 2024 18:05:43 GMT
content-encoding
gzip
via
1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
x-amz-version-id
0jCnCAYc2yatVAXrOQkKsboLCamv4Y6y
x-amz-cf-pop
FRA2-C1
age
1600382
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
39961
last-modified
Fri, 05 Apr 2024 17:38:36 GMT
server
AmazonS3
etag
"8fde982b1747f0bf4dfb1b44d385c019"
content-type
application/javascript
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
k8ZUJsRkaziVQIWR2-OEO_nDV4PJcbXik1ViRLN_5jZIJRjbqcjfrg==
fbevents.js
connect.facebook.net/en_US/ 		218 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 06:38:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
57850
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=39, rtx=0, c=12, mss=1314, tbw=2776, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma
public
x-fb-debug
QxLT8R16GclXvZbdHpMFsUBPByKW/Ql5RYB/ds7Ditr+gec3RDae8xkZcE+wMdbGTbDzVsw8DpOvTZlyiJ/uyw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
request.js
script.anura.io/ 		58 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/request.js?instance=3552465468&source=12-&campaign=407&callback=anuraResponseHandler&724024608954
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.135.89.82 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-89-82.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
b7cf2d13eb1ad45f2ae186d69c092b0df4d6d7e6ef4b64021938ab52f187947a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 06:38:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Type
image/gif
/
ipinfo.io/ 		435 B
738 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ipinfo.io/?token=6d3626439c7bd0&callback=jQuery360003162181668135644_1713940724306&_=1713940724307
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.186.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.186.117.34.bc.googleusercontent.com
Software
nginx/1.24.0 /
Resource Hash
030801b28174a68b95a70fbf0e9a898c541fff1c2049ad40e8c179285531e1fd
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 06:38:44 GMT
via
1.1 google
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.24.0
strict-transport-security
max-age=2592000; includeSubDomains
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
x-envoy-upstream-service-time
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
435
x-xss-protection
1; mode=block
flags.png
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/img/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/img/flags.png
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/css/intlTelInput.css
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 06:38:44 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
742823
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
67650
last-modified
Tue, 31 May 2022 01:06:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62956a21-10842"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=oE59S2LcinPyzc5JfDcrGq07TWDEnUklehtMz62qOMaLMWP4jpD0UUsew%2FmFD4ib90z2eFVBbnKXELw8FkBHAmmrY5ZeoVKC2YL%2BlZ56BBn4Vtc%2Fb20%2BCfHxG%2BjvWejAWCvOJks4"}],"group":"cf-nel","max_age":604800}
content-type
image/png; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
879417972bcf924a-FRA
expires
Mon, 14 Apr 2025 06:38:44 GMT
c6a4b108-acorn-property-bond-view_100000000000000000001o.jpeg
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/ 		124 KB
124 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/c6a4b108-acorn-property-bond-view_100000000000000000001o.jpeg
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fcb37d3e160b1398f333f3c919a10858083097dedac4c11f35343b58858ebb7e

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 08:35:40 GMT
x-amz-version-id
2JtWyBOZF73rCo5_e_xTxFb1dXY_5CVk
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
last-modified
Wed, 17 Apr 2024 16:34:47 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
511385
etag
"ef6ed892642346a77321905d44cc6963"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31557600
accept-ranges
bytes
content-length
126591
x-amz-cf-id
QhvSoLX-qD5GDRb1MFHxjM0dNFKyP6NJf6Vao79-euyEvVVyVMyPNw==
i
offers.propertyleadr.net/_ub/ 		2 B
193 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://offers.propertyleadr.net/_ub/i
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/_ub/static/ts/b907c51d6869e69d8a396f17f7ba15905e81aff2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type
application/json

Response headers

date
Wed, 24 Apr 2024 06:38:44 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://offers.propertyleadr.net
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-credentials
true
cf-ray
8794179739aa1c3e-FRA
content-length
2
c7f99ebd-752a-4899-92b1-96c8d6bc568d
https://offers.propertyleadr.net/ 		5 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
blob:https://offers.propertyleadr.net/c7f99ebd-752a-4899-92b1-96c8d6bc568d
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc

Request headers

Accept-Language
pl-PL,pl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length
5427
Content-Type
text/css
css
fonts.ub-assets.com/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Requested by
Host: builder-assets.unbounce.com
URL: https://builder-assets.unbounce.com/published-js/main.bundle-c3f2a09.z.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
b47c432bb59d3c8e38cfc78c94a132d53a6fd552483710410d29becf0df198d1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 23 Apr 2024 07:17:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 d63ea68c8b7458d49fe25f66ef7f0a5e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
84050
x-amzn-requestid
45c015ea-8648-424f-b1e9-139a178d0947
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
WqwJXH4GIAMEGqw=
content-length
1627
x-xss-protection
0
cross-origin-opener-policy
same-origin-allow-popups
x-amzn-trace-id
Root=1-662760a2-61215de5181b943565fed76f
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
x-amz-cf-id
y1x6biwlh37Tb5W3npW1KKAM7p9AVClMxfZzGINNEwtlrWTixrqhrA==
dc82cf33-acorn-logo-white_106801x000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/dc82cf33-acorn-logo-white_106801x000000000000028.png
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6681b60732beee623dc6d245c6ed4d85b496ee4ef352750cffb567ff633c97ac

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 06:20:41 GMT
x-amz-version-id
BTOIEb9nwxpJ3Seqea2eezwGtJOq64ND
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
last-modified
Fri, 19 Apr 2024 11:35:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
260284
etag
"894dcf23a2d88f78138a157f2ebdd9f7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1425
x-amz-cf-id
mxYui51187grdvvDIZ9LHTY_slL-9AkpXvQxp4d7fRl3h8YyLrPv_g==
cb76e65e-the-times-logo_108c010000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/cb76e65e-the-times-logo_108c010000000000000028.png
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0d3c8a9b1167e28f688982b6f34a2246a2a2b0a56358950ead175f73944895c

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 16:31:52 GMT
x-amz-version-id
gUN9mVgbOabfZ.3KwuZ2KLmjpmCgF1.W
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
last-modified
Thu, 18 Apr 2024 12:49:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
482813
etag
"4302467be62de94dfc051268aa0fc4bd"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
3537
x-amz-cf-id
I0-hOSTTo-vetiL9C1gqItuqaB8QtKfFmA21h1T-DyJ9pT7j0zUX4g==
00970d71-financial-times-logo_102p03p000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/00970d71-financial-times-logo_102p03p000000000000028.png
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c70fdc78c4d3f17a89da68f7c8610e696a07270ad71a862205c8f72cb53a1687

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Thu, 18 Apr 2024 16:31:52 GMT
x-amz-version-id
3bl30sPHR1_eijwnLutqIg1e_fvRy.HZ
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
last-modified
Thu, 18 Apr 2024 12:49:07 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
482813
etag
"f332d195de640e23faa1b881d413b41c"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
1989
x-amz-cf-id
thWCctI28ntGS62CNGDwZBdGb3msfrovPc389VshWO3egLexUqzVhQ==
4f3a8d59-grand-designs-logo_104v01r000000000000028.png
d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d9hhrg4mnvzow.cloudfront.net/offers.propertyleadr.net/acorn-property-bond/4f3a8d59-grand-designs-logo_104v01r000000000000028.png
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
3.160.156.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-160-156-5.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
27fb21474cebf39c38065ba3d2448042f2ccb776a6e839a4b0706d49b0c7ae69

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Sun, 21 Apr 2024 06:20:41 GMT
x-amz-version-id
qnmReBZZ2IaOnfXtXxtTJn2GNHUhkZaC
via
1.1 e7901684d85170d527aec3a64956def6.cloudfront.net (CloudFront)
last-modified
Fri, 19 Apr 2024 11:35:30 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P7
age
260284
etag
"b9c9a55f21cd61c186744ea418665f55"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31557600
accept-ranges
bytes
content-length
2734
x-amz-cf-id
bypFqd5qMgBdNZITfEhSIf_0vb5GxzhX8HJZgoyOsJe6JrWiWECAVg==
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/poppins/v21/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Origin
https://offers.propertyleadr.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 22:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
7816
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2534739
x-amzn-requestid
e58b6dc1-e957-48de-873c-b57618c8cd70
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
VNRBOH4TIAMELSg=
content-length
7839
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:32 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6601fba1-17e5c1e775a7f03f725faf15
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
-MxJRlE7Xe_V9Gi-EHXe61NNDBpC0meaKD1PpjNBZqVlYwh6WoRagA==
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.ub-assets.com/fonts/s/poppins/v21/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/poppins/v21/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Origin
https://offers.propertyleadr.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 22:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
7884
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2534739
x-amzn-requestid
86812376-81f9-450d-b4bb-57f135cfbd71
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
VNRBOFB3oAMEfBA=
content-length
7907
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:38 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6601fba1-2b7daddb66820a253f8fbcc4
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
xWQtLPddig1biCHbW4fXQV1eUjSwLSTY5M-VWelDl8tsgu81GPFd4w==
pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v21/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/poppins/v21/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Origin
https://offers.propertyleadr.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 22:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
7840
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2534739
x-amzn-requestid
382056f5-f39c-4db4-bc60-4a6f11c5d7a3
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
VNRBOHm6IAMEurA=
content-length
7863
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:02:55 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6601fba1-79102463111e07793e567663
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
00frV_3B6EP7WZfFrj7sNtr4tqBzlHQ5ZoFDzcaeF6-ebECtVo3v6Q==
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.ub-assets.com/fonts/s/poppins/v21/ 		8 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/poppins/v21/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Origin
https://offers.propertyleadr.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 25 Mar 2024 22:33:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
8000
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
2534739
x-amzn-requestid
97d43c12-7d0c-4329-a627-dd604f015caf
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
VNRBOEhtIAMEu1w=
content-length
8023
x-xss-protection
0
last-modified
Fri, 22 Mar 2024 00:00:59 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6601fba1-54486af77a8e979414b52bc8
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
hT72mEhzyA8o3_F41hekY-jYt_VJ3esncnizcX-Yf53Pu99vwStmiw==
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.ub-assets.com/fonts/s/opensans/v40/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.ub-assets.com/fonts/s/opensans/v40/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
Requested by
Host: fonts.ub-assets.com
URL: https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.99.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-99-123.fra60.r.cloudfront.net
Software
/
Resource Hash
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://fonts.ub-assets.com/css?family=Poppins:700,regular,300,600%7COpen+Sans:regular
Origin
https://offers.propertyleadr.net
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Tue, 02 Jan 2024 09:13:40 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amzn-remapped-content-length
18668
via
1.1 c43915e0cad14ee7685e5f74a99ce93c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P3
age
9753904
x-amzn-requestid
74618afd-8d2f-4c62-acb3-4795159d1b03
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
x-amz-apigw-id
Q54GsEuIoAMEMkQ=
content-length
18696
x-xss-protection
0
last-modified
Thu, 14 Dec 2023 02:00:39 GMT
cross-origin-opener-policy
same-origin; report-to="apps-themes"
x-amzn-trace-id
Root=1-6593d3c4-26037bdd00cb30d114148027
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
timing-allow-origin
*
x-amz-cf-id
_f76FbjMICLILPfZjcTDMKl2Vsmr7MDPxF30Zc2S5njyZMFDJsGn2A==
showads.js
ads.anura.io/ 		0
351 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.anura.io/showads.js?563544253623
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3552465468&source=12-&campaign=407&callback=anuraResponseHandler&724024608954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.40 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-40.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 05:18:37 GMT
content-encoding
gzip
via
1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
FRA60-P4
age
4807
vary
Accept-Encoding
x-cache
Hit from cloudfront
access-control-allow-methods
GET
access-control-allow-origin
*
content-type
application/javascript; charset=utf-8
x-amz-cf-id
Ef2Z6zQRLiIAW9qhmBqUjspWloOzEXT09sCKhzG89FB7hLp72S9wDg==
2183216491990889
connect.facebook.net/signals/config/ 		57 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2183216491990889?v=2.9.154&r=stable&domain=offers.propertyleadr.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
5229b46f27cf2bb93e31ebb5979f3ea23e57bd2ab2d7be6510ca233b06c91996
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 06:38:44 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=64, mss=1314, tbw=63205, tp=-1, tpl=-1, uplat=132, ullat=1
pragma
public
x-fb-debug
v04sdiwk1dFH0bChP7MIcAi9pfLpzIDKkFIQa2/0QQEhgPJ28fWEYzo52wLapV4iu2sOql40zGh4OVxS4IS+Rw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
820979408346016
connect.facebook.net/signals/config/ 		20 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/820979408346016?v=2.9.154&r=stable&domain=offers.propertyleadr.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C217%2C152%2C110%2C133%2C126%2C114
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f95b9737e3a3a26d30777b228cccdb2ee983566f23b2258f66577d9823cdf7c3
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 24 Apr 2024 06:38:45 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=38, rtx=0, c=23, mss=1232, tbw=4324, tp=9, tpl=0, uplat=206, ullat=0
pragma
public
x-fb-debug
Knlp2ejntjfMe+usr1r+TKsHuOcHZgD9F1/TrPsbmbDMjlpGnRfN5nQpI1TNHaazDNuOjeZt2HmyHiPHAJnX+w==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups;report-to="coop_report"
vary
Accept-Encoding
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		0
274 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2183216491990889&ev=PageView&dl=https%3A%2F%2Foffers.propertyleadr.net%2Facorn-property-bond%2F%3Faffiliate_id%3D12%26sub_id%3D%26ckm_request_id%3D192011884%26country%3DPL&rl=&if=false&ts=1713940724974&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713940724973.1192719274&ler=empty&cdl=API_unavailable&it=1713940724680&coo=false&rqm=GET
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1314, tbw=2781, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 06:38:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
response.json
script.anura.io/ 		52 B
404 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/response.json
Requested by
Host: script.anura.io
URL: https://script.anura.io/request.js?instance=3552465468&source=12-&campaign=407&callback=anuraResponseHandler&724024608954
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.135.89.82 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-89-82.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
044a3d2b6a7f40edd3819ee281871c25075a0fa54d7675730742f99515363ce5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 06:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
/
www.facebook.com/tr/ 		0
32 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=820979408346016&ev=PageView&dl=https%3A%2F%2Foffers.propertyleadr.net%2Facorn-property-bond%2F%3Faffiliate_id%3D12%26sub_id%3D%26ckm_request_id%3D192011884%26country%3DPL&rl=&if=false&ts=1713940725228&sw=1600&sh=1200&v=2.9.154&r=stable&ec=0&o=4126&fbp=fb.1.1713940724973.1192719274&ler=empty&cdl=API_unavailable&it=1713940724680&coo=false&rqm=GET
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
157.240.0.35 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
edge-star-mini-shv-02-fra3.facebook.com
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

x-fb-connection-quality
EXCELLENT; q=0.9, rtt=43, rtx=0, c=10, mss=1314, tbw=2781, tp=-1, tpl=-1, uplat=1, ullat=0
strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 24 Apr 2024 06:38:45 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
result.json
script.anura.io/ 		41 B
396 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://script.anura.io/result.json
Requested by
Host: offers.propertyleadr.net
URL: https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.135.89.82 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-135-89-82.eu-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform
"Win32"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Wed, 24 Apr 2024 06:38:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate, max-age=0, post-check=0, pre-check=0
expires
Sun, 28 Dec 1980 18:57:00 EST
utils.min.js
cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/ 		243 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/utils.min.js?1638200991544
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/intl-tel-input/17.0.17/js/intlTelInput.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8c0e60fe564204f7212e981e84dccc15221911aa597c238e9d0783f9151c652b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 06:38:45 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
480506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
45533
last-modified
Tue, 31 May 2022 01:06:41 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"62956a21-b1dd"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BJLI5%2BunTXS%2Bq8lFfsg5QGvjICJPgmMdBw75Cwf2DV%2BsvEqfIEvLBbk%2Ft27yvsyTp0wIyX2gNP6QKqSm%2FK9rpVt2EEKSUh1UDfg4dpUhfz8cZ8ZAXQWmtmKdXF%2FRLzi%2FKNik0WOe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
8794179e08bd924a-FRA
expires
Mon, 14 Apr 2025 06:38:45 GMT
favicon.ico
offers.propertyleadr.net/ 		47 B
132 B 		Other
General
Check archive.org
Download Go to
Full URL
https://offers.propertyleadr.net/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.153.235 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457

Request headers

sec-ch-ua
"Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer
https://offers.propertyleadr.net/acorn-property-bond/?affiliate_id=12&sub_id=&ckm_request_id=192011884&country=PL
Accept-Language
pl-PL,pl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Wed, 24 Apr 2024 06:38:45 GMT
server
cloudflare
cf-ray
8794179e0fee1c3e-FRA
content-length
47
vary
Accept-Encoding
content-type
text/html

Verdicts & Comments Add Verdict or Comment

28 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| ub object| module function| fbq function| _fbq function| anuraResponseHandler function| resultHandler function| $ function| jQuery object| d8Validation function| startData8Validation function| validateEmailAsync function| validatePhoneAsync function| reportValidationResult function| checkForErrors object| intlTelInputGlobals function| intlTelInput object| input object| iti function| handleChange function| ubSnowplow boolean| ubSnowplowInitialized function| setImmediate function| clearImmediate boolean| VimeoPlayerResizeEmbeds_ boolean| VimeoSeoMetadataAppended boolean| VimeoCheckedUrlTimeParam object| Anura object| intlTelInputUtils

8 Cookies

Domain/Path Name / Value
offers.propertyleadr.net/acorn-property-bond/ Name: ubpv
Value: a%2C6f35d39a-b0d1-45d2-bcd0-8c1b031d3d48
.adleadrperformance.com/ Name: sid
Value: NviAsQZ3yHPtI6VRhagfF+oC/s9Dy+xw1Lg8aTqAZRE2Kt/jDe/heQ==
.adleadrperformance.com/ Name: trk
Value: +nyVPSaNJfPKrmMidXb6geoC/s9Dy+xw1Lg8aTqAZRE2Kt/jDe/heQ==
.adleadrperformance.com/ Name: c407
Value: NviAsQZ3yHP9S+Ys5uevvG5+1Qf9WNktOJJZTHDIbUw=
offers.propertyleadr.net/ Name: ubvs
Value: 90f24d4a-1665-4dc6-bf0e-5e8a62ea9eae
.propertyleadr.net/ Name: ubvt
Value: v2%7C90f24d4a-1665-4dc6-bf0e-5e8a62ea9eae%7C6f35d39a-b0d1-45d2-bcd0-8c1b031d3d48%3Aa%3Asingle
.offers.propertyleadr.net/ Name: __cf_bm
Value: eyNuqSH72imi5ixJ494deV7LCiVAhkJGZqDJ_P.8QQw-1713940723-1.0.1.1-t1N_AVkjH55pkp3mxeOjC4kkecWjuqvjei6lD6eanVwBSsodiVVsIWNkoCk6Hv4AZ0Al6CoeIokY5TPA.8bzzg
.propertyleadr.net/ Name: _fbp
Value: fb.1.1713940724973.1192719274

2 Console Messages

Source Level URL
Text
other warning URL: https://connect.facebook.net/signals/config/2183216491990889?v=2.9.154&r=stable&domain=offers.propertyleadr.net&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105(Line 97)
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://offers.propertyleadr.net/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adleadrperformance.com
ads.anura.io
ajax.googleapis.com
builder-assets.unbounce.com
cdnjs.cloudflare.com
connect.facebook.net
d9hhrg4mnvzow.cloudfront.net
fonts.ub-assets.com
ipinfo.io
offers.propertyleadr.net
script.anura.io
www.facebook.com
www.propertie4less.info
104.17.25.14
13.224.189.14
13.32.99.123
142.250.186.106
157.240.0.35
157.240.0.6
172.64.153.235
18.135.89.82
18.66.147.40
185.24.219.112
3.160.156.5
34.117.186.192
54.76.124.8
00ee2a14dbde4361b87ee179eb2f13a28a2a82631efa215b4d22a255f5d0c9cc
01e9582655224c83e6c075f44b7eecb135e108b6ad2150bf6f78a0a77c4ad5e0
030801b28174a68b95a70fbf0e9a898c541fff1c2049ad40e8c179285531e1fd
044a3d2b6a7f40edd3819ee281871c25075a0fa54d7675730742f99515363ce5
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27fb21474cebf39c38065ba3d2448042f2ccb776a6e839a4b0706d49b0c7ae69
3d7ef5e2e19dac73892d74ca6abaa27e68bbd3726ad869e239712f2845a31cac
5229b46f27cf2bb93e31ebb5979f3ea23e57bd2ab2d7be6510ca233b06c91996
6681b60732beee623dc6d245c6ed4d85b496ee4ef352750cffb567ff633c97ac
6e1c3be98af0f5091cbe3e28e515bab230453f9d7c0b8e9d0282af12fd0bb5e1
73c54eec23bd5786eee2abde558ae996cc30db654cc6d513369ef8e6e1681de9
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
7b787207f29ffd5672ab91b95f681b387b4d6433081cc8b47070f1d564827863
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
8c0e60fe564204f7212e981e84dccc15221911aa597c238e9d0783f9151c652b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
a0d3c8a9b1167e28f688982b6f34a2246a2a2b0a56358950ead175f73944895c
ad32b1248207ba91fb945a37d38e7c9deafcba849245872203482db42930d491
b47c432bb59d3c8e38cfc78c94a132d53a6fd552483710410d29becf0df198d1
b7cf2d13eb1ad45f2ae186d69c092b0df4d6d7e6ef4b64021938ab52f187947a
c3f2a094e91a37f29622a63cbdfe8915024fe7097cf33265dc4185e1fdfafaa0
c70fdc78c4d3f17a89da68f7c8610e696a07270ad71a862205c8f72cb53a1687
cd8b79123a843eee64985a23257e2fab80ef2c4c08427b688ea979671fc1c457
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7af9d60d875eb1c1b1037bbbfdec41fcb096d0ebcf98a48717ad8b07906ced6
ead4835bb034d3977fd4aa92437a20fac37b2c67e0c22a5debc61468151d08d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f935a7948ac1a2058a45ed19e07839409f036362ba3fa5c82017597933782596
f95b9737e3a3a26d30777b228cccdb2ee983566f23b2258f66577d9823cdf7c3
fcb37d3e160b1398f333f3c919a10858083097dedac4c11f35343b58858ebb7e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e