urlscan.io logo urlscan.io
SecurityTrails logo

www.freenights.net Open in urlscan Pro
52.50.18.181  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.eroyoutube.com/
Effective URL: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD...
Submission: On May 21 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 7 countries across 13 domains to perform 19 HTTP transactions. The main IP is 52.50.18.181, located in Dublin, Ireland and belongs to AMAZON-02 - Amazon.com, Inc., US. The main domain is www.freenights.net.
TLS certificate: Issued by Let's Encrypt Authority X3 on May 20th 2019. Valid for: 3 months.
This is the only time www.freenights.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 185.253.212.22 48707 (GREENER-AS)
1 1 185.253.212.10 48707 (GREENER-AS)
3 2606:4700:30:... 13335 ()
1 104.20.22.137 13335 (CLOUDFLAR...)
1 23.37.56.132 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 52.50.18.181 16509 (AMAZON-02)
6 2.16.186.115 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
19 11
1    185.253.212.22 (Poland)

ASN48707 (GREENER-AS, PL)
www.eroyoutube.com
1    185.253.212.10 (Poland)

ASN48707 (GREENER-AS, PL)
track.aftermarket.pl
3    2606:4700:30::6812:3ea5 (United States)

ASN13335 (,)
leadmy.pl
1    104.20.22.137 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
auth.bitbay.net
1    23.37.56.132 (Netherlands)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a23-37-56-132.deploy.static.akamaitechnologies.com
www.g2a.com
1    2606:4700:20::6819:6a6e (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
app.autoinvestor.io
1    2606:4700:10::6814:1132 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
web.bitpanda.com
3    2a00:1450:4001:817::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    2a00:1450:400c:c08::9a (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
2    52.50.18.181 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-50-18-181.eu-west-1.compute.amazonaws.com
kmdvr.localslut.club
www.freenights.net
6    2.16.186.115 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-115.deploy.static.akamaitechnologies.com
cdn-aimi.akamaized.net
1    2a00:1450:4001:81e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagmanager.com
Domain Requested by
6 cdn-aimi.akamaized.net www.freenights.net
3 www.google-analytics.com 1 redirects leadmy.pl
www.google-analytics.com
3 leadmy.pl www.eroyoutube.com
leadmy.pl
1 www.googletagmanager.com www.freenights.net
1 www.freenights.net leadmy.pl
1 kmdvr.localslut.club 1 redirects
1 stats.g.doubleclick.net leadmy.pl
1 web.bitpanda.com leadmy.pl
1 app.autoinvestor.io leadmy.pl
1 www.g2a.com leadmy.pl
1 auth.bitbay.net leadmy.pl
1 track.aftermarket.pl 1 redirects
1 www.eroyoutube.com
19 13

This site contains no links.

Subject Issuer Validity Valid
0j.pl
Let's Encrypt Authority X3		 2019-04-09 -
2019-07-08		 3 months crt.sh
sni53744.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-14 -
2019-10-21		 6 months crt.sh
ssl368168.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-03-20 -
2019-09-26		 6 months crt.sh
www.g2a.com
DigiCert SHA2 Extended Validation Server CA		 2018-04-24 -
2020-04-23		 2 years crt.sh
ssl372350.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-04-15 -
2019-10-22		 6 months crt.sh
bitpanda.com
Go Daddy Secure Certificate Authority - G2		 2018-10-15 -
2019-10-04		 a year crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-04-30 -
2019-07-23		 3 months crt.sh
*.freenights.net
Let's Encrypt Authority X3		 2019-05-20 -
2019-08-18		 3 months crt.sh
a248.e.akamai.net
DigiCert ECC Secure Server CA		 2018-10-18 -
2019-10-18		 a year crt.sh

This page contains 5 frames:

Primary Page: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Frame ID: 61ACD0CA0CA862F31A3AAABBD6ACF8DC
Requests: 15 HTTP requests in this frame

Frame: https://auth.bitbay.net/ref/PjUbTG
Frame ID: E598EECA2E8A35784113D8338D30F21A
Requests: 1 HTTP requests in this frame

Frame: https://www.g2a.com/r/user-5b2d088386a83
Frame ID: FD1DABFE9E0CD68E19C4BACC3C68F23E
Requests: 1 HTTP requests in this frame

Frame: https://app.autoinvestor.io/
Frame ID: EB0CD4FA7F0406DBD869213657E24F9B
Requests: 1 HTTP requests in this frame

Frame: https://web.bitpanda.com/user/register/230147760107644845
Frame ID: 56F0381BA80B7ED1D0311D5730D6460A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.eroyoutube.com/ Page URL
  2. https://track.aftermarket.pl/track.php?track=e3081f178d4ab00284d3bf593bf1c80a&ref=&url=https%3A%2F%2Flead... HTTP 301
    https://leadmy.pl/p/unLT/7mhb/UEYp Page URL
  3. https://kmdvr.localslut.club/c/da57dc555e50572d?s1=21451&s2=98560&s3=3849&click_id=mlClick-lM8uSKTq&j1=1&... HTTP 302
    https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i
  • env /^google_tag_manager$/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

19
Requests

95 %
HTTPS

50 %
IPv6

13
Domains

13
Subdomains

11
IPs

7
Countries

2692 kB
Transfer

2925 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.eroyoutube.com/ Page URL
  2. https://track.aftermarket.pl/track.php?track=e3081f178d4ab00284d3bf593bf1c80a&ref=&url=https%3A%2F%2Fleadmy.pl%2Fp%2FunLT%2F7mhb%2FUEYp HTTP 301
    https://leadmy.pl/p/unLT/7mhb/UEYp Page URL
  3. https://kmdvr.localslut.club/c/da57dc555e50572d?s1=21451&s2=98560&s3=3849&click_id=mlClick-lM8uSKTq&j1=1&j3=1 HTTP 302
    https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6= Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://track.aftermarket.pl/track.php?track=e3081f178d4ab00284d3bf593bf1c80a&ref=&url=https%3A%2F%2Fleadmy.pl%2Fp%2FunLT%2F7mhb%2FUEYp HTTP 301
  • https://leadmy.pl/p/unLT/7mhb/UEYp
Request Chain 9
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=721011866&t=pageview&_s=1&dl=https%3A%2F%2Fleadmy.pl%2Fp%2FunLT%2F7mhb%2FUEYp&dr=https%3A%2F%2Fwww.eroyoutube.com%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=375857879&gjid=191447408&cid=974807957.1558435833&tid=UA-110090096-2&_gid=1573816092.1558435833&_r=1&z=537796322 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=974807957.1558435833&jid=375857879&_gid=1573816092.1558435833&gjid=191447408&_v=j75&z=537796322

19 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
www.eroyoutube.com/ 		402 B
746 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.eroyoutube.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.253.212.22 , Poland, ASN48707 (GREENER-AS, PL),
Reverse DNS
Software
nginx /
Resource Hash
8f8d380e7ea9e0e1437a40c243f7b001968d54b3ac51150da14eaef3bcb53c41

Request headers

Host
www.eroyoutube.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Server
nginx
Date
Tue, 21 May 2019 10:50:32 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
close
Set-Cookie
PHPSESSID=40e6fe7c8bf9c39890d37b963bb39d4b; path=/; secure; HttpOnly locale=pl_PL; expires=Fri, 18-May-2029 10:50:32 GMT; Max-Age=315360000; path=/
UEYp
leadmy.pl/p/unLT/7mhb/
Redirect Chain
  • https://track.aftermarket.pl/track.php?track=e3081f178d4ab00284d3bf593bf1c80a&ref=&url=https%3A%2F%2Fleadmy.pl%2Fp%2FunLT%2F7mhb%2FUEYp
  • https://leadmy.pl/p/unLT/7mhb/UEYp
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leadmy.pl/p/unLT/7mhb/UEYp
Requested by
Host: www.eroyoutube.com
URL: https://www.eroyoutube.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3ea5 , United States, ASN13335 (,),
Reverse DNS
Software
cloudflare /
Resource Hash
bb3cad22b4b8228f6c5ab26b9a32818390646e83ae6c43b522a76b5682d2198f

Request headers

:method
GET
:authority
leadmy.pl
:scheme
https
:path
/p/unLT/7mhb/UEYp
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://www.eroyoutube.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://www.eroyoutube.com/

Response headers

status
200
date
Tue, 21 May 2019 10:50:33 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=dc4131dcbeef383e35922b07f0c1b5fc61558435832; expires=Wed, 20-May-20 10:50:32 GMT; path=/; domain=.leadmy.pl; HttpOnly 08fab3b4fee7f9d19819f37e14d8bc11=08fab3b4fee7f9d19819f37e14d8bc11; expires=Wed, 20-May-2020 10:50:33 GMT; Max-Age=31536000; path=/
vary
Accept-Encoding
x-robots-tag
noindex, nofollow
cache-control
private,no-store, no-cache
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4da5fd733d6b6449-FRA
content-encoding
br

Redirect headers

Set-Cookie
PHPSESSID=e1032c192e9b2085ecba6c370a6a06b5; path=/; HttpOnly locale=pl_PL; expires=Fri, 18-May-2029 10:50:32 GMT; Max-Age=315360000; path=/
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control
no-store, no-cache, must-revalidate
Pragma
no-cache
Location
https://leadmy.pl/p/unLT/7mhb/UEYp
Content-Type
text/html; charset=UTF-8
Content-Length
0
Date
Tue, 21 May 2019 10:50:32 GMT
Server
LiteSpeed
fffff.js
leadmy.pl/js/ 		98 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leadmy.pl/js/fffff.js
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/unLT/7mhb/UEYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3ea5 , United States, ASN13335 (,),
Reverse DNS
Software
cloudflare /
Resource Hash
24f465fafad76b7185b605d4d3cfab3192490dfb6db96d5461d4172d5065fa52

Request headers

Referer
https://leadmy.pl/p/unLT/7mhb/UEYp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 May 2019 10:50:33 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 21 May 2019 08:35:09 GMT
server
cloudflare
etag
W/"5ce3b83d-186ff"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
public, max-age=14400
cf-ray
4da5fd74cf986449-FRA
expires
Tue, 21 May 2019 14:50:33 GMT
PjUbTG
auth.bitbay.net/ref/ Frame E598 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.bitbay.net/ref/PjUbTG
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/unLT/7mhb/UEYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.22.137 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com google.com gstatic.com *.gstatic.com; style-src 'self' 'unsafe-inline' gstatic.com; font-src 'self' gstatic.com; connect-src *.bitbay.net; frame-src 'self' google.com *.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
auth.bitbay.net
:scheme
https
:path
/ref/PjUbTG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://leadmy.pl/p/unLT/7mhb/UEYp
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://leadmy.pl/p/unLT/7mhb/UEYp

Response headers

status
200
date
Tue, 21 May 2019 10:50:33 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=deadaf9e59897f4f14595aae473b6e9061558435833; expires=Wed, 20-May-20 10:50:33 GMT; path=/; domain=.bitbay.net; HttpOnly
vary
Accept-Encoding Accept-Encoding
last-modified
Tue, 07 May 2019 18:24:03 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com google.com gstatic.com *.gstatic.com; style-src 'self' 'unsafe-inline' gstatic.com; font-src 'self' gstatic.com; connect-src *.bitbay.net; frame-src 'self' google.com *.google.com
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4da5fd754e10c26d-FRA
content-encoding
gzip
user-5b2d088386a83
www.g2a.com/r/ Frame FD1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.g2a.com/r/user-5b2d088386a83
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/unLT/7mhb/UEYp
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.56.132 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a23-37-56-132.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash

Request headers

:method
GET
:authority
www.g2a.com
:scheme
https
:path
/r/user-5b2d088386a83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://leadmy.pl/p/unLT/7mhb/UEYp
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://leadmy.pl/p/unLT/7mhb/UEYp

Response headers

status
403
server
AkamaiGHost
mime-version
1.0
content-type
text/html
content-length
288
expires
Tue, 21 May 2019 10:50:33 GMT
date
Tue, 21 May 2019 10:50:33 GMT
/
app.autoinvestor.io/ Frame EB0C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.autoinvestor.io/
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/unLT/7mhb/UEYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:6a6e , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
app.autoinvestor.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://leadmy.pl/p/unLT/7mhb/UEYp
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://leadmy.pl/p/unLT/7mhb/UEYp

Response headers

status
200
date
Tue, 21 May 2019 10:50:33 GMT
content-type
text/html
set-cookie
__cfduid=d83859326db16a50f5fa1aee3c64fe4591558435833; expires=Wed, 20-May-20 10:50:33 GMT; path=/; domain=.autoinvestor.io; HttpOnly
last-modified
Mon, 13 May 2019 11:51:35 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=0; includeSubDomains
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4da5fd75589b96f8-FRA
content-encoding
br
230147760107644845
web.bitpanda.com/user/register/ Frame 56F0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://web.bitpanda.com/user/register/230147760107644845
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/unLT/7mhb/UEYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:1132 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
web.bitpanda.com
:scheme
https
:path
/user/register/230147760107644845
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://leadmy.pl/p/unLT/7mhb/UEYp
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://leadmy.pl/p/unLT/7mhb/UEYp

Response headers

status
200
date
Tue, 21 May 2019 10:50:33 GMT
content-type
text/html
set-cookie
__cfduid=d9c4b675fe3b0a5730b67709c010eb97b1558435833; expires=Wed, 20-May-20 10:50:33 GMT; path=/; domain=.bitpanda.com; HttpOnly; Secure
last-modified
Mon, 20 May 2019 14:51:30 GMT
cache-control
max-age=0
expires
Tue, 21 May 2019 10:50:33 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
content-security-policy-report-only
upgrade-insecure-requests; default-src 'self'; script-src 'self' 'unsafe-inline' https://www.googletagmanager.com/gtm.js https://www.google-analytics.com/analytics.js https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js https://*.cloudfront.net/atrk.js https://s.adroll.com/j/roundtrip.js https://bat.bing.com/bat.js https://script.hotjar.com https://www.googleadservices.com https://cdn.siftscience.com/s.js https://www.google.com/recaptcha/api.js https://static.ads-twitter.com/uwt.js https://connect.facebook.net/en_US/fbevents.js https://static.zdassets.com https://analytics.twitter.com https://www.gstatic.com/recaptcha/ https://connect.facebook.net/signals/ https://static.hotjar.com https://googleads.g.doubleclick.net https://d.adroll.com; style-src 'self' 'unsafe-inline' data: https://stackpath.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css https://fonts.googleapis.com; img-src 'self' data: https://www.google-analytics.com https://d.adroll.com/ https://www.facebook.com https://pixel.rubiconproject.com/tap.php https://bat.bing.com https://certify.alexametrics.com/atrk.gif https://stats.g.doubleclick.net https://www.google.at/ads/ga-audiences https://www.google.com/ads/ga-audiences https://www.google.com/pagead/1p-user-list/ https://www.google.at/pagead/1p-user-list/ https://us-u.openx.net https://ads.yahoo.com https://x.bidswitch.net https://pixel.advertising.com https://trc.taboola.com/sg/adroll-network/1/rtb-h https://simage2.pubmatic.com/AdServer/Pug https://sync.outbrain.com/adroll/pixel https://idsync.rlcdn.com/377928.gif https://eb2.3lift.com/xuid https://t.co/i/adsct; frame-src 'self' vars.hotjar.com https://www.google.com; font-src 'self' https://fonts.gstatic.com; connect-src 'self' https://api.exchange.bitpanda.com https://sentry.io https://bitpanda.zendesk.com https://in.hotjar.com https://api.waskurzes.com https://socket.waskurzes.com:8888 https://vc.hotjar.io; media-src 'none'; object-src 'none'; base-uri 'self'; report-uri https://bpreport17.report-uri.com/r/d/csp/reportOnly
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4da5fd75afb163f5-FRA
content-encoding
br
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/unLT/7mhb/UEYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://leadmy.pl/p/unLT/7mhb/UEYp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 02 May 2019 01:33:03 GMT
server
Golfe2
age
3817
date
Tue, 21 May 2019 09:46:56 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
17779
expires
Tue, 21 May 2019 11:46:56 GMT
collect
www.google-analytics.com/ 		35 B
154 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://leadmy.pl/p/unLT/7mhb/UEYp
Origin
https://leadmy.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 21 May 2019 10:50:33 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://leadmy.pl
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j75&a=721011866&t=pageview&_s=1&dl=https%3A%2F%2Fleadmy.pl%2Fp%2FunLT%2F7mhb%2FUEYp&dr=https%3A%2F%2Fwww.eroyoutube.com%2F&ul=en-us&de=UTF-8&sd=24-...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=974807957.1558435833&jid=375857879&_gid=1573816092.1558435833&gjid=191447408&_v=j75&z=537796322
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=974807957.1558435833&jid=375857879&_gid=1573816092.1558435833&gjid=191447408&_v=j75&z=537796322
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/p/unLT/7mhb/UEYp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9a Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://leadmy.pl/p/unLT/7mhb/UEYp
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Tue, 21 May 2019 10:50:33 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 21 May 2019 10:50:33 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=974807957.1558435833&jid=375857879&_gid=1573816092.1558435833&gjid=191447408&_v=j75&z=537796322
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
content-length
417
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger.php
leadmy.pl/ 		0
53 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://leadmy.pl/finger.php
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/js/fffff.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::6812:3ea5 , United States, ASN13335 (,),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://leadmy.pl/p/unLT/7mhb/UEYp
Origin
https://leadmy.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 21 May 2019 10:50:33 GMT
content-encoding
br
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
status
200
cf-ray
4da5fd7628fd6449-FRA
Primary Request 4c8a669b83e6c2d3
www.freenights.net/c/
Redirect Chain
  • https://kmdvr.localslut.club/c/da57dc555e50572d?s1=21451&s2=98560&s3=3849&click_id=mlClick-lM8uSKTq&j1=1&j3=1
  • https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
12 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Requested by
Host: leadmy.pl
URL: https://leadmy.pl/js/fffff.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.50.18.181 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-50-18-181.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.0.32
Resource Hash
b883b47f042d5b9d2d613f74c856d7401128ad3279cc1152af377b70f5847027

Request headers

:method
GET
:authority
www.freenights.net
:scheme
https
:path
/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
referer
https://leadmy.pl/p/unLT/7mhb/UEYp
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://leadmy.pl/p/unLT/7mhb/UEYp

Response headers

status
200
server
nginx
date
Tue, 21 May 2019 10:50:33 GMT
content-type
text/html; charset=UTF-8
set-cookie
unique_2038646=unique_2038646; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ce3d7f977ebf272743202; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly unique_2038646=unique_2038646; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ce3d7f977ebf272743202; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=411736_21451_98560; expires=Thu, 20-Jun-2019 10:50:33 GMT; Max-Age=2592000; path=/; HttpOnly unique_2038646=unique_2038646; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ce3d7f977ebf272743202; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=411736_21451_98560; expires=Thu, 20-Jun-2019 10:50:33 GMT; Max-Age=2592000; path=/; HttpOnly
x-powered-by
PHP/7.0.32
content-encoding
gzip

Redirect headers

status
302 302 Found
server
nginx
date
Tue, 21 May 2019 10:50:33 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
set-cookie
unique_2051249=unique_2051249; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ce3d7f977ebf272743202; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly unique_2051249=unique_2051249; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ce3d7f977ebf272743202; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=49415_21451_98560; expires=Thu, 20-Jun-2019 10:50:33 GMT; Max-Age=2592000; path=/; HttpOnly unique_2051249=unique_2051249; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly unique_id=5ce3d7f977ebf272743202; expires=Wed, 22-May-2019 10:50:33 GMT; Max-Age=86400; path=/; HttpOnly scriptHash=49415_21451_98560; expires=Thu, 20-Jun-2019 10:50:33 GMT; Max-Age=2592000; path=/; HttpOnly tid=ubcra5ce3d7f97757d877300878; path=/; HttpOnly
Style.css
cdn-aimi.akamaized.net/landings/148126/1546614632/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/148126/1546614632/css/Style.css?1546614632
Requested by
Host: www.freenights.net
URL: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
d543c2c3f6b38530acfdfaffb331ce133d467f222c9b1599263db74c36d65574

Request headers

Referer
https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 10:50:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Jan 2019 15:10:35 GMT
Server
AmazonS3
x-amz-request-id
14FD2B643740646B
ETag
"bc3e868ceba20f30b1a521a66d132e2f"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2431
x-amz-id-2
XRT+IiGuaBHay0VVYhwgVpQUWxoP6K7O7H2Ewxdy7cGkYy6N4xqqpKQq5wsdzgoyJh6nXVLDGBI=
animate.min.css
cdn-aimi.akamaized.net/landings/148126/1546614632/css/ 		52 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/148126/1546614632/css/animate.min.css?1546614632
Requested by
Host: www.freenights.net
URL: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d

Request headers

Referer
https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 10:50:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Jan 2019 15:10:35 GMT
Server
AmazonS3
x-amz-request-id
9C391672E3BE3A96
ETag
"178b651958ceff556cbc5f355e08bbf1"
Vary
Accept-Encoding
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3955
x-amz-id-2
gtSfRa9rtbONPNB8ctmGD6hOOp6d0msTxXSIm5rCcH3wZhpR6bFEEmzM3RuR+Ogj2pHPE3hEwDM=
jquery-3.js
cdn-aimi.akamaized.net/landings/148126/1546614632/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn-aimi.akamaized.net/landings/148126/1546614632/js/jquery-3.js?1546614632
Requested by
Host: www.freenights.net
URL: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

Referer
https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 10:50:33 GMT
Content-Encoding
gzip
Last-Modified
Fri, 04 Jan 2019 15:10:35 GMT
Server
AmazonS3
x-amz-request-id
1A4B4302B53E81D1
ETag
"c9f5aeeca3ad37bf2aa006139b935f0a"
Vary
Accept-Encoding
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
30178
x-amz-id-2
FhCVb2HY+Lpk6Pq+JPDX+21OiVzBmhIrQ4mUdw6HPqft5pLJvJ5Cds560FOlhWbHMcrD9x9liOA=
gtm.js
www.googletagmanager.com/ 		47 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PPJGZHL
Requested by
Host: www.freenights.net
URL: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager (scaffolding) /
Resource Hash
590617b7cf58fbdae0068c76b46e7fc37ca8f9ae43c8fffd6c53e003b3aca6b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Tue, 21 May 2019 10:50:33 GMT
content-encoding
br
last-modified
Mon, 20 May 2019 22:01:43 GMT
server
Google Tag Manager (scaffolding)
access-control-allow-origin
http://www.googletagmanager.com
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,44,43,39"
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
content-length
18153
x-xss-protection
0
expires
Tue, 21 May 2019 10:50:33 GMT
pattern.png
cdn-aimi.akamaized.net/landings/148126/1546614632/images/ 		811 KB
812 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/148126/1546614632/images/pattern.png
Requested by
Host: www.freenights.net
URL: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
550354f9dbf9602e01d868240ce1855acce334e0fea2a7c46a241d195b10fcdf

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/148126/1546614632/css/Style.css?1546614632
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 10:50:33 GMT
Last-Modified
Fri, 04 Jan 2019 15:10:34 GMT
Server
AmazonS3
x-amz-request-id
4FD5F75AAD79D51C
ETag
"43b541688b8e3de8e90cde1f849d63c9"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
830650
x-amz-id-2
+yqtscyWDGfWeqoVhLQD1r2fvaqv7F1HF01UjUAjmdVQciyaO2ssd/38VbJgu2QN2iBY2IszSM0=
1.jpg
cdn-aimi.akamaized.net/landings/148126/1546614632/images/ 		324 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/148126/1546614632/images/1.jpg
Requested by
Host: www.freenights.net
URL: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
1d9026179d9973dff696db21d5f8609e3ce231017e4aaeb5bfdbf08394d4bc2f

Request headers

Referer
https://cdn-aimi.akamaized.net/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 10:50:33 GMT
Last-Modified
Fri, 04 Jan 2019 15:10:34 GMT
Server
AmazonS3
x-amz-request-id
C4A2F2E453589B8A
ETag
"98ebc0e89d7bc43035cf31a76f6159fc"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
331986
x-amz-id-2
0CVplfGI0a+b17vqqDy36faHFFC6T1qujrskZJhkPbRMG/mHGDKJaouqtZTCQ2uSqVI6Xk8Y8us=
bg.jpg
cdn-aimi.akamaized.net/landings/148126/1546614632/images/ 		1 MB
1 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn-aimi.akamaized.net/landings/148126/1546614632/images/bg.jpg
Requested by
Host: www.freenights.net
URL: https://www.freenights.net/c/4c8a669b83e6c2d3?&click_id=ubcra5ce3d7f97757d877300878&s1=21451&s2=98560&s3=backuser&s5=&lp=AD&j1=1&j2=&j3=1&j4=&j5=&j6=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.115 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-115.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
04626eb951e88daade17fc433ed50e079b4f844e0c68175139050c7c71bfa5c5

Request headers

Referer
https://cdn-aimi.akamaized.net/landings/148126/1546614632/css/Style.css?1546614632
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Tue, 21 May 2019 10:50:33 GMT
Last-Modified
Fri, 04 Jan 2019 15:10:34 GMT
Server
AmazonS3
x-amz-request-id
955C97470BEF344B
ETag
"077b2492bf2a18f0260095dd6c92204d"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1476929
x-amz-id-2
JcE3W6gx94v1w6UvJcFb3NraXxH+TgueQfa4dZmJTP5Gr2ie4hG5GKFa8BYsZMDr3XaHTPQUaXI=

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask function| $ function| jQuery object| dataLayer boolean| exit object| google_tag_manager number| th_bridge_jump_step

3 Cookies

Domain/Path Name / Value
www.freenights.net/ Name: scriptHash
Value: 411736_21451_98560
www.freenights.net/ Name: unique_id
Value: 5ce3d7f977ebf272743202
www.freenights.net/ Name: unique_2038646
Value: unique_2038646

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.autoinvestor.io
auth.bitbay.net
cdn-aimi.akamaized.net
kmdvr.localslut.club
leadmy.pl
stats.g.doubleclick.net
track.aftermarket.pl
web.bitpanda.com
www.eroyoutube.com
www.freenights.net
www.g2a.com
www.google-analytics.com
www.googletagmanager.com
104.20.22.137
185.253.212.10
185.253.212.22
2.16.186.115
23.37.56.132
2606:4700:10::6814:1132
2606:4700:20::6819:6a6e
2606:4700:30::6812:3ea5
2a00:1450:4001:817::200e
2a00:1450:4001:81e::2008
2a00:1450:400c:c08::9a
52.50.18.181
04626eb951e88daade17fc433ed50e079b4f844e0c68175139050c7c71bfa5c5
1d9026179d9973dff696db21d5f8609e3ce231017e4aaeb5bfdbf08394d4bc2f
24f465fafad76b7185b605d4d3cfab3192490dfb6db96d5461d4172d5065fa52
550354f9dbf9602e01d868240ce1855acce334e0fea2a7c46a241d195b10fcdf
590617b7cf58fbdae0068c76b46e7fc37ca8f9ae43c8fffd6c53e003b3aca6b6
7dff09578729615fcd15c840a32c9f82a33fe2331a851e4ac40be03cb111b3f0
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8f8d380e7ea9e0e1437a40c243f7b001968d54b3ac51150da14eaef3bcb53c41
8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d
b883b47f042d5b9d2d613f74c856d7401128ad3279cc1152af377b70f5847027
bb3cad22b4b8228f6c5ab26b9a32818390646e83ae6c43b522a76b5682d2198f
d543c2c3f6b38530acfdfaffb331ce133d467f222c9b1599263db74c36d65574