urlscan.io logo urlscan.io
SecurityTrails logo

hereyoursweetgirl.com Open in urlscan Pro
95.182.122.169  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Effective URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Submission: On January 30 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 14 IPs in 6 countries across 15 domains to perform 23 HTTP transactions. The main IP is 95.182.122.169, located in Moscow, Russian Federation and belongs to TEAM-HOST AS, RU. The main domain is hereyoursweetgirl.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 21st 2019. Valid for: 3 months.
This is the only time hereyoursweetgirl.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 2606:4700:303... 13335 (CLOUDFLAR...)
1 104.20.21.137 13335 (CLOUDFLAR...)
1 104.74.117.30 16625 (AKAMAI-AS)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 1 63.32.32.122 16509 (AMAZON-02)
1 34.107.177.87 15169 (GOOGLE)
1 3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 95.182.122.169 202984 (TEAM-HOST AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
5 159.69.111.28 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
23 14
3    2606:4700:3037::681f:43e9 (United States)

ASN13335 (CLOUDFLARENET, US)
golead.pl
1    104.20.21.137 (United States)

ASN13335 (CLOUDFLARENET, US)
auth.bitbay.net
1    104.74.117.30 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-117-30.deploy.static.akamaitechnologies.com
www.g2a.com
1    2606:4700:20::681a:181 (United States)

ASN13335 (CLOUDFLARENET, US)
app.autoinvestor.io
1    2606:4700:10::6814:5ade (United States)

ASN13335 (CLOUDFLARENET, US)
web.bitpanda.com
1    63.32.32.122 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-32-122.eu-west-1.compute.amazonaws.com
revolut.ngih.net
1    34.107.177.87 (United States)

ASN15169 (GOOGLE, US)
PTR: 87.177.107.34.bc.googleusercontent.com
www.revolut.com
3    2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    95.182.122.169 (Moscow, Russian Federation)

ASN202984 (TEAM-HOST AS, RU)
hereyoursweetgirl.com
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
code.jquery.com
5    159.69.111.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.111.69.159.clients.your-server.de
cuduner.com
1    2a00:1450:4001:81a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
5 cuduner.com hereyoursweetgirl.com
3 hereyoursweetgirl.com golead.pl
hereyoursweetgirl.com
code.jquery.com
3 www.google-analytics.com 1 redirects golead.pl
www.google-analytics.com
3 golead.pl golead.pl
1 fonts.gstatic.com hereyoursweetgirl.com
1 code.jquery.com hereyoursweetgirl.com
1 fonts.googleapis.com hereyoursweetgirl.com
1 stats.g.doubleclick.net golead.pl
1 www.revolut.com golead.pl
1 revolut.ngih.net 1 redirects
1 web.bitpanda.com golead.pl
1 app.autoinvestor.io golead.pl
1 www.g2a.com golead.pl
1 auth.bitbay.net golead.pl
0 s.click.aliexpress.com Failed golead.pl
23 15

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2019-08-09 -
2020-08-08		 a year crt.sh
ssl368168.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-08-28 -
2020-03-05		 6 months crt.sh
www.g2a.com
DigiCert SHA2 Extended Validation Server CA		 2019-09-12 -
2021-10-11		 2 years crt.sh
bitpanda.com
Go Daddy Secure Certificate Authority - G2		 2019-07-03 -
2020-07-03		 a year crt.sh
*.revolut.com
COMODO RSA Domain Validation Secure Server CA		 2018-09-28 -
2020-09-27		 2 years crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
hereyoursweetgirl.com
Let's Encrypt Authority X3		 2019-12-21 -
2020-03-20		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1O1		 2020-01-07 -
2020-03-31		 3 months crt.sh
jquery.org
COMODO RSA Domain Validation Secure Server CA		 2018-10-17 -
2020-10-16		 2 years crt.sh
cuduner.com
Let's Encrypt Authority X3		 2019-12-21 -
2020-03-20		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-01-14 -
2020-04-07		 3 months crt.sh

This page contains 7 frames:

Primary Page: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Frame ID: 5BC697D60EE318D50C3885BAC159F40F
Requests: 17 HTTP requests in this frame

Frame: https://auth.bitbay.net/ref/PjUbTG
Frame ID: 495E37BDEC0799DEF5E312054EE7CED6
Requests: 1 HTTP requests in this frame

Frame: https://www.g2a.com/r/user-5b2d088386a83
Frame ID: 79AAA27CFE94FDBE1BF4783BE619DFD4
Requests: 1 HTTP requests in this frame

Frame: https://app.autoinvestor.io/
Frame ID: 7CB1DF631341E71D17DE41965AC2F33F
Requests: 1 HTTP requests in this frame

Frame: https://web.bitpanda.com/user/register/230147760107644845
Frame ID: 068A0A66FBC30353E6A77D3F0F104930
Requests: 1 HTTP requests in this frame

Frame: https://s.click.aliexpress.com/e/bFHHznyG
Frame ID: C5F05BB21FD3CC560C956ABBE61CB89E
Requests: 1 HTTP requests in this frame

Frame: https://www.revolut.com/aff/1633545_paciborskir%40gmail.com_?irgwc=1&p=i&ext=1633545_
Frame ID: F35606954BD5B70EB8B72849C92FE3A7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink Page URL
  2. https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i

Page Statistics

23
Requests

96 %
HTTPS

57 %
IPv6

15
Domains

15
Subdomains

14
IPs

6
Countries

556 kB
Transfer

716 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink Page URL
  2. https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 7
  • https://revolut.ngih.net/c/1633545/589915/9626 HTTP 301
  • https://www.revolut.com/aff/1633545_paciborskir%40gmail.com_?irgwc=1&p=i&ext=1633545_
Request Chain 10
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1501984616&t=pageview&_s=1&dl=https%3A%2F%2Fgolead.pl%2Fp%2F2Y0e%2FjDiC%2FsIkR%3Fml_sub1%3Dsmartlink&ul=en-us&de=UTF-8&dt=golead.pl&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=151642823&gjid=1419918600&cid=1382045672.1580387168&tid=UA-110090096-2&_gid=1068428119.1580387168&_r=1&z=1021631203 HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1382045672.1580387168&jid=151642823&_gid=1068428119.1580387168&gjid=1419918600&_v=j79&z=1021631203

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
sIkR
golead.pl/p/2Y0e/jDiC/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dce83e5f34ea871bcc660ab7b09c85ea5eae5eaf181373ac3ea9736c3ccf8e49

Request headers

:method
GET
:authority
golead.pl
:scheme
https
:path
/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
sec-fetch-user
?1
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Sec-Fetch-User
?1

Response headers

status
200
date
Thu, 30 Jan 2020 12:26:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d7eb9876104d3758bf7bbf3f27cc56cc51580387167; expires=Sat, 29-Feb-20 12:26:07 GMT; path=/; domain=.golead.pl; HttpOnly; SameSite=Lax; Secure a9cfc38c8c27d8aade7b19701097beda=a9cfc38c8c27d8aade7b19701097beda; expires=Fri, 29-Jan-2021 12:26:08 GMT; Max-Age=31536000; path=/; httponly
vary
Accept-Encoding
cache-control
no-cache, no-store, private
x-robots-tag
noindex, nofollow
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55d36eb7bbddc2c2-FRA
content-encoding
br
jjj.js
golead.pl/js/ 		58 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://golead.pl/js/jjj.js
Requested by
Host: golead.pl
URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5a23cdfc9caa9177c25831da4e2a1b048ee0c2aec5e6d3e179fa375bfe60402c

Request headers

Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 12:26:08 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 07 Jun 2019 08:32:18 GMT
server
cloudflare
age
6904
etag
W/"5cfa2112-e710"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=14400
cf-ray
55d36eb8df37c2c2-FRA
PjUbTG
auth.bitbay.net/ref/ Frame 495E 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.bitbay.net/ref/PjUbTG
Requested by
Host: golead.pl
URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.21.137 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com google.com gstatic.com *.gstatic.com; style-src 'self' 'unsafe-inline' gstatic.com; font-src 'self' gstatic.com; connect-src *.bitbay.net; frame-src 'self' google.com *.google.com
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
auth.bitbay.net
:scheme
https
:path
/ref/PjUbTG
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink

Response headers

status
200
date
Thu, 30 Jan 2020 12:26:08 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d3d41dccfe05674a874774f83b0f7e8321580387168; expires=Sat, 29-Feb-20 12:26:08 GMT; path=/; domain=.bitbay.net; HttpOnly; SameSite=Lax
vary
Accept-Encoding Accept-Encoding
last-modified
Mon, 16 Dec 2019 17:37:33 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains
content-security-policy
frame-ancestors 'self' *.bitbay.net bitbay.net; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.google.com google.com gstatic.com *.gstatic.com; style-src 'self' 'unsafe-inline' gstatic.com; font-src 'self' gstatic.com; connect-src *.bitbay.net; frame-src 'self' google.com *.google.com
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55d36eb94852ce1f-LHR
content-encoding
gzip
user-5b2d088386a83
www.g2a.com/r/ Frame 79AA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.g2a.com/r/user-5b2d088386a83
Requested by
Host: golead.pl
URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.74.117.30 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-74-117-30.deploy.static.akamaitechnologies.com
Software
AkamaiGHost /
Resource Hash

Request headers

:method
GET
:authority
www.g2a.com
:scheme
https
:path
/r/user-5b2d088386a83
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink

Response headers

status
403
server
AkamaiGHost
mime-version
1.0
content-type
text/html
content-length
288
expires
Thu, 30 Jan 2020 12:26:08 GMT
date
Thu, 30 Jan 2020 12:26:08 GMT
/
app.autoinvestor.io/ Frame 7CB1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://app.autoinvestor.io/
Requested by
Host: golead.pl
URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:181 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0; includeSubDomains

Request headers

:method
GET
:authority
app.autoinvestor.io
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink

Response headers

status
200
date
Thu, 30 Jan 2020 12:26:08 GMT
content-type
text/html
set-cookie
__cfduid=d9ab62181593aa7363f2a17e826eeb80f1580387168; expires=Sat, 29-Feb-20 12:26:08 GMT; path=/; domain=.autoinvestor.io; HttpOnly; SameSite=Lax
last-modified
Thu, 16 Jan 2020 08:24:47 GMT
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=0; includeSubDomains
server
cloudflare
cf-ray
55d36eb9ddcec2ae-FRA
content-encoding
br
230147760107644845
web.bitpanda.com/user/register/ Frame 068A 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://web.bitpanda.com/user/register/230147760107644845
Requested by
Host: golead.pl
URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:5ade , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
web.bitpanda.com
:scheme
https
:path
/user/register/230147760107644845
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink

Response headers

status
200
date
Thu, 30 Jan 2020 12:26:08 GMT
content-type
text/html
set-cookie
__cfduid=d8dba3a49f2e89f8dcd956e27e784f9d71580387168; expires=Sat, 29-Feb-20 12:26:08 GMT; path=/; domain=.bitpanda.com; HttpOnly; SameSite=Lax; Secure AWSALB=PSEEomxB0pnMagZFW1RNcxhii4y0tpDnxDngyb4lRMeMG17mK7y3rJq8NYkvs9q8t6tQyg4/sAooLKGOSOiS/fSa0Ty3SjfKzIXp5z8KmxIyB0bsdOEThLpvqafm; Expires=Thu, 06 Feb 2020 12:26:08 GMT; Path=/ AWSALBCORS=PSEEomxB0pnMagZFW1RNcxhii4y0tpDnxDngyb4lRMeMG17mK7y3rJq8NYkvs9q8t6tQyg4/sAooLKGOSOiS/fSa0Ty3SjfKzIXp5z8KmxIyB0bsdOEThLpvqafm; Expires=Thu, 06 Feb 2020 12:26:08 GMT; Path=/; SameSite=None; Secure
last-modified
Tue, 28 Jan 2020 09:57:04 GMT
cache-control
max-age=0
expires
Thu, 30 Jan 2020 12:26:08 GMT
x-frame-options
sameorigin
strict-transport-security
max-age=31536000; includeSubDomains
x-xss-protection
1; mode=block
x-content-type-options
nosniff
referrer-policy
same-origin
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
55d36eb96ebc97c6-FRA
content-encoding
br
bFHHznyG
s.click.aliexpress.com/e/ Frame C5F0 		0
0
1633545_paciborskir%40gmail.com_
www.revolut.com/aff/ Frame F356
Redirect Chain
  • https://revolut.ngih.net/c/1633545/589915/9626
  • https://www.revolut.com/aff/1633545_paciborskir%40gmail.com_?irgwc=1&p=i&ext=1633545_
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.revolut.com/aff/1633545_paciborskir%40gmail.com_?irgwc=1&p=i&ext=1633545_
Requested by
Host: golead.pl
URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.107.177.87 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
87.177.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains;
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.revolut.com
:scheme
https
:path
/aff/1633545_paciborskir%40gmail.com_?irgwc=1&p=i&ext=1633545_
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink

Response headers

status
200
server
nginx
date
Thu, 30 Jan 2020 12:26:08 GMT
content-type
text/html
last-modified
Wed, 29 Jan 2020 18:47:32 GMT
vary
Accept-Encoding
etag
W/"5e31d344-1f190"
strict-transport-security
max-age=63072000; includeSubdomains;
x-frame-options
DENY
x-content-type-options
nosniff
x-xss-protection
1; mode=block
referrer-policy
no-referrer
content-encoding
gzip
via
1.1 google
alt-svc
clear

Redirect headers

status
301
date
Thu, 30 Jan 2020 12:26:08 GMT
content-length
0
location
https://www.revolut.com/aff/1633545_paciborskir%40gmail.com_?irgwc=1&p=i&ext=1633545_
set-cookie
AWSALB=B7motzKwtTVI+015q9u9wQJgFlMgiOGkTvbcFMiIiVdE2qKUeQ2jvtGJ8XSzIwV4vN9sJzOv5vG2ifiRkZgMYALj1rjZp5Ho/g/uVPXsz/tpa5cZgA+UTrHzETeG; Expires=Thu, 06 Feb 2020 12:26:08 GMT; Path=/ AWSALBCORS=B7motzKwtTVI+015q9u9wQJgFlMgiOGkTvbcFMiIiVdE2qKUeQ2jvtGJ8XSzIwV4vN9sJzOv5vG2ifiRkZgMYALj1rjZp5Ho/g/uVPXsz/tpa5cZgA+UTrHzETeG; Expires=Thu, 06 Feb 2020 12:26:08 GMT; Path=/; SameSite=None; Secure brwsr=b137a401-435b-11ea-97e7-0295e3e6ea6a; domain=.ngih.net; path=/; secure; expires=Wed, 19 Jan 2022 12:26:08 GMT; HttpOnly; SameSite=None irld=L3sr3NOXfIyS8Vvv3IfxywQc308e20m1%3A613T0T2VKNQAlRqn; path=/; secure; expires=Tue, 28 Jul 2020 12:26:08 GMT; HttpOnly; SameSite=None
server
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Thu, 30 Jan 2020 12:26:08 GMT
p3p
policyref="\/w3c/p3p.xml",CP="ALLBUSLEGDSPCORADMCURDEVPSAOURNAVINT"
analytics.js
www.google-analytics.com/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: golead.pl
URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
2873
date
Thu, 30 Jan 2020 11:38:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17803
expires
Thu, 30 Jan 2020 13:38:15 GMT
collect
www.google-analytics.com/ 		35 B
143 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/collect
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Origin
https://golead.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 30 Jan 2020 12:26:08 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
https://golead.pl
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1501984616&t=pageview&_s=1&dl=https%3A%2F%2Fgolead.pl%2Fp%2F2Y0e%2FjDiC%2FsIkR%3Fml_sub1%3Dsmartlink&ul=en-us&de=UTF-8&dt=golead.pl&sd=24-bit...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1382045672.1580387168&jid=151642823&_gid=1068428119.1580387168&gjid=1419918600&_v=j79&z=1021631203
35 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1382045672.1580387168&jid=151642823&_gid=1068428119.1580387168&gjid=1419918600&_v=j79&z=1021631203
Requested by
Host: golead.pl
URL: https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Thu, 30 Jan 2020 12:26:08 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 30 Jan 2020 12:26:08 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-110090096-2&cid=1382045672.1580387168&jid=151642823&_gid=1068428119.1580387168&gjid=1419918600&_v=j79&z=1021631203
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
420
expires
Fri, 01 Jan 1990 00:00:00 GMT
finger
golead.pl/ 		20 B
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://golead.pl/finger
Requested by
Host: golead.pl
URL: https://golead.pl/js/jjj.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::681f:43e9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
Origin
https://golead.pl
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 30 Jan 2020 12:26:08 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
no-cache, private
cf-ray
55d36eb999d2c2c2-FRA
Primary Request ymqsnorkfqqajir
hereyoursweetgirl.com/ 		51 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Requested by
Host: golead.pl
URL: https://golead.pl/js/jjj.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.182.122.169 Moscow, Russian Federation, ASN202984 (TEAM-HOST AS, RU),
Reverse DNS
Software
/
Resource Hash
3b2288ed897234e611290d60be7473ea3b5c71a91244a732774e45bca2d844a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
hereyoursweetgirl.com
:scheme
https
:path
/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
navigate
referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://golead.pl/p/2Y0e/jDiC/sIkR?ml_sub1=smartlink

Response headers

status
200
date
Thu, 30 Jan 2020 12:26:08 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=0, private, must-revalidate
cross-origin-window-policy
deny
set-cookie
k=SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTE1MDM3bQAAAApSRW5lcnFib213bQAAAANoaWRtAAAAJGJNVWFzTEJXaFJHcXVBYXdIcXpLUkdsUmJPVlhFaVFwR1Rtem0AAAACaGxkAANuaWxtAAAAAnJkdAAAAARkAApfX3N0cnVjdF9fZAAYRWxpeGlyLlRkZXguUm90YXRpb25EYXRhZAAOY2xpY2tlZF9vZmZlcnN0AAAAAGQACGxhbmRpbmdzbAAAAAFiAAAEn2pkAAtzZWVuX29mZmVyc2wAAAABYgAAJ0NqbQAAAAVzdWJfMW0AAAAFNDgxNTltAAAABXN1Yl8ybQAAABBtbENsaWNrLXQ1dEZJaHZvbQAAAAd0cmFja2VybQAAAAdub3RyYWNrbQAAAAN1bnFtAAAADE9naFZReURibFpjbw.kADg7ec78hx3lSPJFgMf-xBcjEqdDKDiqI8I9-9Q5CE; path=/; expires=Fri, 29 Jan 2021 12:26:08 GMT; max-age=31536000 uord=e5da5b363ba35538bd7c20d49ceae2b4; path=/; expires=Sat, 29 Jan 2022 12:26:08 GMT; max-age=63072000; HttpOnly
x-content-type-options
nosniff
x-download-options
noopen
x-permitted-cross-domain-policies
none
x-xss-protection
1; mode=block
content-encoding
gzip
css
fonts.googleapis.com/ 		2 KB
526 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9e0795e26f8dd35e635cb2194d80be31e09b41e9168f83f59605f02db22d1045
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
last-modified
Thu, 30 Jan 2020 12:26:08 GMT
server
ESF
access-control-allow-origin
*
date
Thu, 30 Jan 2020 12:26:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection
0
expires
Thu, 30 Jan 2020 12:26:08 GMT
jquery-2.2.4.min.js
code.jquery.com/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-2.2.4.min.js
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
nginx /
Resource Hash
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Origin
https://hereyoursweetgirl.com

Response headers

Date
Thu, 30 Jan 2020 12:26:08 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 May 2016 17:24:41 GMT
Server
nginx
ETag
W/"573f4859-14e4a"
Vary
Accept-Encoding
X-HW
1580387168.dop148.fr8.shc,1580387168.dop148.fr8.t,1580387168.cds130.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000, public
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
29811
p.js
hereyoursweetgirl.com/ 		435 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hereyoursweetgirl.com/p.js?a=202261&cr=9059&lid=5217&mh=Yk1VYXNMQldoUkdxdUFhd0hxektSR2xSYk9WWEVpUXBHVG16LTIxNTYx&p=0
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.182.122.169 Moscow, Russian Federation, ASN202984 (TEAM-HOST AS, RU),
Reverse DNS
Software
/
Resource Hash
60f906643e6e10155ad0a3ec3b68ab18b0ed3cfed005332aa4baf10c6fc9dcc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 12:26:08 GMT
x-content-type-options
nosniff
x-permitted-cross-domain-policies
none
cross-origin-window-policy
deny
x-download-options
noopen
content-type
application/javascript; charset=utf-8
status
200
cache-control
max-age=0, private, must-revalidate
content-length
435
x-xss-protection
1; mode=block
1.jpg
cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/ 		80 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/1.jpg
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.111.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.111.69.159.clients.your-server.de
Software
/
Resource Hash
d7c8d2c9f755c191ea948c309e7d4603cc5eae7c7bbaa90c2279333297ecc3f9

Request headers

Referer
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 12:26:09 GMT
last-modified
Wed, 31 Jul 2019 13:11:53 GMT
access-control-allow-origin
*
etag
"5d419399-13fa4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
81828
2.jpg
cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/ 		93 KB
93 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/2.jpg
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.111.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.111.69.159.clients.your-server.de
Software
/
Resource Hash
b253c1ba857cff2530fdb52c47003ec6ae1b57d0fec7dd97648af094642d5bc9

Request headers

Referer
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 12:26:09 GMT
last-modified
Wed, 31 Jul 2019 13:11:53 GMT
access-control-allow-origin
*
etag
"5d419399-172f4"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
94964
3.jpg
cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/3.jpg
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.111.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.111.69.159.clients.your-server.de
Software
/
Resource Hash
ff1242e8acb4a8031efd8f0332b6ba5a6aabaea612fce85505d7a11d08994028

Request headers

Referer
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 12:26:09 GMT
last-modified
Wed, 31 Jul 2019 13:11:53 GMT
access-control-allow-origin
*
etag
"5d419399-18b00"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
101120
4.jpg
cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/ 		120 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/4.jpg
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.111.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.111.69.159.clients.your-server.de
Software
/
Resource Hash
1e54a25e595f58c5315680b8c4b1592530f65dc19ab15edf00aa573490add5fd

Request headers

Referer
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 12:26:09 GMT
last-modified
Wed, 31 Jul 2019 13:11:52 GMT
access-control-allow-origin
*
etag
"5d419398-1de9a"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
122522
5.jpg
cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cuduner.com/assets/f8d50d3c69a4a0dd9d6aa9ce40febb37/images/5.jpg
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.111.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.111.69.159.clients.your-server.de
Software
/
Resource Hash
42dea53a57e76fabe0792a2d9234c99189dd36f21431f67d2cb6dace21f48f9e

Request headers

Referer
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date
Thu, 30 Jan 2020 12:26:09 GMT
last-modified
Wed, 31 Jul 2019 13:11:53 GMT
access-control-allow-origin
*
etag
"5d419399-11c94"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/jpeg
status
200
access-control-expose-headers
Content-Length,Content-Range
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
72852
JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
fonts.gstatic.com/s/montserrat/v14/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v14/JTUSjIg1_i6t8kCHKm459WlhyyTh89Y.woff2
Requested by
Host: hereyoursweetgirl.com
URL: https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Montserrat&subset=latin-ext
Origin
https://hereyoursweetgirl.com

Response headers

date
Thu, 23 Jan 2020 10:08:21 GMT
x-content-type-options
nosniff
last-modified
Tue, 23 Jul 2019 03:46:48 GMT
server
sffe
age
613067
content-type
font/woff2
status
200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-origin
*
content-length
13708
x-xss-protection
0
expires
Fri, 22 Jan 2021 10:08:21 GMT
/
hereyoursweetgirl.com/geo/ 		115 B
187 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hereyoursweetgirl.com/geo/?callback=jQuery224002561281813306504_1580387168804&_=1580387168805
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-2.2.4.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
95.182.122.169 Moscow, Russian Federation, ASN202984 (TEAM-HOST AS, RU),
Reverse DNS
Software
/
Resource Hash
b89721761c280298628e2b95a45f78118d1e01af91fd31d7cd48028c8837787d

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://hereyoursweetgirl.com/ymqsnorkfqqajir?s1=48159&s2=mlClick-t5tFIhvo
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

status
200
date
Thu, 30 Jan 2020 12:26:08 GMT
content-length
115
content-type
application/json; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s.click.aliexpress.com
URL
https://s.click.aliexpress.com/e/bFHHznyG

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery function| _typeof string| u

2 Cookies

Domain/Path Name / Value
hereyoursweetgirl.com/ Name: k
Value: SFMyNTY.g3QAAAAIbQAAAARhdW5xdAAAAAFtAAAABTE1MDM3bQAAAApSRW5lcnFib213bQAAAANoaWRtAAAAJGJNVWFzTEJXaFJHcXVBYXdIcXpLUkdsUmJPVlhFaVFwR1Rtem0AAAACaGxhAW0AAAACcmR0AAAABGQACl9fc3RydWN0X19kABhFbGl4aXIuVGRleC5Sb3RhdGlvbkRhdGFkAA5jbGlja2VkX29mZmVyc3QAAAAAZAAIbGFuZGluZ3NsAAAAAWIAAASfamQAC3NlZW5fb2ZmZXJzbAAAAAFiAAAnQ2ptAAAABXN1Yl8xbQAAAAU0ODE1OW0AAAAFc3ViXzJtAAAAEG1sQ2xpY2stdDV0Rklodm9tAAAAB3RyYWNrZXJtAAAAB25vdHJhY2ttAAAAA3VucW0AAAAMT2doVlF5RGJsWmNv.-y0ODbGv2SylLf1K-MwhxuZtmCE1qSQ6Qgf7TWMJMS4
hereyoursweetgirl.com/ Name: uord
Value: e5da5b363ba35538bd7c20d49ceae2b4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app.autoinvestor.io
auth.bitbay.net
code.jquery.com
cuduner.com
fonts.googleapis.com
fonts.gstatic.com
golead.pl
hereyoursweetgirl.com
revolut.ngih.net
s.click.aliexpress.com
stats.g.doubleclick.net
web.bitpanda.com
www.g2a.com
www.google-analytics.com
www.revolut.com
s.click.aliexpress.com
104.20.21.137
104.74.117.30
159.69.111.28
2001:4de0:ac19::1:b:1a
2606:4700:10::6814:5ade
2606:4700:20::681a:181
2606:4700:3037::681f:43e9
2a00:1450:4001:800::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:81a::2003
2a00:1450:400c:c00::9c
34.107.177.87
63.32.32.122
95.182.122.169
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
0ce5a460ace775560c3344a43245687bdbec5cb8ee20d209ab9fa67f4e09a3e8
1e54a25e595f58c5315680b8c4b1592530f65dc19ab15edf00aa573490add5fd
3b2288ed897234e611290d60be7473ea3b5c71a91244a732774e45bca2d844a8
42dea53a57e76fabe0792a2d9234c99189dd36f21431f67d2cb6dace21f48f9e
5a23cdfc9caa9177c25831da4e2a1b048ee0c2aec5e6d3e179fa375bfe60402c
60f906643e6e10155ad0a3ec3b68ab18b0ed3cfed005332aa4baf10c6fc9dcc4
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9e0795e26f8dd35e635cb2194d80be31e09b41e9168f83f59605f02db22d1045
b253c1ba857cff2530fdb52c47003ec6ae1b57d0fec7dd97648af094642d5bc9
b89721761c280298628e2b95a45f78118d1e01af91fd31d7cd48028c8837787d
d7c8d2c9f755c191ea948c309e7d4603cc5eae7c7bbaa90c2279333297ecc3f9
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dce83e5f34ea871bcc660ab7b09c85ea5eae5eaf181373ac3ea9736c3ccf8e49
ff1242e8acb4a8031efd8f0332b6ba5a6aabaea612fce85505d7a11d08994028