leadmy.pl Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://trackhere.pl/842679?ld=2677
Effective URL:
https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref=
Submission: On April 29 via manual (April 29th 2022, 1:33:48 am UTC) from US — Scanned from DE

Summary HTTP 34 Redirects Behaviour Indicators

Summary

This website contacted 8 IPs in 2 countries across 9 domains to perform 34 HTTP transactions. The main IP is 2a06:98c1:3121::7, located in United States and belongs to CLOUDFLARENET, US. The main domain is leadmy.pl.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on November 28th 2021. Valid for: a year.

This is the only time leadmy.pl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
4	2a06:98c1:312... 2a06:98c1:3121::7	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	96.16.158.40 96.16.158.40	() ()
1	18.66.112.15 18.66.112.15	() ()
1	2a00:1450:400... 2a00:1450:4001:811::200e	() ()
34	8

4 2a06:98c1:3121::7 (United States)

ASN13335 (CLOUDFLARENET, US)

trackhere.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
leadmy.pl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 96.16.158.40 (None, )

ASN- ()

www.g2a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.15 (None, )

ASN- ()

www.gearbest.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (None, )

ASN- ()

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	leadmy.pl leadmy.pl	14 KB
2	gstatic.com fonts.gstatic.com	31 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 39 ajax.googleapis.com — Cisco Umbrella Rank: 270	35 KB
2	trackhere.pl trackhere.pl	51 KB
1	google-analytics.com www.google-analytics.com	20 KB
1	gearbest.com www.gearbest.com order.gearbest.com Failed
1	g2a.com www.g2a.com
0	gbtcdn.com Failed css.gbtcdn.com Failed uidesign.gbtcdn.com Failed
0	aliexpress.com Failed best.aliexpress.com Failed
34	9

	Domain	Requested by
2	leadmy.pl	leadmy.pl
2	fonts.gstatic.com	fonts.googleapis.com
2	trackhere.pl	trackhere.pl
1	www.google-analytics.com	leadmy.pl www.google-analytics.com
1	www.gearbest.com	leadmy.pl
1	www.g2a.com	leadmy.pl
1	ajax.googleapis.com	trackhere.pl
1	fonts.googleapis.com	trackhere.pl
0	uidesign.gbtcdn.com Failed	www.gearbest.com
0	order.gearbest.com Failed	www.gearbest.com
0	css.gbtcdn.com Failed	www.gearbest.com
0	best.aliexpress.com Failed	leadmy.pl
34	12

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-04` - `2022-12-03`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
www.g2a.com DigiCert SHA2 Extended Validation Server CA	`2021-08-25` - `2022-08-25`	a year	crt.sh
*.gearbest.com Go Daddy Secure Certificate Authority - G2	`2021-10-14` - `2022-06-03`	8 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref=
Frame ID: EBA8BDC0DE3E348B0387D407FB9E1FCE
Requests: 12 HTTP requests in this frame

Frame: https://www.g2a.com/n/reflink-381235804a
Frame ID: 47DAEDA95AB464F00B4A11DCC333D2B0
Requests: 1 HTTP requests in this frame

Frame: https://best.aliexpress.com/?aff_fcid=3b03e5494f1c44baa653ab862f617c2f-1651196027923-02024-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=3b03e5494f1c44baa653ab862f617c2f-1651196027923-02024-_d6GDFTu&terminal_id=82f7fcd0d4314f948a7394c3c4748018
Frame ID: 58613CAA053622E526FB53A042640351
Requests: 1 HTTP requests in this frame

Frame: https://www.gearbest.com/?lkid=78540179
Frame ID: 2BAADB8DB19107B4571AE4EF73F1E9AD
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://trackhere.pl/842679?ld=2677 Page URL
https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl... Page URL

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

34
Requests

32 %
HTTPS

71 %
IPv6

9
Domains

12
Subdomains

8
IPs

2
Countries

151 kB
Transfer

491 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://trackhere.pl/842679?ld=2677 Page URL
https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 8

https://s.click.aliexpress.com/e/_d6GDFTu HTTP 302
https://best.aliexpress.com/?aff_fcid=3b03e5494f1c44baa653ab862f617c2f-1651196027923-02024-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=3b03e5494f1c44baa653ab862f617c2f-1651196027923-02024-_d6GDFTu&terminal_id=82f7fcd0d4314f948a7394c3c4748018

34 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 842679 Show response
trackhere.pl/ 2 KB
1 KB 314ms
277ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://trackhere.pl/842679?ld=2677
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cf488d7282dd0a1304418d31ce7da897590afc3a454f7bc8b55fcd7466d6689a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private,no-store, no-cache
cf-cache-status: DYNAMIC
cf-ray: 70344a89da9d9202-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 01:33:43 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7M317ODy2YgCu30PlkXl2i%2BVjTr2EWcLz4AG5QRZcGwafV9DwFzCjg8TboTjhi1XXKsDLmuMgr8kEOJG%2FhSBMF3XSALXixd64YpR%2FmJ7azCAZRbHHj5WSGVZPpzvy%2FB%2FEHc9%2FgiHnahEwb8%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-robots-tag: noindex, nofollow

GET
H2 200 css
fonts.googleapis.com/ 4 KB
1 KB 68ms
23ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin-ext

Requested by

Host: trackhere.pl
URL: https://trackhere.pl/842679?ld=2677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

76f754050e2c29ed1ee0e170536af6dfb5b48721068bc9fe786633289b024272

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trackhere.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 29 Apr 2022 01:33:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 29 Apr 2022 01:33:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 29 Apr 2022 01:33:43 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
34 KB 58ms
13ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: trackhere.pl
URL: https://trackhere.pl/842679?ld=2677

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trackhere.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Mon, 25 Apr 2022 19:45:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 280095
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Apr 2023 19:45:28 GMT

GET
H2 200 img1.png
trackhere.pl/ 50 KB
50 KB 3748ms
3748ms Image
image/png 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trackhere.pl/img1.png
Requested by: Host: trackhere.pl
URL: https://trackhere.pl/842679?ld=2677
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://trackhere.pl/842679?ld=2677
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 01:33:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4430
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50823
last-modified: Fri, 13 Apr 2018 10:23:58 GMT
server: cloudflare
etag: "5ad0853e-c687"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iY92T8HVp56i3010j98yOzNe7cDb7TGmoid5e2RvAGGlzK7qSv9UBB3lfdev2GgNousndDCnTQZANVDffGj8lboLf4uFwNZYJbhk2tVnDvWdob90CmhD1HKRJdY7XLalAKxmmOxgw64pKS4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 70344a8bec209202-FRA

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 51ms
14ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trackhere.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 27 Apr 2022 17:58:32 GMT
x-content-type-options: nosniff
age: 113711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15732
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 27 Apr 2023 17:58:32 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
15 KB 298ms
262ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://trackhere.pl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 01:46:21 GMT
x-content-type-options: nosniff
age: 604042
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 22 Apr 2023 01:46:21 GMT

GET
H2 200 Primary Request BelJ Show response
leadmy.pl/p/TcAs/7mhb/ 2 KB
1 KB 372ms
325ms Document
text/html 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd8409ff34870bf409c035bb111f89f2970d67c8478dd5bb141e82db57b34260

Request headers

Referer: https://trackhere.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, no-store, private
cf-cache-status: DYNAMIC
cf-ray: 70344aa3bf929201-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 29 Apr 2022 01:33:47 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xk3bSYhQD2Wo9aDUJOfh%2BRxh%2Bl0S5FDyI%2B0x09gM%2Fjz7IQgRyjs%2FZHvdbkjFBl%2FIilkMGPpSPtBk3V8RhmDDaykGVywdRVBUxwS0ByinJs1dUx3wgMWmlI1leKeO3q2Waj8FJyKEUMk%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-robots-tag: noindex, nofollow

GET
H3 200 app.js Show response
leadmy.pl/js/ 32 KB
12 KB 31ms
15ms Script
application/javascript 2a06:98c1:3121::7
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leadmy.pl/js/app.js?id=8bd454b4c27f257a9cb1
Requested by: Host: leadmy.pl
URL: https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 404eaf6b5a1c24e8215fc66cdf8426c3207b53986b4e3ffa93a361ecdb733f62

Request headers

device-memory: 8
Referer: https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref=
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 29 Apr 2022 01:33:47 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 11 Feb 2022 12:26:16 GMT
server: cloudflare
age: 6236
etag: W/"620655e8-7ff7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XzoUesFda6qnvxhq2LsLa5uFrdLDp5v9Qch%2FdkTNuishlwwM5EKMsu6QrdgUXW8aM0cEC%2FVYfgvkq5xY0bBcyBNy6e%2FN%2BPbETes2XOiMq1M%2FIA5uLe5w5LrybR76w4ODhERMm%2BIkCes%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70344aa65c209a1b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 reflink-381235804a
www.g2a.com/n/ Frame 47DA 0
0 139ms
58ms Document
text/html 96.16.158.40

General

Check archive.org

Show headers Download Go to

Full URL

https://www.g2a.com/n/reflink-381235804a

Requested by

Host: leadmy.pl
URL: https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.158.40 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

Referer: https://leadmy.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 1273
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Fri, 29 Apr 2022 01:33:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-akamai-transformed: 9 2943 0 pmb=mTOE,3
x-frame-options: DENY

GET

/
best.aliexpress.com/ Frame 5861
Redirect Chain

https://s.click.aliexpress.com/e/_d6GDFTu
https://best.aliexpress.com/?aff_fcid=3b03e5494f1c44baa653ab862f617c2f-1651196027923-02024-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=3b03e5494f1c44baa653ab8...

0
0

GET
H2 200 /
www.gearbest.com/ Frame 2BAA 228 KB
0 79ms
18ms Document
text/html 18.66.112.15

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gearbest.com/?lkid=78540179
Requested by: Host: leadmy.pl
URL: https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.15 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://leadmy.pl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-methods: GET, POST
access-control-allow-origin: *
age: 185
cache-control: max-age=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Fri, 29 Apr 2022 01:30:42 GMT
etag: W/"28bbb6ef0a1e2b80eadd113423751883"
last-modified: Fri, 29 Apr 2022 01:21:41 GMT
ng-cache: HIT
vary: Accept-Encoding
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-id: ompSceC8NmMzPhiJnY1CY_kTBENyqwhuOXg6GHxtSGwds0e6zW67Qw==
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 98ms
13ms Script
text/javascript 2a00:1450:4001:811::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: leadmy.pl
URL: https://leadmy.pl/p/TcAs/7mhb/BelJ?ml_sub1=&ml_sub2=&ml_sub3=&ml_sub4=&ml_sub5=&dl=&dl_url=&dl_title=&ld=2677&ref=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://leadmy.pl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7137
date: Thu, 28 Apr 2022 23:34:50 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 29 Apr 2022 01:34:50 GMT

GET OpenSans-Bold.1b0edf9.woff2
css.gbtcdn.com/imagecache/gbw/fonts/ Frame 2BAA 0
0

GET OpenSans-Regular.73d5e4b.woff2
css.gbtcdn.com/imagecache/gbw/fonts/ Frame 2BAA 0
0

GET multiple-lang
order.gearbest.com/ Frame 2BAA 0
0

GET vendor-aee45228f701.css
css.gbtcdn.com/imagecache/gbw/css/ Frame 2BAA 0
0

GET manifest-e389716fc25a.js
css.gbtcdn.com/imagecache/gbw/js/ Frame 2BAA 0
0

GET polyfill_lib-08fbbbe2cc64.js
css.gbtcdn.com/imagecache/gbw/js/ Frame 2BAA 0
0

GET vendor-4ddb08680009.js
css.gbtcdn.com/imagecache/gbw/js/ Frame 2BAA 0
0

GET common_xx_template1-073154c1b14f.css
css.gbtcdn.com/imagecache/gbw/css/ Frame 2BAA 0
0

GET index_xx_template_1-f9a298ba92e9.css
css.gbtcdn.com/imagecache/gbw/css/ Frame 2BAA 0
0

GET logo_gearbest.png
uidesign.gbtcdn.com/GB/images/promotion/2019/a_evan/Gearbest/ Frame 2BAA 0
0

GET PC+1190X420-en.jpg
uidesign.gbtcdn.com/GB/image/8823/ Frame 2BAA 0
0

GET 8PC+230X120+EN.jpg
uidesign.gbtcdn.com/GB/image/8823/ Frame 2BAA 0
0

GET 20220418-164800.jpg
uidesign.gbtcdn.com/GB/image/8823/ Frame 2BAA 0
0

GET 230_120_en.jpg
uidesign.gbtcdn.com/GB/image/7257/ Frame 2BAA 0
0

GET 230x120b_en.jpg
uidesign.gbtcdn.com/GB/image/6874/ Frame 2BAA 0
0

GET new-logo.png
css.gbtcdn.com/imagecache/gbw/img/site/ Frame 2BAA 0
0

GET common_xx_template1-bc59659fe3b6.js
css.gbtcdn.com/imagecache/gbw/js/ Frame 2BAA 0
0

GET index_xx_template_1-86aeafcf1ca8.js
css.gbtcdn.com/imagecache/gbw/js/ Frame 2BAA 0
0

GET
DATA 200
OK truncated
/ Frame 2BAA 37 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

POST collect
www.google-analytics.com/j/ 0
0

POST collect
www.google-analytics.com/ 0
0

POST finger
leadmy.pl/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: best.aliexpress.com
URL: https://best.aliexpress.com/?aff_fcid=3b03e5494f1c44baa653ab862f617c2f-1651196027923-02024-_d6GDFTu&aff_fsk=_d6GDFTu&aff_platform=portals-promotion&sk=_d6GDFTu&aff_trace_key=3b03e5494f1c44baa653ab862f617c2f-1651196027923-02024-_d6GDFTu&terminal_id=82f7fcd0d4314f948a7394c3c4748018

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/fonts/OpenSans-Bold.1b0edf9.woff2

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/fonts/OpenSans-Regular.73d5e4b.woff2

Domain: order.gearbest.com
URL: https://order.gearbest.com/multiple-lang?lang=en&b1

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/css/vendor-aee45228f701.css?pro

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/js/manifest-e389716fc25a.js?pro

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/js/polyfill_lib-08fbbbe2cc64.js?pro

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/js/vendor-4ddb08680009.js?pro

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/css/common_xx_template1-073154c1b14f.css?pro

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/css/index_xx_template_1-f9a298ba92e9.css?pro

Domain: uidesign.gbtcdn.com
URL: https://uidesign.gbtcdn.com/GB/images/promotion/2019/a_evan/Gearbest/logo_gearbest.png?imbypass=true

Domain: uidesign.gbtcdn.com
URL: https://uidesign.gbtcdn.com/GB/image/8823/PC+1190X420-en.jpg

Domain: uidesign.gbtcdn.com
URL: https://uidesign.gbtcdn.com/GB/image/8823/8PC+230X120+EN.jpg

Domain: uidesign.gbtcdn.com
URL: https://uidesign.gbtcdn.com/GB/image/8823/20220418-164800.jpg

Domain: uidesign.gbtcdn.com
URL: https://uidesign.gbtcdn.com/GB/image/7257/230_120_en.jpg?imbypass=true

Domain: uidesign.gbtcdn.com
URL: https://uidesign.gbtcdn.com/GB/image/6874/230x120b_en.jpg

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/img/site/new-logo.png

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/js/common_xx_template1-bc59659fe3b6.js?pro

Domain: css.gbtcdn.com
URL: https://css.gbtcdn.com/imagecache/gbw/js/index_xx_template_1-86aeafcf1ca8.js?pro

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2100859527&t=pageview&_s=1&dl=https%3A%2F%2Fleadmy.pl%2Fp%2FTcAs%2F7mhb%2FBelJ%3Fml_sub1%3D%26ml_sub2%3D%26ml_sub3%3D%26ml_sub4%3D%26ml_sub5%3D%26dl%3D%26dl_url%3D%26dl_title%3D%26ld%3D2677%26ref%3D&dr=https%3A%2F%2Ftrackhere.pl%2F&ul=en-us&de=UTF-8&dt=leadmy.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2115903438&gjid=1307768733&cid=1364759272.1651196028&tid=UA-110090096-2&_gid=1749480551.1651196028&_r=1&_slc=1&z=2126503338

Domain: www.google-analytics.com
URL: https://www.google-analytics.com/collect

Domain: leadmy.pl
URL: https://leadmy.pl/finger

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	Message: Refused to frame 'https://www.g2a.com/' because an ancestor violates the following Content Security Policy directive: "frame-ancestors 'none'".
other	error	URL: chrome-error://chromewebdata/ Message: Refused to display 'https://best.aliexpress.com/' in a frame because it set 'X-Frame-Options' to 'deny'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
best.aliexpress.com
css.gbtcdn.com
fonts.googleapis.com
fonts.gstatic.com
leadmy.pl
order.gearbest.com
trackhere.pl
uidesign.gbtcdn.com
www.g2a.com
www.gearbest.com
www.google-analytics.com
best.aliexpress.com
css.gbtcdn.com
leadmy.pl
order.gearbest.com
uidesign.gbtcdn.com
www.google-analytics.com
18.66.112.15
2a00:1450:4001:800::200a
2a00:1450:4001:811::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200a
2a06:98c1:3121::7
96.16.158.40
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
404eaf6b5a1c24e8215fc66cdf8426c3207b53986b4e3ffa93a361ecdb733f62
76f754050e2c29ed1ee0e170536af6dfb5b48721068bc9fe786633289b024272
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cf488d7282dd0a1304418d31ce7da897590afc3a454f7bc8b55fcd7466d6689a
fd8409ff34870bf409c035bb111f89f2970d67c8478dd5bb141e82db57b34260

leadmy.pl Open in urlscan Pro 2a06:98c1:3121::7 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

34 Requests

32 %HTTPS

71 %IPv6

9 Domains

12 Subdomains

8 IPs

2 Countries

151 kBTransfer

491 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

34 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

2 Console Messages

Indicators

leadmy.pl Open in urlscan Pro
2a06:98c1:3121::7 Public Scan

Screenshot
Live screenshot

Full Image

34
Requests

32 %
HTTPS

71 %
IPv6

9
Domains

12
Subdomains

8
IPs

2
Countries

151 kB
Transfer

491 kB
Size

0
Cookies

34 HTTP transactions
0 data transactions