urlscan.io logo urlscan.io
SecurityTrails logo

secure.safelead.net Open in urlscan Pro
2606:4700:20::6818:431  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://hammontonfallfest.com/link.php?M=586393&N=56&L=18&F=H
Effective URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Submission: On February 26 via api from BE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 3 countries across 7 domains to perform 41 HTTP transactions. The main IP is 2606:4700:20::6818:431, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.safelead.net.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 1st 2019. Valid for: 6 months.
This is the only time secure.safelead.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 45.11.194.149 208996 (NETNAMS)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
32 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
2 23.111.9.35 33438 (HIGHWINDS2)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
41 5
1    45.11.194.149 (Lithuania)

ASN208996 (NETNAMS, LT)
PTR: hammontonfallfest.com
hammontonfallfest.com
1    2606:4700:20::6819:e367 (United States)

ASN13335 (CLOUDFLARENET, US)
ndt5.net
32    2606:4700:20::6818:431 (United States)

ASN13335 (CLOUDFLARENET, US)
secure.safelead.net
3    2606:4700::6811:4004 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    23.111.9.35 (Phoenix, United States)

ASN33438 (HIGHWINDS2, US)
use.fontawesome.com
2    2a00:1450:4001:81b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a00:1450:4001:81e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
32 secure.safelead.net secure.safelead.net
3 cdnjs.cloudflare.com secure.safelead.net
2 fonts.gstatic.com secure.safelead.net
2 fonts.googleapis.com secure.safelead.net
2 use.fontawesome.com secure.safelead.net
1 ndt5.net 1 redirects
1 hammontonfallfest.com 1 redirects
41 7

This site contains no links.

Subject Issuer Validity Valid
ssl380649.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-01 -
2020-06-08		 6 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-12-05 -
2020-06-12		 6 months crt.sh
*.fontawesome.com
DigiCert SHA2 Secure Server CA		 2019-10-28 -
2020-12-23		 a year crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-02-12 -
2020-05-06		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Frame ID: BA7B3E8497D4612BB4CD9B47AC6FAE6A
Requests: 41 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://hammontonfallfest.com/link.php?M=586393&N=56&L=18&F=H HTTP 302
    https://ndt5.net/c/?si=14195&li=1612209&wi=330187&ws=&ws=mrolland@scarlet.be&ws2=2&ws3=10 HTTP 301
    https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href="https:\/\/use\.fontawesome\.com\/releases\/v([^>]+)\/css\//i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

41
Requests

100 %
HTTPS

71 %
IPv6

7
Domains

7
Subdomains

5
IPs

3
Countries

1294 kB
Transfer

1721 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://hammontonfallfest.com/link.php?M=586393&N=56&L=18&F=H HTTP 302
    https://ndt5.net/c/?si=14195&li=1612209&wi=330187&ws=&ws=mrolland@scarlet.be&ws2=2&ws3=10 HTTP 301
    https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.safelead.net/14195/
Redirect Chain
  • http://hammontonfallfest.com/link.php?M=586393&N=56&L=18&F=H
  • https://ndt5.net/c/?si=14195&li=1612209&wi=330187&ws=&ws=mrolland@scarlet.be&ws2=2&ws3=10
  • https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
30 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe264281f4c39208cb7d80beb0d104c0f2ec11ab5d34569341be1248f53cf677
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options allow from *

Request headers

:method
GET
:authority
secure.safelead.net
:scheme
https
:path
/14195/?dci=GdYV03onrkxxcGK
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 26 Feb 2020 13:18:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=de04bd58e67e5a7b9a24e8a4492e7a2af1582723126; expires=Fri, 27-Mar-20 13:18:46 GMT; path=/; domain=.safelead.net; HttpOnly; SameSite=Lax PHPSESSID=fbb301a45e0f79e889096595ec55dc06; expires=Wed, 26-Feb-2020 16:18:46 GMT; Max-Age=10800; path=/; HttpOnly
access-control-allow-origin
*
x-frame-options
allow from *
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers
P3p, Cache-Control, Expires, Content-Length, Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
vary
Accept-Encoding
x-daisycon-cluster
vm-www01
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56b234f1ea25d705-FRA
content-encoding
br

Redirect headers

status
301
date
Wed, 26 Feb 2020 13:18:46 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d0cd1335756cecbc17ea33d5a4e023dfd1582723125; expires=Fri, 27-Mar-20 13:18:45 GMT; path=/; domain=.ndt5.net; HttpOnly; SameSite=Lax; Secure dci=GdYV03onrkxxcGK; expires=Fri, 26-Feb-2021 13:18:45 GMT; Max-Age=31622400; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None pdc=GdYV03onrkxxcGK; expires=Wed, 24-Feb-2021 13:18:45 GMT; Max-Age=31449600; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None PHPSESSID=789c734f890c3330cecf2bcaaea84876f70600297c055d; expires=Wed, 24-Feb-2021 13:18:45 GMT; Max-Age=31449600; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None ci_14195=d2leMzMwMTg3LGReMTU4MjcyMzEyNSxjY145Mzc5OSxsaV4xNjEyMjA5LHBpZF4sd3NebXJvbGxhbmRAc2NhcmxldC5iZSxkY2leR2RZVjAzb25ya3h4Y0dL; expires=Sat, 06-Jun-2020 13:18:44 GMT; Max-Age=8726399; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM", policyref="https://ndt5.net/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
0
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers
P3p, Cache-Control, Expires, Content-Length, Content-Type
location
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
x-daisycon-cluster
vm-www02
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
56b234f0df68bed8-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
cf-cache-status
HIT
age
10304472
cf-ray
56b234f25b18dfeb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-16bac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 15 Feb 2021 13:18:46 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.004
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/css/ 		141 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/css/bootstrap.min.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
cf-cache-status
HIT
age
10217349
cf-ray
56b234f24b16dfeb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:26:04 GMT
server
cloudflare
etag
W/"5afd4aac-235ed"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
expires
Mon, 15 Feb 2021 13:18:46 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.003
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/ 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.0.0/js/bootstrap.min.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:4004 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
cf-cache-status
HIT
age
10304468
cf-ray
56b234f25b1adfeb-FRA
status
200
strict-transport-security
max-age=15780000; includeSubDomains
alt-svc
h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
last-modified
Thu, 17 May 2018 09:26:04 GMT
server
cloudflare
etag
W/"5afd4aac-bf30"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Mon, 15 Feb 2021 13:18:46 GMT
cache-control
public, max-age=30672000
timing-allow-origin
*
served-in-seconds
0.001
all.css
use.fontawesome.com/releases/v5.8.1/css/ 		54 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Origin
https://secure.safelead.net
Sec-Fetch-Dest
style
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
gzip
last-modified
Thu, 21 Mar 2019 21:31:35 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
W/"e4c542a7f6bf6f74fdd8cdf6e8096396"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/css
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
animate.css
secure.safelead.net/images/campaigns/14195/ 		71 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/images/campaigns/14195/animate.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
W/"11cda-5884a97d79a00-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-daisycon-cluster
vm-www01
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
56b234f25b72d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
style.css
secure.safelead.net/images/campaigns/14195/ 		27 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/images/campaigns/14195/style.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f76787f8928e563f12cc90bc6d9daefaf7a7e92dbcb1bab728b69e0157a2681c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
W/"6b7f-5884a97e6dc40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-daisycon-cluster
vm-www02
content-type
text/css
status
200
cache-control
max-age=14400
cf-ray
56b234f25b75d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
wow.min.js
secure.safelead.net/js/campaigns/14195/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/js/campaigns/14195/wow.min.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d0db9a6ad7b58bda75ae6cce2704ec3ad92384c50e75943faa2231c7fc306d0a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
77329
x-daisycon-cluster
vm-www03
status
200
last-modified
Tue, 07 May 2019 11:34:15 GMT
server
cloudflare
etag
W/"2586-5884a98bc7bc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=345600
cf-ray
56b234f25b78d705-FRA
expires
Sat, 29 Feb 2020 15:49:57 GMT
css
fonts.googleapis.com/ 		906 B
531 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Pathway+Gothic+One
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
67528cc39522593fbc277d468bf0e60c2d365a7468ba94dbafff164ccd737106
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Feb 2020 13:18:46 GMT
server
ESF
date
Wed, 26 Feb 2020 13:18:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Feb 2020 13:18:46 GMT
css
fonts.googleapis.com/ 		8 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300italic,700
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f664b65ad9847c8a2f03f769828686616055dae2766d5d380266b2678136017e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
style

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 26 Feb 2020 13:18:46 GMT
server
ESF
date
Wed, 26 Feb 2020 13:18:46 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 26 Feb 2020 13:18:46 GMT
logo.png
secure.safelead.net/images/campaigns/14195/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/logo.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f0893980bc84a84a745b0ef3c5f68d5afd7f1d24ab06153b8c0b6711c00906c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
pngoptimizer, origSize=29528
x-daisycon-cluster
vm-www03
status
200
content-length
22499
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
"7358-5884a97e6dc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f25b7dd705-FRA
cf-bgj
imgq:85
capsule.png
secure.safelead.net/images/campaigns/14195/ 		340 KB
340 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/capsule.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b0e4e6b875d0b6c8fb3f0296588bee7e6a1a5e3d22c8a6573d3c49b822152705
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=363009
x-daisycon-cluster
vm-www02
status
200
content-length
347854
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"58a01-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f25b7ed705-FRA
cf-bgj
imgq:85
37981090.jpg
secure.safelead.net/images/campaigns/14195/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/37981090.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
619d3ee51a2d229d02d85830d764996ed2e6a55b8c1957192505c6566807d19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www01
status
200
content-length
28273
last-modified
Tue, 07 May 2019 11:33:59 GMT
server
cloudflare
etag
"6e71-5884a97c857c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bcc7d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
ban2.jpg
secure.safelead.net/images/campaigns/14195/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/ban2.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d40c4efd3c66403be3f099fb6f1b2cafb489bfd8ffa4429f9877aa8d1138e10b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=20070
x-daisycon-cluster
vm-www02
status
200
content-length
15972
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"4e66-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bcc9d705-FRA
cf-bgj
imgq:85
ban3.jpg
secure.safelead.net/images/campaigns/14195/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/ban3.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ef5c9f32e893c73f54cad07a30cc4219d48168b9b67b040774dc9c3f7073fa0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=29322
x-daisycon-cluster
vm-www01
status
200
content-length
22421
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"728a-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bccbd705-FRA
cf-bgj
imgq:85
ban4.jpg
secure.safelead.net/images/campaigns/14195/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/ban4.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f58e0d10e1050b3f76d80ae5ae89b9c5086c0d83e5c6fc784dbd5e6dc01c493
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=19890
x-daisycon-cluster
vm-www03
status
200
content-length
16345
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"4db2-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bccdd705-FRA
cf-bgj
imgq:85
wom2.jpg
secure.safelead.net/images/campaigns/14195/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/wom2.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6862d0dd9cb33784bd62ec03646a020bf96866942796e3c2483a741f349c4aec
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=23860
x-daisycon-cluster
vm-www02
status
200
content-length
18618
last-modified
Tue, 07 May 2019 11:34:02 GMT
server
cloudflare
etag
"5d34-5884a97f61e80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bcd2d705-FRA
cf-bgj
imgq:85
wom1.jpg
secure.safelead.net/images/campaigns/14195/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/wom1.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5984da132dabd4ea201cc992b5c1d8a54c0228f0ad5a4860ee89629c7e1f3478
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=17917
x-daisycon-cluster
vm-www02
status
200
content-length
14617
last-modified
Tue, 07 May 2019 11:34:02 GMT
server
cloudflare
etag
"45fd-5884a97f61e80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bd01d705-FRA
cf-bgj
imgq:85
516327724.jpg
secure.safelead.net/images/campaigns/14195/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/516327724.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3126bbe6594ca954c3e5536105ed985693c4ab1259b0ec89f9435a8b232ce4d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www01
status
200
content-length
56659
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"dd53-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bd07d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
777267028.jpg
secure.safelead.net/images/campaigns/14195/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/777267028.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a7462b628497230d72a0be4299f40df4feeeca77a194b0b76c6d0c4cf28238d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=36824
x-daisycon-cluster
vm-www02
status
200
content-length
30883
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"8fd8-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bd0bd705-FRA
cf-bgj
imgq:85
running.jpg
secure.safelead.net/images/campaigns/14195/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/running.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edeb61eae0d95636714180facc64b31754699f1b705202088157c9ecad57cbee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=32739
x-daisycon-cluster
vm-www02
status
200
content-length
27113
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
"7fe3-5884a97e6dc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bd10d705-FRA
cf-bgj
imgq:85
box_left.png
secure.safelead.net/images/campaigns/14195/ 		284 KB
285 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/box_left.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f12d0d86e4d9ea4207c0d827be97499fc6411696b796e07578c69ef7c2b46304
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www02
status
200
content-length
290955
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"4708b-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bd12d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
logo_small.png
secure.safelead.net/images/campaigns/14195/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/logo_small.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4482e11aac56189a1ba58d876dfe9601ee2a7bb75ebba580cee20c9ce07c91cf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=4097
x-daisycon-cluster
vm-www01
status
200
content-length
2864
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
"1001-5884a97e6dc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2bd16d705-FRA
cf-bgj
imgq:85
email-decode.min.js
secure.safelead.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Wed, 19 Feb 2020 10:15:58 GMT
server
cloudflare
etag
W/"5e4d0ade-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
56b234f29c3cd705-FRA
expires
Fri, 28 Feb 2020 13:18:46 GMT
validation.js
secure.safelead.net/js/ 		41 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/js/validation.js?v1.1.1
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e64536b0b9ba2d55314a637c90e41c143e27a90fa1c0181f3801fce2c6ef9dee
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
82537
x-daisycon-cluster
vm-www01
status
200
last-modified
Wed, 11 Dec 2019 05:54:03 GMT
server
cloudflare
etag
W/"a4ca-59967417dd4c0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=345600
cf-ray
56b234f2ac7fd705-FRA
expires
Sat, 29 Feb 2020 14:23:09 GMT
custom.js
secure.safelead.net/js/campaigns/14195/ 		438 B
321 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/js/campaigns/14195/custom.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff71f0ae07265d6cf94709629fb8495ca19a440eff692518c4b3e4b35d435e72
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
script

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
77327
x-daisycon-cluster
vm-www03
status
200
last-modified
Tue, 07 May 2019 11:34:15 GMT
server
cloudflare
etag
W/"1b6-5884a98bc7bc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=345600
cf-ray
56b234f2bcbfd705-FRA
expires
Sat, 29 Feb 2020 15:49:59 GMT
fairtrade.jpg
secure.safelead.net/images/campaigns/14195/ 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/fairtrade.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a486536f6ccd025780cbafcc81f793f450a288e07a840bedc1da9c71abe3ae44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=323455
x-daisycon-cluster
vm-www03
status
200
content-length
78505
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
"4ef7f-5884a97e6dc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2cd27d705-FRA
cf-bgj
imgq:85
MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1ZfTc4PlA.woff2
fonts.gstatic.com/s/pathwaygothicone/v8/ 		7 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/pathwaygothicone/v8/MwQrbgD32-KAvjkYGNUUxAtW7pEBwx-tS1ZfTc4PlA.woff2
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c3913b157dddafafe9d6b463ccf288bcc359c20e33c90c3c4120d00944d6e50
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Pathway+Gothic+One
Origin
https://secure.safelead.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 23 Jan 2020 18:54:06 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 23:53:07 GMT
server
sffe
age
2917480
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
7628
x-xss-protection
0
expires
Fri, 22 Jan 2021 18:54:06 GMT
_intro.jpg
secure.safelead.net/images/campaigns/14195/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/_intro.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb7d24cb01d14e37eb22a5bfd0790c1e8985a8d46f20ab4687ec7702f28c0401
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
degrade=85, origSize=64080
x-daisycon-cluster
vm-www03
status
200
content-length
17192
last-modified
Tue, 07 May 2019 11:34:02 GMT
server
cloudflare
etag
"fa50-5884a97f61e80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2cd31d705-FRA
cf-bgj
imgq:85
01.png
secure.safelead.net/images/campaigns/14195/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/01.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faddc39d92d50de450dc3864f4d8d89bdf4a57054a4cba8b6ba0babf5c9af7c7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=53471
x-daisycon-cluster
vm-www02
status
200
content-length
50391
last-modified
Tue, 07 May 2019 11:33:59 GMT
server
cloudflare
etag
"d0df-5884a97c857c0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2cd34d705-FRA
cf-bgj
imgq:85
Q10.png
secure.safelead.net/images/campaigns/14195/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/Q10.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7deab906f72df62082f18e4fac700dd3f86802491f0564b8020267883c3411e6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www02
status
200
content-length
22918
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
"5986-5884a97e6dc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2cd44d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
intellectual.svg
secure.safelead.net/images/campaigns/14195/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/intellectual.svg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bbfebcc72c81917fcb339a02e7f571b2f93f7f7322d0016e6023a1bf35a9b1dd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
W/"1ccb-5884a97e6dc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-daisycon-cluster
vm-www03
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
56b234f2cd46d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
tiptoe-feet-outline.svg
secure.safelead.net/images/campaigns/14195/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/tiptoe-feet-outline.svg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f511ab7375605d19a26ec257b6e81dc02c36d8bb032d0d74b67c42badd3b5e9a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 07 May 2019 11:34:02 GMT
server
cloudflare
etag
W/"cdf-5884a97f91c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-daisycon-cluster
vm-www03
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
56b234f2cd47d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
view.svg
secure.safelead.net/images/campaigns/14195/ 		2 KB
935 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/view.svg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc80357308da2fbc7f98b502a2fe22cf0ad39f15df070d98d951e9f057dcd06a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Tue, 07 May 2019 11:34:02 GMT
server
cloudflare
etag
W/"690-5884a97f91c31"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-daisycon-cluster
vm-www03
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
56b234f2dd4ad705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
virus.svg
secure.safelead.net/images/campaigns/14195/ 		7 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/virus.svg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb2aeca2c74614cdd9cfb887a7ac73cae3e56909476ac0718fd7d3c15ddae17
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 07 May 2019 11:34:02 GMT
server
cloudflare
etag
W/"1ccd-5884a97f61e80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-daisycon-cluster
vm-www01
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
56b234f2dd4dd705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
muscle-fiber.svg
secure.safelead.net/images/campaigns/14195/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/muscle-fiber.svg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e6882652edfe25538f7480768c39de97077da94391dd4d7ed642bb9ba70873d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
W/"18d7-5884a97e6dc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-daisycon-cluster
vm-www03
content-type
image/svg+xml
status
200
cache-control
max-age=14400
cf-ray
56b234f2dd50d705-FRA
expires
Wed, 26 Feb 2020 17:18:46 GMT
d_e_c.png
secure.safelead.net/images/campaigns/14195/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/d_e_c.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8ab1b082f65b169ee7d20dcea6c5554757dd495b38d568a31a33504f3f4451e
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
origSize=21529
x-daisycon-cluster
vm-www01
status
200
content-length
16385
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"5419-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2dd53d705-FRA
cf-bgj
imgq:85
bullet_leaf_3.png
secure.safelead.net/images/campaigns/14195/ 		718 B
868 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/14195/bullet_leaf_3.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc23c8c5c67811f831734db94550cfee537cece56fe7946afb83e5a6e6d0367
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Dest
image

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
cf-polished
pngoptimizer, origSize=2005
x-daisycon-cluster
vm-www03
status
200
content-length
718
last-modified
Tue, 07 May 2019 11:34:00 GMT
server
cloudflare
etag
"7d5-5884a97d79a00"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
expires
Wed, 26 Feb 2020 17:18:46 GMT
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2dd56d705-FRA
cf-bgj
imgq:85
GothamLight.woff
secure.safelead.net/images/campaigns/14195/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/images/campaigns/14195/GothamLight.woff
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6818:431 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4660083d433a337e93ca56c72381b42ed7fd5c9cc7b79e2b259d71273960c540
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/14195/style.css
Origin
https://secure.safelead.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
last-modified
Tue, 07 May 2019 11:34:01 GMT
server
cloudflare
etag
"6b80-5884a97e6dc40"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-daisycon-cluster
vm-www01
status
200
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
56b234f2dd58d705-FRA
content-length
27520
expires
Wed, 26 Feb 2020 13:18:46 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.8.1/webfonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.8.1/webfonts/fa-solid-900.woff2
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
23.111.9.35 Phoenix, United States, ASN33438 (HIGHWINDS2, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe

Request headers

Referer
https://use.fontawesome.com/releases/v5.8.1/css/all.css
Origin
https://secure.safelead.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 26 Feb 2020 13:18:46 GMT
last-modified
Thu, 21 Mar 2019 21:32:28 GMT
server
NetDNA-cache/2.2
access-control-allow-origin
*
etag
"418dad87601f9c8abd0e5798c0dc1feb"
vary
Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
font/woff2
status
200
access-control-max-age
3000
cache-control
max-age=31556926
x-cache
HIT
accept-ranges
bytes
content-length
74256
z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMR7eS2Ao.woff2
fonts.gstatic.com/s/opensanscondensed/v14/ 		9 KB
9 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensanscondensed/v14/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff1GhDuXMR7eS2Ao.woff2
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/14195/?dci=GdYV03onrkxxcGK
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8cd670b102dbdc8bcbcd51b932c5df791e509d703077650e0ccdc216b50d91b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/css?family=Open+Sans+Condensed:300,300italic,700
Origin
https://secure.safelead.net
Sec-Fetch-Dest
font
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 01:56:58 GMT
x-content-type-options
nosniff
last-modified
Mon, 22 Jul 2019 19:18:10 GMT
server
sffe
age
2373708
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
8876
x-xss-protection
0
expires
Fri, 29 Jan 2021 01:56:58 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| bootstrap object| jQuery110209593417431052547 function| WOW string| initCountry string| initLanguage boolean| initValidateAddressFlag object| Base64 function| getQueryParam function| isValidDate function| calculateAge function| ibanElevenTest string| language string| country boolean| validateAddressFlag object| prefillFields object| languages object| countries object| country_phone_codes object| country_phone_number_min_length object| country_phone_number_max_length object| country_zipcode_length object| country_iban_regex object| translations function| determineCountryLanguage function| determineValidateAddressFlag function| insertHiddenFields function| determineUserAgent function| determineClickDate function| determineCountry function| processQueryString function| insertValidationField function| updateValidationField function| setValidationErrorOptions function| validateInitials function| validateBirthdate function| validateInsertion function| validateFirstName function| validateSurname function| validateName function| validateZipcode function| validateHouseNumber function| validateAddition function| validateHouseNumberZipcode function| validateAddress function| validateStreet function| validateCity function| validateEmail function| validatePhone function| validateIBAN function| showLoader function| hideLoader function| handleSubmit function| validateTerms function| customHandleSubmit

2 Cookies

Domain/Path Name / Value
secure.safelead.net/ Name: PHPSESSID
Value: fbb301a45e0f79e889096595ec55dc06
.safelead.net/ Name: __cfduid
Value: de04bd58e67e5a7b9a24e8a4492e7a2af1582723126

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options allow from *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
hammontonfallfest.com
ndt5.net
secure.safelead.net
use.fontawesome.com
23.111.9.35
2606:4700:20::6818:431
2606:4700:20::6819:e367
2606:4700::6811:4004
2a00:1450:4001:81b::200a
2a00:1450:4001:81e::2003
45.11.194.149
0c3913b157dddafafe9d6b463ccf288bcc359c20e33c90c3c4120d00944d6e50
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2ef5c9f32e893c73f54cad07a30cc4219d48168b9b67b040774dc9c3f7073fa0
4482e11aac56189a1ba58d876dfe9601ee2a7bb75ebba580cee20c9ce07c91cf
4660083d433a337e93ca56c72381b42ed7fd5c9cc7b79e2b259d71273960c540
5984da132dabd4ea201cc992b5c1d8a54c0228f0ad5a4860ee89629c7e1f3478
5a7462b628497230d72a0be4299f40df4feeeca77a194b0b76c6d0c4cf28238d
5f58e0d10e1050b3f76d80ae5ae89b9c5086c0d83e5c6fc784dbd5e6dc01c493
619d3ee51a2d229d02d85830d764996ed2e6a55b8c1957192505c6566807d19c
67528cc39522593fbc277d468bf0e60c2d365a7468ba94dbafff164ccd737106
6862d0dd9cb33784bd62ec03646a020bf96866942796e3c2483a741f349c4aec
7deab906f72df62082f18e4fac700dd3f86802491f0564b8020267883c3411e6
7e6882652edfe25538f7480768c39de97077da94391dd4d7ed642bb9ba70873d
88683b0a41b07f465377c8846933bdfb1e57fc9a54accef3e5fd0125bd052cc7
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
a486536f6ccd025780cbafcc81f793f450a288e07a840bedc1da9c71abe3ae44
aeb2aeca2c74614cdd9cfb887a7ac73cae3e56909476ac0718fd7d3c15ddae17
b0e4e6b875d0b6c8fb3f0296588bee7e6a1a5e3d22c8a6573d3c49b822152705
bb7d24cb01d14e37eb22a5bfd0790c1e8985a8d46f20ab4687ec7702f28c0401
bbfebcc72c81917fcb339a02e7f571b2f93f7f7322d0016e6023a1bf35a9b1dd
c8ab1b082f65b169ee7d20dcea6c5554757dd495b38d568a31a33504f3f4451e
d0db9a6ad7b58bda75ae6cce2704ec3ad92384c50e75943faa2231c7fc306d0a
d40c4efd3c66403be3f099fb6f1b2cafb489bfd8ffa4429f9877aa8d1138e10b
d8cd670b102dbdc8bcbcd51b932c5df791e509d703077650e0ccdc216b50d91b
dc80357308da2fbc7f98b502a2fe22cf0ad39f15df070d98d951e9f057dcd06a
e64536b0b9ba2d55314a637c90e41c143e27a90fa1c0181f3801fce2c6ef9dee
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
ecc23c8c5c67811f831734db94550cfee537cece56fe7946afb83e5a6e6d0367
edeb61eae0d95636714180facc64b31754699f1b705202088157c9ecad57cbee
eeb17a45a48aca1d7adbcf04de155dcd0b47cb36ad036310446bb471fea9aaa3
f0893980bc84a84a745b0ef3c5f68d5afd7f1d24ab06153b8c0b6711c00906c1
f12d0d86e4d9ea4207c0d827be97499fc6411696b796e07578c69ef7c2b46304
f18c486a80175cf02fee0e05c2b4acd86c04cdbaecec61c1ef91f920509b5efe
f3126bbe6594ca954c3e5536105ed985693c4ab1259b0ec89f9435a8b232ce4d
f511ab7375605d19a26ec257b6e81dc02c36d8bb032d0d74b67c42badd3b5e9a
f664b65ad9847c8a2f03f769828686616055dae2766d5d380266b2678136017e
f76787f8928e563f12cc90bc6d9daefaf7a7e92dbcb1bab728b69e0157a2681c
faddc39d92d50de450dc3864f4d8d89bdf4a57054a4cba8b6ba0babf5c9af7c7
fe264281f4c39208cb7d80beb0d104c0f2ec11ab5d34569341be1248f53cf677
ff71f0ae07265d6cf94709629fb8495ca19a440eff692518c4b3e4b35d435e72