urlscan.io logo urlscan.io
SecurityTrails logo

www.siteleaks.com Open in urlscan Pro
2606:4700:30::681b:a8be  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.siteleaks.com/www.impeacknow.xyz
Submission: On July 14 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 19 domains to perform 41 HTTP transactions. The main IP is 2606:4700:30::681b:a8be, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is www.siteleaks.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on July 7th 2019. Valid for: 6 months.
This is the only time www.siteleaks.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
6 2606:4700:30:... 13335 (CLOUDFLAR...)
2 2600:9000:200... 16509 (AMAZON-02)
1 3.122.185.41 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.210.137.162 14618 (AMAZON-AES)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 35.158.91.78 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:fa8:8806... 41041 (VCLK-EU-)
1 2a00:1450:400... 15169 (GOOGLE)
1 178.250.0.130 44788 (ASN-CRITE...)
2 151.101.113.108 54113 (FASTLY)
1 151.101.12.166 54113 (FASTLY)
41 16
6    2606:4700:30::681b:a8be (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
www.siteleaks.com
2    2600:9000:200d:2e00:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
go.ezoic.net
1    3.122.185.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-122-185-41.eu-central-1.compute.amazonaws.com
www.ezojs.com
1    2a00:1450:4001:81e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.google.com
1    54.210.137.162 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-54-210-137-162.compute-1.amazonaws.com
traffic.alexa.com
2    2a00:1450:4001:815::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
www.googletagservices.com
adservice.google.com
1    2a00:1450:4001:818::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:821::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
ssl.google-analytics.com
2    35.158.91.78 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-35-158-91-78.eu-central-1.compute.amazonaws.com
g.ezoic.net
1    2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE - Google LLC, US)
stats.g.doubleclick.net
1    2a02:fa8:8806:13::1460 (Sweden)

ASN41041 (VCLK-EU-, SE)
web.hb.ad.cpe.dotomi.com
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)
adservice.google.de
1    178.250.0.130 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
acdn.adnxs.com
1    151.101.12.166 (Frankfurt am Main, Germany)

ASN54113 (FASTLY - Fastly, US)
bh.contextweb.com
Domain Requested by
6 www.siteleaks.com www.siteleaks.com
2 acdn.adnxs.com go.ezoic.net
2 g.ezoic.net www.siteleaks.com
2 ssl.google-analytics.com 1 redirects www.siteleaks.com
2 go.ezoic.net www.siteleaks.com
1 bh.contextweb.com go.ezoic.net
1 static.criteo.net go.ezoic.net
1 adservice.google.com www.googletagservices.com
1 adservice.google.de www.googletagservices.com
1 web.hb.ad.cpe.dotomi.com go.ezoic.net
1 stats.g.doubleclick.net www.siteleaks.com
1 pagead2.googlesyndication.com www.siteleaks.com
1 www.googletagservices.com www.siteleaks.com
1 traffic.alexa.com www.siteleaks.com
1 www.google.com www.siteleaks.com
1 www.ezojs.com www.siteleaks.com
0 securepubads.g.doubleclick.net Failed www.googletagservices.com
0 bidder.criteo.com Failed go.ezoic.net
0 g2.gumgum.com Failed go.ezoic.net
0 ib.adnxs.com Failed go.ezoic.net
0 adserver-us.adtech.advertising.com Failed go.ezoic.net
0 bid.contextweb.com Failed go.ezoic.net
0 as-sec.casalemedia.com Failed go.ezoic.net
0 code.jquery.com Failed www.siteleaks.com
41 24

This site contains links to these domains. Also see Links.

Domain
www.ezoic.com
Subject Issuer Validity Valid
sni89537.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2019-07-07 -
2020-01-13		 6 months crt.sh
go.ezoic.net
COMODO RSA Domain Validation Secure Server CA		 2016-10-09 -
2019-10-15		 3 years crt.sh
ezojs.com
Let's Encrypt Authority X3		 2019-06-15 -
2019-09-13		 3 months crt.sh
www.google.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
traffic.alexa.com
Amazon		 2018-09-12 -
2019-10-12		 a year crt.sh
*.g.doubleclick.net
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
g.ezoic.net
COMODO RSA Domain Validation Secure Server CA		 2016-10-09 -
2019-10-13		 3 years crt.sh
ad.cpe.dotomi.com
GlobalSign Organization Validation CA - SHA256 - G2		 2018-05-25 -
2020-05-25		 2 years crt.sh
*.google.com
Google Internet Authority G3		 2019-06-18 -
2019-09-10		 3 months crt.sh
*.criteo.net
DigiCert ECC Secure Server CA		 2019-03-26 -
2020-03-30		 a year crt.sh
cdn.adnxs.com
GlobalSign CloudSSL CA - SHA256 - G3		 2019-05-16 -
2020-05-16		 a year crt.sh
*.contextweb.com
DigiCert SHA2 Secure Server CA		 2018-07-07 -
2020-06-03		 2 years crt.sh

This page contains 4 frames:

Primary Page: https://www.siteleaks.com/www.impeacknow.xyz
Frame ID: A49F3547E711E0EF0ED6D858BFF3C317
Requests: 38 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 3236209C937F18CBF098E6B6795ACD6B
Requests: 1 HTTP requests in this frame

Frame: https://bh.contextweb.com/visitormatch
Frame ID: 54FA6921BCE9F60C16D4D957390B07A1
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: CEFE1A2B101FC5869F14B0D7FE715D45
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

www.impeacknow.xyz

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers via /varnish(?: \(Varnish\/([\d.]+)\))?/i
Overall confidence: 100%
Detected patterns
  • headers server /^cloudflare$/i
Overall confidence: 100%
Detected patterns
  • script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

41
Requests

59 %
HTTPS

60 %
IPv6

19
Domains

24
Subdomains

16
IPs

5
Countries

204 kB
Transfer

639 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 15
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=932277137&utmhn=www.siteleaks.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=www.impeacknow.xyz&utmhid=297953395&utmr=-&utmp=%2Fwww.impeacknow.xyz&utmht=1563137557408&utmac=UA-75393812-1&utmcc=__utma%3D199087661.887374136.1563137557.1563137557.1563137557.1%3B%2B__utmz%3D199087661.1563137557.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1860712578&utmredir=1&utmmt=1&utmu=qTAgAAAIAAAAAAAAAAAAAABE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75393812-1&cid=887374136.1563137557&jid=1860712578&_v=5.7.2&z=932277137

41 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request www.impeacknow.xyz
www.siteleaks.com/ 		69 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a8be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc7e642d14b2030e0c363da31b454cef6d8db24a04911d2324493c2be4962234

Request headers

:method
GET
:authority
www.siteleaks.com
:scheme
https
:path
/www.impeacknow.xyz
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Sun, 14 Jul 2019 20:52:37 GMT
content-type
text/html;charset=UTF-8
set-cookie
__cfduid=d8f45fbbf43f0a69930d88ef4e215bd1c1563137556; expires=Mon, 13-Jul-20 20:52:36 GMT; path=/; domain=.siteleaks.com; HttpOnly ezoadgid_15514=16; Path=/; Domain=siteleaks.com; Expires=Sun, 14 Jul 2019 21:22:36 UTC ezoref_15514=; Path=/; Domain=siteleaks.com; Expires=Sun, 14 Jul 2019 22:52:36 UTC ezoab_15514=mod34; Path=/; Domain=siteleaks.com; Expires=Sun, 14 Jul 2019 22:52:36 UTC active_template::15514=pub_site.1563137556; Path=/; Domain=siteleaks.com; Expires=Tue, 16 Jul 2019 20:52:36 UTC ezopvc_15514=1; Path=/; Domain=siteleaks.com; Expires=Sun, 14 Jul 2019 21:22:37 UTC ezepvv=3587; Path=/; Domain=siteleaks.com; Expires=Mon, 15 Jul 2019 20:52:37 UTC lp_15514=https://www.siteleaks.com/www.impeacknow.xyz; Path=/; Domain=siteleaks.com; Expires=Sun, 14 Jul 2019 22:52:37 UTC ezovid_15514=1883256010; Path=/; Domain=siteleaks.com; Expires=Sun, 14 Jul 2019 21:22:37 UTC ezovuuidtime_15514=1563137557; Path=/; Domain=siteleaks.com; Expires=Tue, 16 Jul 2019 20:52:37 UTC ezovuuid_15514=3c0bd22a-4d5b-4d1e-4988-9bcec66d5f5f; Path=/; Domain=siteleaks.com; Expires=Sun, 14 Jul 2019 21:22:37 UTC ezCMPCCS=true; Path=/; Domain=siteleaks.com; Expires=Tue, 14 Jul 2020 20:52:37 GMT
display
pub_site_sol
expires
Sat, 13 Jul 2019 20:52:37 GMT
pagespeed
off
response
200
vary
Accept-Encoding,X-APP-JSON
x-middleton-display
pub_site_sol
x-middleton-response
200
x-sol
pub_site
x-varnish
971042917 422582084
via
1.1 varnish (Varnish/6.0) 1.1 varnish (Varnish/6.0)
age
0
cache-control
max-age=0, must-revalidate, no-cache, no-store
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
4f66619e2e49c277-FRA
content-encoding
br
dall2143.js
go.ezoic.net/porpoiseant/ 		302 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://go.ezoic.net/porpoiseant/dall2143.js?cb=186-4
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:2e00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
7eda87085076d2be21d3b0a1c8a970d68ad06fd14a31ca97a21ef4224f018e70

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Thu, 20 Jun 2019 01:25:24 GMT
content-encoding
gzip
age
2143633
x-cache
Hit from cloudfront
status
200
last-modified
Wed, 19 Jun 2019 23:27:34 GMT
server
nginx/1.14.0
etag
"4b9f3-58bb592f7f538;58bb592f7f538-gzip"
vary
Accept-Encoding
x-varnish
146963426, 945000760
via
1.1 varnish (Varnish/6.0), 1.1 f96185b1d69d6f85635bc2b5554da639.cloudfront.net (CloudFront)
cache-control
max-age=31536000, public
x-amz-cf-pop
FRA50
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
92T_EAEDdrpHP4YLTFWf3aRk1LyzBul7hmuKUcQgptK79GBxREPyDg==
cookieconsent.min.js
www.siteleaks.com/ezoic/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.siteleaks.com/ezoic/cookieconsent.min.js
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a8be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:37 GMT
via
1.1 varnish (Varnish/6.0)
cf-cache-status
HIT
age
5934867
cf-ray
4f6661a55e97c277-FRA
status
200
content-encoding
br
last-modified
Sun, 05 May 2019 01:04:49 GMT
server
cloudflare
etag
W/"11a4-5881992064e40-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-varnish
685525728
cache-control
public, max-age=31536000
content-type
application/javascript
expires
Mon, 13 Jul 2020 20:52:37 GMT
ezd.js
www.ezojs.com/ezoic/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.ezojs.com/ezoic/ezd.js
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.185.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-3-122-185-41.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 /
Resource Hash
a7d72a2373d9d7be8325768387530166efe2d3906374ebbd23267cc8ec8e771a

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:52 GMT
content-encoding
gzip
last-modified
Thu, 11 Jul 2019 23:04:55 GMT
server
nginx/1.14.0
age
0
etag
"2e60-58d6fd27013c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=31536000, public
x-varnish
982648179, 635924689
accept-ranges
bytes
content-length
3845
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
expires
Mon, 13 Jul 2020 20:52:52 GMT
favicons
www.google.com/s2/ 		492 B
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/s2/favicons?domain=impeacknow.xyz
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7kYmWJ1lI6X8o72GUvrs9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-7kYmWJ1lI6X8o72GUvrs9g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/FaviconHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 15:57:15 GMT
x-content-type-options
nosniff
server
ESF
age
17722
x-frame-options
SAMEORIGIN
content-type
image/png
status
200
cache-control
public, max-age=28800
content-security-policy
script-src 'report-sample' 'nonce-7kYmWJ1lI6X8o72GUvrs9g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/FaviconHttp/cspreport;worker-src 'self', script-src 'nonce-7kYmWJ1lI6X8o72GUvrs9g' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com;report-uri /_/FaviconHttp/cspreport
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
492
x-xss-protection
0
expires
Sun, 14 Jul 2019 23:57:15 GMT
graph
traffic.alexa.com/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://traffic.alexa.com/graph?u=impeacknow.xyz
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.210.137.162 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS
ec2-54-210-137-162.compute-1.amazonaws.com
Software
nginx /
Resource Hash
3677db861503980c1a46052717d2d0dd158df0fa84618ff0ed9b47759c4fb39f

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:52 GMT
via
1.1 ip-172-30-52-127 (squid/3.5.20)
x-cache-lookup
MISS from ip-172-30-52-127:3128
server
nginx
x-cache
MISS from ip-172-30-52-127
content-type
image/png
status
200
content-length
3749
ezoic.png
go.ezoic.net/utilcave_com/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:9000:200d:2e00:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software
nginx/1.14.0 /
Resource Hash
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 01:07:51 GMT
content-encoding
gzip
x-sol
middleton
age
72038
x-cache
Hit from cloudfront
status
200
x-middleton-display
staticcontent_sol
content-length
1204
display
staticcontent_sol
last-modified
Thu, 27 Jun 2019 00:02:50 GMT
server
nginx/1.14.0
etag
"49d-58c19bcabccc0-gzip-gzip"
vary
Accept-Encoding
x-varnish
930817624, 592505988
via
1.1 varnish (Varnish/6.0), 1.1 f96185b1d69d6f85635bc2b5554da639.cloudfront.net (CloudFront)
cache-control
max-age=604800
x-amz-cf-pop
FRA50
accept-ranges
bytes
content-type
image/png
x-amz-cf-id
ZXYC5WrS03fjmsmzzBbfQp1K9sT9DZvNpr8UATLzNUP5D-bwYzU3vQ==
expires
Sun, 21 Jul 2019 00:51:59 GMT
jquery-1.12.0.min.js
code.jquery.com/ 		0
0
gpt.js
www.googletagservices.com/tag/js/ 		36 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
7e78b2124bb4e2377ee660941ff226a6a5565e3915b5a6019b0305153391a8dc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"221 / 454 of 1000 / last-modified: 1562942757"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
11861
x-xss-protection
0
expires
Sun, 14 Jul 2019 20:52:37 GMT
banger.js
www.siteleaks.com/porpoiseant/ 		58 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.siteleaks.com/porpoiseant/banger.js?cb=186-4&bv=2&v=26&PageSpeed=off
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a8be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b7ed65e130bbf8d1683ce4fe7acfb88b89bc1c771776f1e70ae7de67a961730

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:37 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
cf-cache-status
HIT
cf-bgj
minify
server
cloudflare
age
1655471
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
status
200
content-encoding
br
cache-control
public, max-age=31536000
x-varnish
844057909, 755452436
cf-ray
4f6661a57ee9c277-FRA
expires
Mon, 13 Jul 2020 20:52:37 GMT
rochester.js
www.siteleaks.com/detroitchicago/ 		2 KB
916 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.siteleaks.com/detroitchicago/rochester.js?cb=186-4&v=8
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a8be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:37 GMT
via
1.1 varnish (Varnish/6.0)
cf-cache-status
HIT
age
1655473
cf-polished
origSize=3195
status
200
cf-bgj
minify
content-encoding
br
x-varnish
893979491
last-modified
Fri, 21 Jun 2019 19:50:18 GMT
server
cloudflare
etag
W/"c7b-58bdac59bb280;58bdac59bb280-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=31536000
cf-ray
4f6661a57eeac277-FRA
expires
Mon, 13 Jul 2020 20:52:37 GMT
show_ads.js
pagead2.googlesyndication.com/pagead/ 		64 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/show_ads.js
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ab36de69ff5e0447a3ce698dd143db943bcc0c37ee78f91130d4930d13668b66
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
25039
x-xss-protection
0
server
cafe
etag
8092451905866772360
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 14 Jul 2019 20:52:37 GMT
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:821::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 20 Jun 2019 21:35:04 GMT
server
Golfe2
age
2282
date
Sun, 14 Jul 2019 20:14:35 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17168
expires
Sun, 14 Jul 2019 22:14:35 GMT
ezosuigeneris.js
g.ezoic.net/ 		514 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezosuigeneris.js
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.91.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-91-78.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 /
Resource Hash
f153b724f526adf0abb9f9dcda463b63bd4f3b9ff983b38adc20313cbdd5dc43

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:44 GMT
via
1.1 varnish (Varnish/6.0), 1.1 varnish (Varnish/6.0)
last-modified
Thu, 11 Jul 2019 23:04:55 GMT
server
nginx/1.14.0
age
0
etag
3bb30df14094dc2980ba662da0b15698
vary
Accept-Encoding,X-APP-JSON
content-type
text/javascript
status
200
cache-control
max-age=999999, private
x-varnish
654653087, 851710427
accept-ranges
bytes
content-length
514
expires
Mon, 29 Apr 2020 21:44:55 GMT
ezosuigenerisc.js
g.ezoic.net/ 		0
66 B 		Script
General
Check archive.org
Download Go to
Full URL
https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.158.91.78 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-35-158-91-78.eu-central-1.compute.amazonaws.com
Software
nginx/1.14.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:44 GMT
via
1.1 varnish (Varnish/6.0)
server
nginx/1.14.0
age
0
vary
Accept-Encoding,X-APP-JSON
content-type
text/html; charset=utf-8
status
200
cache-control
max-age=300, private
x-varnish
362596773
accept-ranges
bytes
content-length
0
imp.gif
www.siteleaks.com/detroitchicago/ 		43 B
152 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.siteleaks.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_location_ids%22%3A%221%2C3%2C5%2C30%2C4%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A4%2C%22bidder_version%22%3A3%2C%22city%22%3A%22Rheinfelden%22%2C%22country%22%3A%22DE%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A4%2C%22domain_id%22%3A15514%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A0%2C%22forensiq_score%22%3A-1%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A4%2C%22metro_code%22%3A0%2C%22page_ad_positions%22%3A%221100%2C1101%2C1103%2C1108%2C1121%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%2281d26efa-2816-4a5a-73c6-a1683df1bc95%22%2C%22position_selection_id%22%3A16%2C%22postal_code%22%3A%2279618%22%2C%22pv_event_count%22%3A0%2C%22response_time_orig%22%3A186%2C%22serverid%22%3A%2235.158.95.173%3A4644%22%2C%22state%22%3A%22BW%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1103%2C1108%2C1121%22%2C%22t_epoch%22%3A1563137556%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fwww.siteleaks.com%2Fwww.impeacknow.xyz%22%2C%22user_id%22%3A0%2C%22word_count%22%3A430%2C%22worst_bad_word_level%22%3A0%7D
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a8be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:37 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
x-middleton-display
imp_sol
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
4f6661a5af98c277-FRA
collect
stats.g.doubleclick.net/r/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=932277137&utmhn=www.siteleaks.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=www...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75393812-1&cid=887374136.1563137557&jid=1860712578&_v=5.7.2&z=932277137
35 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75393812-1&cid=887374136.1563137557&jid=1860712578&_v=5.7.2&z=932277137
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
date
Sun, 14 Jul 2019 20:52:37 GMT
content-type
image/gif
status
200
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sun, 14 Jul 2019 20:52:37 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
access-control-allow-origin
*
location
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-75393812-1&cid=887374136.1563137557&jid=1860712578&_v=5.7.2&z=932277137
content-type
text/html; charset=UTF-8
status
302
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
369
expires
Fri, 01 Jan 1990 00:00:00 GMT
cygnus
as-sec.casalemedia.com/ 		0
0
24
web.hb.ad.cpe.dotomi.com/s2s/header/ 		0
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by
Host: go.ezoic.net
URL: https://go.ezoic.net/porpoiseant/dall2143.js?cb=186-4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a02:fa8:8806:13::1460 , Sweden, ASN41041 (VCLK-EU-, SE),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
Origin
https://www.siteleaks.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 14 Jul 2019 20:52:37 GMT
server
nginx
status
204
access-control-allow-origin
https://www.siteleaks.com
cache-control
no-cache
access-control-allow-credentials
true
expires
0
ortb
bid.contextweb.com/header/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=49de1897d081a59;misc=1563137557437;
adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020669/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=50cb6eb63d82076;misc=1563137557437;
adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020647/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=519fb772a6e81ec;misc=1563137557437;
adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020606/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=5261199d6a9fd57;misc=1563137557437;
adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020632/0/0/ 		0
0
ADTECH;v=2;cmd=bid;cors=yes;alias=53ea0a662949ed5;misc=1563137557437;
adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020635/0/0/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
imp
g2.gumgum.com/hbid/ 		0
0
cdb
bidder.criteo.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		0
0
integrator.js
adservice.google.de/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.siteleaks.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
171 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.siteleaks.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-type
application/javascript; charset=UTF-8
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
104
x-xss-protection
0
pubads_impl_2019070801.js
securepubads.g.doubleclick.net/gpt/ 		0
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: go.ezoic.net
URL: https://go.ezoic.net/porpoiseant/dall2143.js?cb=186-4
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
2f40e7e2973ff560f6663956b13edeaca7afb07c427165eea32e6612ec24a7b8

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Sun, 14 Jul 2019 20:52:41 GMT
Content-Encoding
gzip
Last-Modified
Fri, 12 Jul 2019 09:08:23 GMT
Server
nginx
ETag
W/"5d284e07-9e32"
Transfer-Encoding
chunked
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86400, public
Timing-Allow-Origin
*
Expires
Mon, 15 Jul 2019 20:52:41 GMT
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 3236 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: go.ezoic.net
URL: https://go.ezoic.net/porpoiseant/dall2143.js?cb=186-4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.siteleaks.com/www.impeacknow.xyz
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.siteleaks.com/www.impeacknow.xyz

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 14 Jul 2019 20:52:43 GMT
Age
29589049
Connection
keep-alive
X-Served-By
cache-jfk8123-JFK, cache-hhn4049-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1276778, 4158278
X-Timer
S1563137564.708429,VS0,VE0
Vary
Accept-Encoding
Cookie set visitormatch
bh.contextweb.com/ Frame 54FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://bh.contextweb.com/visitormatch
Requested by
Host: go.ezoic.net
URL: https://go.ezoic.net/porpoiseant/dall2143.js?cb=186-4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.166 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
Jetty(9.4.7.v20170914) /
Resource Hash

Request headers

Host
bh.contextweb.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.siteleaks.com/www.impeacknow.xyz
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.siteleaks.com/www.impeacknow.xyz

Response headers

Cache-Control
private, max-age=0, no-cache, no-store
Content-Encoding
gzip
Content-Language
en
Content-Type
text/html; charset=utf-8
Cw-Server
bh-deployment-6cc768f58-rcbsz
Expires
-1
P3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
Server
Jetty(9.4.7.v20170914)
Set-Cookie
_dbefe=http://10.223.19.132:8080; Path=/
Content-Length
1903
Accept-Ranges
bytes
Date
Sun, 14 Jul 2019 20:52:43 GMT
Via
1.1 varnish
Connection
keep-alive
X-Served-By
cache-fra19182-FRA
X-Cache
MISS
X-Cache-Hits
0
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame CEFE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by
Host: go.ezoic.net
URL: https://go.ezoic.net/porpoiseant/dall2143.js?cb=186-4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software
nginx/1.9.13 /
Resource Hash

Request headers

Host
acdn.adnxs.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer
https://www.siteleaks.com/www.impeacknow.xyz
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://www.siteleaks.com/www.impeacknow.xyz

Response headers

Server
nginx/1.9.13
Content-Type
text/html
Last-Modified
Fri, 20 May 2016 02:07:09 GMT
ETag
W/"573e714d-3e3"
Expires
Sun, 06 Aug 2017 09:41:59 GMT
Cache-Control
max-age=31536000
Access-Control-Allow-Origin
*
Content-Encoding
gzip
Via
1.1 varnish 1.1 varnish
Fastly-Debug-Digest
e0a1bb88354655bae6b4f44be1ff58238053e5563770e29e0e433e905ee66055
Content-Length
506
Accept-Ranges
bytes
Date
Sun, 14 Jul 2019 20:52:43 GMT
Age
29589049
Connection
keep-alive
X-Served-By
cache-jfk8123-JFK, cache-hhn4049-HHN
X-Cache
HIT, HIT
X-Cache-Hits
1276778, 4158279
X-Timer
S1563137564.715372,VS0,VE0
Vary
Accept-Encoding
greenoaks.gif
www.siteleaks.com/detroitchicago/ 		43 B
248 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.siteleaks.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4MWQyNmVmYS0yODE2LTRhNWEtNzNjNi1hMTY4M2RmMWJjOTUiLCJkb21haW5faWQiOiIxNTUxNCIsInRfZXBvY2giOjE1NjMxMzc1NTYsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6IjNiYjMwZGYxNDA5NGRjMjk4MGJhNjYyZGEwYjE1Njk4In1dfV0=
Requested by
Host: www.siteleaks.com
URL: https://www.siteleaks.com/www.impeacknow.xyz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:30::681b:a8be , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

Referer
https://www.siteleaks.com/www.impeacknow.xyz
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Sun, 14 Jul 2019 20:52:44 GMT
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/gif
status
200
x-middleton-display
ezp_sol
cache-control
max-age=0, must-revalidate, no-cache, no-store
cf-ray
4f6661d20850c277-FRA
expires
Sat, 13 Jul 2019 20:52:44 UTC

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
code.jquery.com
URL
https://code.jquery.com/jquery-1.12.0.min.js
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/cygnus?s=305144&v=7.2&r=%7B%22id%22%3A%2211892824da0d8b%22%2C%22imp%22%3A%5B%7B%22id%22%3A%22249128a1808658%22%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22305144%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22id%22%3A%22303af8ea45f5c4%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A90%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22305141%22%2C%22sid%22%3A%22970x90%22%7D%7D%2C%7B%22id%22%3A%2246495745c50ab7%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22305137%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22id%22%3A%225dbf583799e94%22%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22305139%22%2C%22sid%22%3A%22336x280%22%7D%7D%2C%7B%22id%22%3A%226687d2fae3b0e1%22%2C%22banner%22%3A%7B%22w%22%3A970%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22305140%22%2C%22sid%22%3A%22970x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.siteleaks.com%2Fwww.impeacknow.xyz%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Domain
bid.contextweb.com
URL
https://bid.contextweb.com/header/ortb
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020669/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=49de1897d081a59;misc=1563137557437;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020647/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=50cb6eb63d82076;misc=1563137557437;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020606/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=519fb772a6e81ec;misc=1563137557437;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020632/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=5261199d6a9fd57;misc=1563137557437;
Domain
adserver-us.adtech.advertising.com
URL
https://adserver-us.adtech.advertising.com/pubapi/3.0/10765.1/5020635/0/0/ADTECH;v=2;cmd=bid;cors=yes;alias=53ea0a662949ed5;misc=1563137557437;
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=16886&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.siteleaks.com%2Fwww.impeacknow.xyz&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10035&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=16892&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.siteleaks.com%2Fwww.impeacknow.xyz&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10035&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=16892&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.siteleaks.com%2Fwww.impeacknow.xyz&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10035&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=16886&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.siteleaks.com%2Fwww.impeacknow.xyz&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10035&
Domain
g2.gumgum.com
URL
https://g2.gumgum.com/hbid/imp?si=16892&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.siteleaks.com%2Fwww.impeacknow.xyz&ce=true&dpr=1&jcsi=%7B%22t%22%3A0%2C%22rq%22%3A8%7D&ogu=null&ns=10035&
Domain
bidder.criteo.com
URL
https://bidder.criteo.com/cdb?profileId=207&av=16&wv=2.14.0-pre&cb=54486191292
Domain
ib.adnxs.com
URL
https://ib.adnxs.com/ut/v3/prebid
Domain
securepubads.g.doubleclick.net
URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2019070801.js?21064183

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onselectstart object| onselectionchange function| queueMicrotask object| __banger_pmp_deals object| _ebcids function| ez_isclean object| ez_queue function| sort_queue function| execute_ez_queue function| ez_write_tag function| in_array object| ez_ad_units object| ezslots object| ezrpos undefined| ez_current_interval number| ez_current_load object| epbjs function| epbjsRequestAdUnits function| epbjsRefreshSlot object| ezorbf boolean| isEZABL number| ezmadspc boolean| ezoViewCheck boolean| ezDisableInitialLoad object| googletag boolean| ezoll object| __ez object| _ezaq object| _ezim_d object| _ezat function| __ezDotData function| EzoicPixel function| EzoicPixelData object| cookieconsent_options boolean| hasCookieConsent string| google_analytics_uacct object| _gaq string| ezouid string| ezoTemplate string| ezoFormfactor object| ezo_elements_to_check string| soc_app_id number| did string| ezdomain number| ezoicSearchable function| __ez_ezosuigenerisEvt function| create_ezolpl function| attach_ezolpl function| _ez_TOS_TrackEvent number| ez_tos_track_count number| ez_last_activity_count function| EzoicBanger object| IL11ILILIIlLLLILILLLLIILLLIIL11111LLILiiLIliLlILlLiiLLIiILL function| ezosethbbids function| ezbanger function| ezvb function| ezvbc function| ezsr object| _gat object| gaGlobal function| epbjsChunk object| __core-js_shared__ function| JSEncrypt object| Criteo object| ggeac object| closure_memoize_cache_ object| googleToken object| googleIMState object| google_ltobserver object| google_js_reporting_queue function| processGoogleToken object| criteo_pubtag string| ezosuigeneris function| __ez_func_ezosuigeneris

0 Cookies

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
adserver-us.adtech.advertising.com
adservice.google.com
adservice.google.de
as-sec.casalemedia.com
bh.contextweb.com
bid.contextweb.com
bidder.criteo.com
code.jquery.com
g.ezoic.net
g2.gumgum.com
go.ezoic.net
ib.adnxs.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
traffic.alexa.com
web.hb.ad.cpe.dotomi.com
www.ezojs.com
www.google.com
www.googletagservices.com
www.siteleaks.com
adserver-us.adtech.advertising.com
as-sec.casalemedia.com
bid.contextweb.com
bidder.criteo.com
code.jquery.com
g2.gumgum.com
ib.adnxs.com
securepubads.g.doubleclick.net
151.101.113.108
151.101.12.166
178.250.0.130
2600:9000:200d:2e00:2:cb38:840:93a1
2606:4700:30::681b:a8be
2a00:1450:4001:809::2002
2a00:1450:4001:815::2002
2a00:1450:4001:818::2002
2a00:1450:4001:81e::2004
2a00:1450:4001:821::2008
2a00:1450:400c:c0c::9c
2a02:fa8:8806:13::1460
3.122.185.41
35.158.91.78
54.210.137.162
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
10d4b728888654e0b85c706a9310b551087d3321fb8ebfff147d07b13fa73bf0
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
2e30ff33270fd8687b0eb4d12652bfd967f23975f158bf8da93bece2ba4ab947
2f40e7e2973ff560f6663956b13edeaca7afb07c427165eea32e6612ec24a7b8
3677db861503980c1a46052717d2d0dd158df0fa84618ff0ed9b47759c4fb39f
6b7ed65e130bbf8d1683ce4fe7acfb88b89bc1c771776f1e70ae7de67a961730
777cc56d4fcbc36f7a94abab1b63d6c20cf73def1bc63f02aa2313b0aa609ada
7e78b2124bb4e2377ee660941ff226a6a5565e3915b5a6019b0305153391a8dc
7eda87085076d2be21d3b0a1c8a970d68ad06fd14a31ca97a21ef4224f018e70
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
a7d72a2373d9d7be8325768387530166efe2d3906374ebbd23267cc8ec8e771a
ab36de69ff5e0447a3ce698dd143db943bcc0c37ee78f91130d4930d13668b66
dc7e642d14b2030e0c363da31b454cef6d8db24a04911d2324493c2be4962234
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f153b724f526adf0abb9f9dcda463b63bd4f3b9ff983b38adc20313cbdd5dc43