urlscan.io logo urlscan.io
SecurityTrails logo

secure.safelead.net Open in urlscan Pro
2606:4700:20::6819:7b0c  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://singova.org/campaigns/zt073b2akqc03/track-url/wg5517kr9pcfa/924635a053c6a16d9542df514f81760b06d78c7a
Effective URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Submission: On June 03 via api from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 4 countries across 7 domains to perform 25 HTTP transactions. The main IP is 2606:4700:20::6819:7b0c, located in United States and belongs to CLOUDFLARENET, US. The main domain is secure.safelead.net.
TLS certificate: Issued by CloudFlare Inc ECC CA-2 on March 19th 2020. Valid for: 7 months.
This is the only time secure.safelead.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 194.31.172.130 205220 (RHC-HOSTING)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
19 2606:4700:20:... 13335 (CLOUDFLAR...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 2001:4de0:ac1... 20446 (HIGHWINDS3)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
25 5
1    194.31.172.130 (Russian Federation)

ASN205220 (RHC-HOSTING, GB)
PTR: host0.smartrip.eu
singova.org
1    2606:4700:20::6819:9355 (United States)

ASN13335 (CLOUDFLARENET, US)
ndt5.net
19    2606:4700:20::6819:7b0c (United States)

ASN13335 (CLOUDFLARENET, US)
secure.safelead.net
3    2606:4700::6810:84e5 (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)
netdna.bootstrapcdn.com
1    2a00:1450:4001:802::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:81b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Domain Requested by
19 secure.safelead.net secure.safelead.net
3 cdnjs.cloudflare.com secure.safelead.net
1 fonts.gstatic.com secure.safelead.net
1 fonts.googleapis.com secure.safelead.net
1 netdna.bootstrapcdn.com secure.safelead.net
1 ndt5.net 1 redirects
1 singova.org 1 redirects
25 7

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
CloudFlare Inc ECC CA-2		 2020-03-19 -
2020-10-09		 7 months crt.sh
cloudflare.com
CloudFlare Inc ECC CA-2		 2020-01-07 -
2020-10-09		 9 months crt.sh
*.bootstrapcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2019-09-14 -
2020-10-13		 a year crt.sh
upload.video.google.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh
*.gstatic.com
GTS CA 1O1		 2020-05-20 -
2020-08-12		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Frame ID: A9C571A51AF9039DAA63CB16341E7965
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://singova.org/campaigns/zt073b2akqc03/track-url/wg5517kr9pcfa/924635a053c6a16d9542df514f81... HTTP 301
    https://ndt5.net/c/?si=13838&li=1601397&wi=321530&ws= HTTP 301
    https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link[^>]+?href="[^"]*bootstrap(?:\.min)?\.css/i
  • script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link [^>]+(?:\/([\d.]+)\/)?animate\.(?:min\.)?css/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+(?:([\d.]+)\/)?(?:css\/)?font-awesome(?:\.min)?\.css/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
  • script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i
  • html /<link [^>]*href="[^"]+owl\.carousel(?:\.min)?\.css/i

Page Statistics

25
Requests

100 %
HTTPS

86 %
IPv6

7
Domains

7
Subdomains

5
IPs

4
Countries

1048 kB
Transfer

1372 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://singova.org/campaigns/zt073b2akqc03/track-url/wg5517kr9pcfa/924635a053c6a16d9542df514f81760b06d78c7a HTTP 301
    https://ndt5.net/c/?si=13838&li=1601397&wi=321530&ws= HTTP 301
    https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

25 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
secure.safelead.net/13838/
Redirect Chain
  • https://singova.org/campaigns/zt073b2akqc03/track-url/wg5517kr9pcfa/924635a053c6a16d9542df514f81760b06d78c7a
  • https://ndt5.net/c/?si=13838&li=1601397&wi=321530&ws=
  • https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62467a7b57c3158ff4c3f98df43865c87360c875bb071f6ccf5bbe1c7553ea75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options allow from *

Request headers

:method
GET
:authority
secure.safelead.net
:scheme
https
:path
/13838/?dci=5W4l0mHkFzZQKjU
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
date
Wed, 03 Jun 2020 11:43:00 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=d67d5edfe8b772692dc6723ffd78348ba1591184580; expires=Fri, 03-Jul-20 11:43:00 GMT; path=/; domain=.safelead.net; HttpOnly; SameSite=Lax PHPSESSID=47483f7ba451f9a1315779298fc61c0e; expires=Wed, 03-Jun-2020 14:43:00 GMT; Max-Age=10800; path=/; HttpOnly
access-control-allow-origin
*
x-frame-options
allow from *
access-control-allow-methods
GET, OPTIONS, POST
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers
P3p, Cache-Control, Expires, Content-Length, Content-Type
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-content-type-options
nosniff
vary
Accept-Encoding
x-daisycon-cluster
vm-www02
cf-cache-status
DYNAMIC
cf-request-id
031b96f60d0000c2e5e4bcb200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59d92769ab52c2e5-FRA
content-encoding
br

Redirect headers

status
301
date
Wed, 03 Jun 2020 11:42:59 GMT
content-type
text/html; charset=UTF-8
set-cookie
__cfduid=ddab4525341db3e593020b19a12867ee11591184579; expires=Fri, 03-Jul-20 11:42:59 GMT; path=/; domain=.ndt5.net; HttpOnly; SameSite=Lax; Secure dci=5W4l0mHkFzZQKjU; expires=Fri, 04-Jun-2021 11:42:59 GMT; Max-Age=31622400; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None pdc=5W4l0mHkFzZQKjU; expires=Wed, 02-Jun-2021 11:42:59 GMT; Max-Age=31449600; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None PHPSESSID=789c330d37c931c8f5c876ab8a0af4ce0a050025a804f2; expires=Wed, 02-Jun-2021 11:42:59 GMT; Max-Age=31449600; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None ci_13838=d2leMzIxNTMwLGReMTU5MTE4NDU3OSxjY145MjE0NCxsaV4xNjAxMzk3LHBpZF4sd3NeLGRjaV41VzRsMG1Ia0Z6WlFLalU%3D; expires=Sat, 04-Jul-2020 11:42:58 GMT; Max-Age=2678399; path=/; domain=.ndt5.net; secure; HttpOnly; SameSite=None
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM", policyref="https://ndt5.net/w3c/p3p.xml"
cache-control
no-store, no-cache, must-revalidate
x-xss-protection
0
x-content-type-options
nosniff
access-control-allow-origin
*
access-control-allow-methods
GET, OPTIONS
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-expose-headers
P3p, Cache-Control, Expires, Content-Length, Content-Type
location
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
x-daisycon-cluster
vm-www03
cf-cache-status
DYNAMIC
cf-request-id
031b96f4c40000c2aee10f0200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
59d92767ae9ac2ae-FRA
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/ 		91 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3483242
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
031b96f6cc0000d6c91a2ab200000001
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:21:00 GMT
server
cloudflare
etag
W/"5afd497c-16bac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59d9276aee17d6c9-FRA
expires
Mon, 24 May 2021 11:43:00 GMT
bootstrap.min.css
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/css/ 		98 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/css/bootstrap.min.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5146510
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
031b96f6cd0000d6c91a2ac200000001
served-in-seconds
0.003
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:26:03 GMT
server
cloudflare
etag
W/"5afd4aab-18679"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59d9276aee1ed6c9-FRA
expires
Mon, 24 May 2021 11:43:00 GMT
bootstrap.min.js
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/ 		28 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/3.1.1/js/bootstrap.min.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:84e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10121082
status
200
alt-svc
h3-27=":443"; ma=86400
cf-request-id
031b96f6cd0000d6c91a2ad200000001
served-in-seconds
0.001
timing-allow-origin
*
last-modified
Thu, 17 May 2018 09:27:13 GMT
server
cloudflare
etag
W/"5afd4af1-71b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
59d9276aee22d6c9-FRA
expires
Mon, 24 May 2021 11:43:00 GMT
font-awesome.min.css
netdna.bootstrapcdn.com/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://netdna.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
/
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 12 Dec 2018 18:35:20 GMT
status
200
etag
"1544639720"
vary
Accept-Encoding
x-cache
HIT
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
7050
style.css
secure.safelead.net/images/campaigns/13838/ 		16 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/images/campaigns/13838/style.css?v1
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac11f9e37d964ca817c1d33cd9cc9205297e6fe7062a6672aa6dd491d41b09a6
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www01
status
200
cf-request-id
031b96f6ce0000c2e5e4bdc200000001
last-modified
Thu, 14 Mar 2019 08:08:01 GMT
server
cloudflare
etag
W/"3f15-584096bc1fa40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
59d9276aeeabc2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
owl.carousel.css
secure.safelead.net/images/campaigns/13838/ 		1 KB
586 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/images/campaigns/13838/owl.carousel.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www03
status
200
cf-request-id
031b96f6ce0000c2e5e4bdd200000001
last-modified
Thu, 14 Mar 2019 08:05:09 GMT
server
cloudflare
etag
W/"5c4-5840961817740-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
59d9276aeeafc2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
animate.css
secure.safelead.net/images/campaigns/13838/ 		71 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/images/campaigns/13838/animate.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www01
status
200
cf-request-id
031b96f6ce0000c2e5e4bde200000001
last-modified
Thu, 14 Mar 2019 08:05:08 GMT
server
cloudflare
etag
W/"11a43-5840961723500-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
59d9276aeeb1c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
owl.theme.css
secure.safelead.net/images/campaigns/13838/ 		2 KB
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/images/campaigns/13838/owl.theme.css
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0e211fc7d8ee3609bbd1206047fceba4c2c2f73a0dd5f555ae6561680ca01bd5
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www01
status
200
cf-request-id
031b96f6ce0000c2e5e4bdf200000001
last-modified
Thu, 14 Mar 2019 08:05:09 GMT
server
cloudflare
etag
W/"687-5840961817740-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
59d9276aeeb2c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
css
fonts.googleapis.com/ 		412 B
421 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Antic
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6c486d329e551ccbe6593c78508f9536dc02eb57d4fbc8477cfeb03d92d81e8f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
status
200
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 03 Jun 2020 11:43:00 GMT
server
ESF
date
Wed, 03 Jun 2020 11:43:00 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 03 Jun 2020 11:43:00 GMT
logo.png
secure.safelead.net/images/campaigns/13838/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/logo.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a3ee038d8ec087906f796a0990bab0104d6e28fc85eecffe60ea92218a4aa9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www01
status
200
content-length
2417
cf-request-id
031b96f79d0000c2e5e4bf0200000001
last-modified
Thu, 14 Mar 2019 08:05:09 GMT
server
cloudflare
etag
"971-5840961817740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276c2a21c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
produkt.png
secure.safelead.net/images/campaigns/13838/ 		148 KB
148 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/produkt.png
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24d780f3e56f25bc78c83a704583d07aae1dea2ffd71d577943e63fe800882b2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www03
status
200
content-length
151621
cf-request-id
031b96f7d00000c2e5e4bf2200000001
last-modified
Thu, 14 Mar 2019 08:05:09 GMT
server
cloudflare
etag
"25045-5840961817740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276c8ac9c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
1.jpg
secure.safelead.net/images/campaigns/13838/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/1.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57e8da148992304fbc295ba9f71dcd7b57e00d26ac02ffe60c3f8932da33ca4f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www03
status
200
content-length
12362
cf-request-id
031b96f7e00000c2e5e4bf3200000001
last-modified
Thu, 14 Mar 2019 08:05:08 GMT
server
cloudflare
etag
"304a-5840961723500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276c9b01c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
2.jpg
secure.safelead.net/images/campaigns/13838/ 		12 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/2.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
980519d7478729d4c3d941c39360180830f7dda7e46d2951cd821fc111246db3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www02
status
200
content-length
12784
cf-request-id
031b96f7e10000c2e5e4bf4200000001
last-modified
Thu, 14 Mar 2019 08:05:08 GMT
server
cloudflare
etag
"31f0-5840961723500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276c9b10c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
3.jpg
secure.safelead.net/images/campaigns/13838/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/3.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c28c8bf34ec7fd79cb8541b18fb2f8e4cec275ed9d350a672eed13fb0b076e0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www03
status
200
content-length
9520
cf-request-id
031b96f7e20000c2e5e4bf5200000001
last-modified
Thu, 14 Mar 2019 08:05:08 GMT
server
cloudflare
etag
"2530-5840961723500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276c9b15c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
email-decode.min.js
secure.safelead.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
847 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Tue, 02 Jun 2020 11:20:40 GMT
server
cloudflare
etag
W/"5ed63608-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
content-type
application/javascript
status
200
cache-control
max-age=172800, public
cf-ray
59d9276b3fc7c2e5-FRA
cf-request-id
031b96f7070000c2e5e4be0200000001
expires
Fri, 05 Jun 2020 11:43:00 GMT
custom.js
secure.safelead.net/js/campaigns/13838/ 		190 B
307 B 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/js/campaigns/13838/custom.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1915ca55f6085efcfde125155ff6e3973977003f83f2f943e325a82b0cafe983
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www03
status
200
cf-request-id
031b96f7110000c2e5e4be3200000001
last-modified
Thu, 14 Mar 2019 08:05:27 GMT
server
cloudflare
etag
W/"be-5840962941fc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=345600
cf-ray
59d9276b4ff0c2e5-FRA
expires
Sun, 07 Jun 2020 11:43:00 GMT
owl.carousel.min.js
secure.safelead.net/js/campaigns/13838/ 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/js/campaigns/13838/owl.carousel.min.js
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www01
status
200
cf-request-id
031b96f74e0000c2e5e4be9200000001
last-modified
Thu, 14 Mar 2019 08:05:27 GMT
server
cloudflare
etag
W/"5d52-5840962941fc0-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=345600
cf-ray
59d9276bb8e3c2e5-FRA
expires
Sun, 07 Jun 2020 11:43:00 GMT
validation.js
secure.safelead.net/js/ 		42 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.safelead.net/js/validation.js?v1.1.1
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
71370f253d563b9398e952fc59971f0c5c5964cf05c08c0d3b11e8f8289aadc9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
162565
x-daisycon-cluster
vm-www03
status
200
cf-request-id
031b96f77d0000c2e5e4bed200000001
last-modified
Tue, 19 May 2020 09:58:48 GMT
server
cloudflare
etag
W/"a612-5a5fd53652600-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=345600
cf-ray
59d9276bf9a4c2e5-FRA
expires
Fri, 05 Jun 2020 14:33:35 GMT
background.jpg
secure.safelead.net/images/campaigns/13838/ 		51 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/background.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624623a9a6eae3dfbd73b8924f5b29cf75d029cadc8f6f48174ff4ebc83622df
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/13838/style.css?v1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www02
status
200
content-length
52382
cf-request-id
031b96f7e50000c2e5e4bf6200000001
last-modified
Thu, 14 Mar 2019 08:05:08 GMT
server
cloudflare
etag
"cc9e-5840961723500"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276cab20c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
bg1.jpg
secure.safelead.net/images/campaigns/13838/ 		308 KB
309 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/bg1.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82d91e7ecf44eed36f6e6e455db2285f8b7f80de1a9961cc53f561cef9d9f3f9
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/13838/style.css?v1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www02
status
200
content-length
315617
cf-request-id
031b96f7e50000c2e5e4bf7200000001
last-modified
Thu, 14 Mar 2019 08:05:09 GMT
server
cloudflare
etag
"4d0e1-5840961817740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276cab22c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
bg2.jpg
secure.safelead.net/images/campaigns/13838/ 		100 KB
100 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/bg2.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcfc3eb0038634ce3c8a02aecf7ae873b34baf90a89e875d1dc25a55742dd05f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/13838/style.css?v1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www02
status
200
content-length
102298
cf-request-id
031b96f7e60000c2e5e4bf8200000001
last-modified
Thu, 14 Mar 2019 08:05:09 GMT
server
cloudflare
etag
"18f9a-5840961817740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276cab24c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
bg3.jpg
secure.safelead.net/images/campaigns/13838/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/bg3.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3f3dae491c0c1ee0886924c3306da6092fa2b21e151e290bfd5c3b5320cc231
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/13838/style.css?v1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www01
status
200
content-length
48895
cf-request-id
031b96f7e60000c2e5e4bf9200000001
last-modified
Thu, 14 Mar 2019 08:05:09 GMT
server
cloudflare
etag
"beff-5840961817740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276cab25c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
bg.jpg
secure.safelead.net/images/campaigns/13838/ 		250 KB
251 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.safelead.net/images/campaigns/13838/bg.jpg
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::6819:7b0c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e26c3cb0493f12db56f322b8c81310fca3e3874b759a619452fda5d6b35b2a53
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://secure.safelead.net/images/campaigns/13838/style.css?v1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Wed, 03 Jun 2020 11:43:00 GMT
x-content-type-options
nosniff
cf-cache-status
MISS
x-daisycon-cluster
vm-www02
status
200
content-length
256177
cf-request-id
031b96f7e60000c2e5e4bfa200000001
last-modified
Thu, 14 Mar 2019 08:05:09 GMT
server
cloudflare
etag
"3e8b1-5840961817740"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
59d9276cab27c2e5-FRA
expires
Wed, 03 Jun 2020 15:43:00 GMT
TuGfUVB8XY5DRZZMq9kRystl.woff2
fonts.gstatic.com/s/antic/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/antic/v11/TuGfUVB8XY5DRZZMq9kRystl.woff2
Requested by
Host: secure.safelead.net
URL: https://secure.safelead.net/13838/?dci=5W4l0mHkFzZQKjU
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
509134023a2e8b607c0903063a693821e5c4f9a8617553c98987099b899be1c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Antic
Origin
https://secure.safelead.net

Response headers

date
Mon, 18 May 2020 19:39:46 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Jul 2019 02:56:21 GMT
server
sffe
age
1353794
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13656
x-xss-protection
0
expires
Tue, 18 May 2021 19:39:46 GMT

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate function| $ function| jQuery object| jQuery110201789250050644522 string| initCountry string| initLanguage boolean| initValidateAddressFlag object| Base64 function| getQueryParam function| isValidDate function| calculateAge function| ibanElevenTest string| language string| country boolean| validateAddressFlag object| prefillFields object| languages object| countries object| country_phone_codes object| country_phone_number_min_length object| country_phone_number_max_length object| country_zipcode_length object| country_iban_regex object| translations function| determineCountryLanguage function| determineValidateAddressFlag function| insertHiddenFields function| determineUserAgent function| determineClickDate function| determineCountry function| processQueryString function| insertValidationField function| updateValidationField function| setValidationErrorOptions function| validateInitials function| validateBirthdate function| validateInsertion function| validateFirstName function| validateSurname function| validateName function| validateZipcode function| validateHouseNumber function| validateAddition function| validateHouseNumberZipcode function| validateAddress function| validateStreet function| validateCity function| validateEmail function| validatePhone function| validateIBAN function| showLoader function| hideLoader function| handleSubmit

2 Cookies

Domain/Path Name / Value
secure.safelead.net/ Name: PHPSESSID
Value: 47483f7ba451f9a1315779298fc61c0e
.safelead.net/ Name: __cfduid
Value: d67d5edfe8b772692dc6723ffd78348ba1591184580

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options allow from *

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
ndt5.net
netdna.bootstrapcdn.com
secure.safelead.net
singova.org
194.31.172.130
2001:4de0:ac19::1:b:1a
2606:4700:20::6819:7b0c
2606:4700:20::6819:9355
2606:4700::6810:84e5
2a00:1450:4001:802::200a
2a00:1450:4001:81b::2003
0e211fc7d8ee3609bbd1206047fceba4c2c2f73a0dd5f555ae6561680ca01bd5
1915ca55f6085efcfde125155ff6e3973977003f83f2f943e325a82b0cafe983
24d780f3e56f25bc78c83a704583d07aae1dea2ffd71d577943e63fe800882b2
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
48a3ee038d8ec087906f796a0990bab0104d6e28fc85eecffe60ea92218a4aa9
4c28c8bf34ec7fd79cb8541b18fb2f8e4cec275ed9d350a672eed13fb0b076e0
4dc77ee90dc2225b57b31d28fe06213cd6c491bdc7249a6e70ebd003b72c5702
509134023a2e8b607c0903063a693821e5c4f9a8617553c98987099b899be1c6
57e8da148992304fbc295ba9f71dcd7b57e00d26ac02ffe60c3f8932da33ca4f
624623a9a6eae3dfbd73b8924f5b29cf75d029cadc8f6f48174ff4ebc83622df
62467a7b57c3158ff4c3f98df43865c87360c875bb071f6ccf5bbe1c7553ea75
6c486d329e551ccbe6593c78508f9536dc02eb57d4fbc8477cfeb03d92d81e8f
71370f253d563b9398e952fc59971f0c5c5964cf05c08c0d3b11e8f8289aadc9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
82d91e7ecf44eed36f6e6e455db2285f8b7f80de1a9961cc53f561cef9d9f3f9
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
980519d7478729d4c3d941c39360180830f7dda7e46d2951cd821fc111246db3
ac11f9e37d964ca817c1d33cd9cc9205297e6fe7062a6672aa6dd491d41b09a6
c3f3dae491c0c1ee0886924c3306da6092fa2b21e151e290bfd5c3b5320cc231
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
dcfc3eb0038634ce3c8a02aecf7ae873b34baf90a89e875d1dc25a55742dd05f
e0e2bc4e1d3ee5024c4e1aa58a6cad9aa42fc63a8c89ce18013a1c8f2b94875c
e26c3cb0493f12db56f322b8c81310fca3e3874b759a619452fda5d6b35b2a53
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b