urlscan.io logo urlscan.io
SecurityTrails logo

install.incognitosearches.com Open in urlscan Pro
2400:cb00:2048:1::6812:3927  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xml.explorads.com/click?i=ID0RX-IIbvc_0
Effective URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Submission: On December 15 via manual from RO
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 4 countries across 12 domains to perform 26 HTTP transactions. The main IP is 2400:cb00:2048:1::6812:3927, located in United States and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is install.incognitosearches.com.
TLS certificate: Issued by COMODO ECC Domain Validation Secure S... on December 13th 2017. Valid for: 6 months.
This is the only time install.incognitosearches.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 198.134.116.30 27257 (WEBAIR-IN...)
1 1 34.203.7.24 14618 (AMAZON-AES)
1 1 34.203.184.13 14618 (AMAZON-AES)
1 52.59.104.44 16509 (AMAZON-02)
1 1 2400:cb00:204... 13335 (CLOUDFLAR...)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
5 205.185.208.154 20446 (HIGHWINDS3)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 151.139.237.113 54104 (AS-STACKPATH)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
3 2a00:1450:400... 15169 (GOOGLE)
6 13.94.252.251 8075 (MICROSOFT...)
26 9
1    198.134.116.30 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.explorads.com
1    34.203.7.24 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-203-7-24.compute-1.amazonaws.com
sax.perfonspot.com
1    34.203.184.13 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-203-184-13.compute-1.amazonaws.com
cst.peakonsrv.com
1    52.59.104.44 (Frankfurt, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-59-104-44.eu-central-1.compute.amazonaws.com
tracking.pluscpi.mobi
1    2400:cb00:2048:1::6812:3827 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
install.incognitosearches.com
1    2400:cb00:2048:1::6812:3927 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
install.incognitosearches.com
5    205.185.208.154 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip154.ssl.hwcdn.net
i3j3u3u9.ssl.hwcdn.net
2    2a00:1450:4001:817::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
6    2a00:1450:4001:817::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
www.google-analytics.com
1    151.139.237.113 (Dallas, United States)

ASN54104 (AS-STACKPATH - netDNA, US)
code.jquery.com
1    2400:cb00:2048:1::6813:c366 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
3    2a00:1450:4001:817::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
6    13.94.252.251 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
pixel.sendmepixel.com
Domain Requested by
6 pixel.sendmepixel.com i3j3u3u9.ssl.hwcdn.net
6 www.google-analytics.com install.incognitosearches.com
5 i3j3u3u9.ssl.hwcdn.net install.incognitosearches.com
code.jquery.com
3 fonts.gstatic.com code.jquery.com
2 fonts.googleapis.com install.incognitosearches.com
2 install.incognitosearches.com 1 redirects
1 cdnjs.cloudflare.com install.incognitosearches.com
1 code.jquery.com install.incognitosearches.com
1 tracking.pluscpi.mobi
1 cst.peakonsrv.com 1 redirects
1 sax.perfonspot.com 1 redirects
1 xml.explorads.com 1 redirects
26 12

This site contains links to these domains. Also see Links.

Domain
incognitosearches.com
Subject Issuer Validity Valid
sni108986.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-12-13 -
2018-06-21		 6 months crt.sh
*.ssl.hwcdn.net
Go Daddy Secure Certificate Authority - G2		 2015-01-21 -
2018-01-21		 3 years crt.sh
*.googleapis.com
Google Internet Authority G2		 2017-11-29 -
2018-02-21		 3 months crt.sh
*.google-analytics.com
Google Internet Authority G3		 2017-11-29 -
2018-02-21		 3 months crt.sh
code.jquery.com
AlphaSSL CA - SHA256 - G2		 2017-07-25 -
2018-07-26		 a year crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2017-11-04 -
2018-05-13		 6 months crt.sh
*.google.com
Google Internet Authority G2		 2017-11-29 -
2018-02-21		 3 months crt.sh
pixel.sendmepixel.com
COMODO RSA Domain Validation Secure Server CA		 2017-11-30 -
2020-11-29		 3 years crt.sh

This page contains 1 frames:

Primary Page: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Frame ID: (89EF4E0FC644983045DE2746BD0B280F)
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xml.explorads.com/click?i=ID0RX-IIbvc_0 HTTP 302
    http://sax.perfonspot.com/pops/dlink.php?pid=4018&format=POPUP HTTP 302
    http://cst.peakonsrv.com/?camp_id=3595&crea_id=5719&ptrack=JFC4018&params=cG9wUlRCfERFfDY2Mjg5fDExNjA... HTTP 302
    http://tracking.pluscpi.mobi/click?pid=785&offer_id=3879&sub1=EI1545a340c39aa62868664485&sub2=JHC4018_ Page URL
  2. http://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036 HTTP 301
    https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i

Page Statistics

26
Requests

96 %
HTTPS

46 %
IPv6

12
Domains

12
Subdomains

9
IPs

4
Countries

120 kB
Transfer

242 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xml.explorads.com/click?i=ID0RX-IIbvc_0 HTTP 302
    http://sax.perfonspot.com/pops/dlink.php?pid=4018&format=POPUP HTTP 302
    http://cst.peakonsrv.com/?camp_id=3595&crea_id=5719&ptrack=JFC4018&params=cG9wUlRCfERFfDY2Mjg5fDExNjAxfDQwMTh8SkhDNDAxOF98NDAxOC5tZWRpYS1zZXJ2aW5nLmNvbXxJTlRFUlNUSVRJQUx8ZmVlZHxKRkM0MDE4fHJldnNoYXJlfDAuMDAwMDB8bGV2ZWwxMnx8c2luZ2xlfDB8MC4wMDAwMHwwLjAwMDAwfERFfDE1MTMzNjA0NDF8MWVjNmM4NTg4MzIyY2MzN2FlOGU3NGE4ZWY1NTBiODZ8fFIxNTEzMzYwNDQxMzE1OTc4NTc4MTUyMTM1MHwxNDguMjUxLjQ1LjI1NHwzNTk1fDU3MTl8Q1BJfHx8MjgzOXxvc3h8fEhFVFpORVJ8ZGVza3RvcHxXaWZpIChjYWJsZS9kc2wpfGNocm9tZXxSUyBEZXNrdG9wIFBsdXNDUEkgSW5jb2duaXRvU2VhcmNoZXMgV1d8MTh8MGY1NjhiMTFhNzRkNWM0ZmNlNmRhZTU0MDA2M2EwNWF8MTAwfDEwMHwxfDB8SkhDNDAxOF98fHJldnNoYXJlfC18fFVTRHwwfElQO1VBO0NvdW50cnk7fDExNjA4fDA%3D&ssg=172.31.41.212&version=1&par4=clntb64 HTTP 302
    http://tracking.pluscpi.mobi/click?pid=785&offer_id=3879&sub1=EI1545a340c39aa62868664485&sub2=JHC4018_ Page URL
  2. http://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036 HTTP 301
    https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • http://xml.explorads.com/click?i=ID0RX-IIbvc_0 HTTP 302
  • http://sax.perfonspot.com/pops/dlink.php?pid=4018&format=POPUP HTTP 302
  • http://cst.peakonsrv.com/?camp_id=3595&crea_id=5719&ptrack=JFC4018&params=cG9wUlRCfERFfDY2Mjg5fDExNjAxfDQwMTh8SkhDNDAxOF98NDAxOC5tZWRpYS1zZXJ2aW5nLmNvbXxJTlRFUlNUSVRJQUx8ZmVlZHxKRkM0MDE4fHJldnNoYXJlfDAuMDAwMDB8bGV2ZWwxMnx8c2luZ2xlfDB8MC4wMDAwMHwwLjAwMDAwfERFfDE1MTMzNjA0NDF8MWVjNmM4NTg4MzIyY2MzN2FlOGU3NGE4ZWY1NTBiODZ8fFIxNTEzMzYwNDQxMzE1OTc4NTc4MTUyMTM1MHwxNDguMjUxLjQ1LjI1NHwzNTk1fDU3MTl8Q1BJfHx8MjgzOXxvc3h8fEhFVFpORVJ8ZGVza3RvcHxXaWZpIChjYWJsZS9kc2wpfGNocm9tZXxSUyBEZXNrdG9wIFBsdXNDUEkgSW5jb2duaXRvU2VhcmNoZXMgV1d8MTh8MGY1NjhiMTFhNzRkNWM0ZmNlNmRhZTU0MDA2M2EwNWF8MTAwfDEwMHwxfDB8SkhDNDAxOF98fHJldnNoYXJlfC18fFVTRHwwfElQO1VBO0NvdW50cnk7fDExNjA4fDA%3D&ssg=172.31.41.212&version=1&par4=clntb64 HTTP 302
  • http://tracking.pluscpi.mobi/click?pid=785&offer_id=3879&sub1=EI1545a340c39aa62868664485&sub2=JHC4018_

26 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set click
tracking.pluscpi.mobi/
Redirect Chain
  • http://xml.explorads.com/click?i=ID0RX-IIbvc_0
  • http://sax.perfonspot.com/pops/dlink.php?pid=4018&format=POPUP
  • http://cst.peakonsrv.com/?camp_id=3595&crea_id=5719&ptrack=JFC4018&params=cG9wUlRCfERFfDY2Mjg5fDExNjAxfDQwMTh8SkhDNDAxOF98NDAxOC5tZWRpYS1zZXJ2aW5nLmNvbXxJTlRFUlNUSVRJQUx8ZmVlZHxKRkM0MDE4fHJldnNoYXJ...
  • http://tracking.pluscpi.mobi/click?pid=785&offer_id=3879&sub1=EI1545a340c39aa62868664485&sub2=JHC4018_
207 B
0 		Document
General
Check archive.org
Download Go to
Full URL
http://tracking.pluscpi.mobi/click?pid=785&offer_id=3879&sub1=EI1545a340c39aa62868664485&sub2=JHC4018_
Protocol
HTTP/1.1
Server
52.59.104.44 Frankfurt, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-59-104-44.eu-central-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Connection
keep-alive
Accept-Encoding
gzip, deflate
Host
tracking.pluscpi.mobi
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 15 Dec 2017 17:54:01 GMT
Content-Encoding
gzip
Server
nginx
Set-Cookie
afclick=5a340c399125fb0001d54036; Expires=Sat, 15 Dec 2018 17:54:01 GMT
Transfer-Encoding
chunked
Connection
keep-alive
Content-Type
text/html; charset=utf-8

Redirect headers

Location
http://tracking.pluscpi.mobi/click?pid=785&offer_id=3879&sub1=EI1545a340c39aa62868664485&sub2=JHC4018_
Set-Cookie
ctxfeed_media-serving=%7B%22ctxpop_uuid%22%3A%2215525747872889041513360441%22%7D; expires=Wed, 31-Dec-2098 23:00:00 GMT; Max-Age=2557544759 ep_2752323eda4a4040105abc98ba1fdac9=20171215%7C2839%7CEI1545a340c39aa62868664485%7C; expires=Sun, 14-Jan-2018 17:54:01 GMT; Max-Age=2592000; path=/; domain=.peak-serving.com eprt_0f568b11a74d5c4fce6dae540063a05a=20171215%7C2839%7CEI1545a340c39aa62868664485%7C; expires=Sun, 14-Jan-2018 17:54:01 GMT; Max-Age=2592000; path=/; domain=.peak-serving.com
Date
Fri, 15 Dec 2017 17:54:01 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Primary Request /
install.incognitosearches.com/
Redirect Chain
  • http://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
  • https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
4 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6812:3927 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx / ASP.NET
Resource Hash
638f4b33eaa345c1afa8c48212a3168e9fffb81a88bb9fba8a58e70c6cf44435

Request headers

:path
/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
pragma
no-cache
accept-encoding
gzip, deflate
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
cache-control
no-cache
:authority
install.incognitosearches.com
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 15 Dec 2017 17:54:02 GMT
content-encoding
gzip
x-aspnetmvc-version
5.2
server
cloudflare-nginx
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/html; charset=utf-8
status
200
cache-control
private
set-cookie
__cfduid=d2e9e9f45de31938da0011e553b2fd4eb1513360441; expires=Sat, 15-Dec-18 17:54:01 GMT; path=/; domain=.incognitosearches.com; HttpOnly __lpval=pid=52519&subid=785&clickid=5a340c399125fb0001d54036&pagename=page2.html; expires=Fri, 15-Dec-2017 17:59:00 GMT; path=/
cf-ray
3cdb44094c97235a-FRA

Redirect headers

Date
Fri, 15 Dec 2017 17:54:01 GMT
Server
cloudflare-nginx
Transfer-Encoding
chunked
Location
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Cache-Control
max-age=3600
Connection
keep-alive
CF-RAY
3cdb440916276469-FRA
Expires
Fri, 15 Dec 2017 18:54:01 GMT
style_2.css
i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/styles/ 		3 KB
931 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/styles/style_2.css?v=1.2
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
11b8816202e0dfe21216dca43f866ae46320007b36afca128faf7c1ae39dc579

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i3j3u3u9.ssl.hwcdn.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2017 22:11:59 GMT
ETag
1513289519
X-HW
1513360442.dop013.fr8.t,1513360442.cds034.fr8.shn,1513360442.dop013.fr8.t,1513360442.cds006.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
931
user-action-elements.css
i3j3u3u9.ssl.hwcdn.net/common/styles/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/styles/user-action-elements.css?v=3.7
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
5fa9902cfc73ebe0c4043bd9e7baf7df32c27a82a083b7b321dbb849c525db4f

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i3j3u3u9.ssl.hwcdn.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
text/css,*/*;q=0.1
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Content-Encoding
gzip
Last-Modified
Wed, 22 Nov 2017 12:04:56 GMT
ETag
1511352296
X-HW
1513360442.dop013.fr8.t,1513360442.cds041.fr8.shn,1513360442.dop013.fr8.t,1513360442.cds036.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1093
css
fonts.googleapis.com/ 		10 KB
814 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
23ad1d78a58aefd754ebfaa3e4e57a69f88148bc7ac42a36cde5e50da539b534
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Ubuntu:300,400,400i,700,700i
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 15 Dec 2017 17:54:02 GMT
content-encoding
gzip
last-modified
Fri, 15 Dec 2017 17:54:02 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Fri, 15 Dec 2017 17:54:02 GMT
css
fonts.googleapis.com/ 		1 KB
463 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
101c479f8693f33361b3152bc8309f036136f6518563f843507886987c503930
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/css?family=Nunito
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
text/css,*/*;q=0.1
cache-control
no-cache
:authority
fonts.googleapis.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 15 Dec 2017 17:54:02 GMT
content-encoding
gzip
last-modified
Fri, 15 Dec 2017 17:54:02 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
x-xss-protection
1; mode=block
expires
Fri, 15 Dec 2017 17:54:02 GMT
analytics.js
www.google-analytics.com/ 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

:path
/analytics.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 13 Nov 2017 20:19:12 GMT
server
Golfe2
age
7127
date
Fri, 15 Dec 2017 15:55:15 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14597
expires
Fri, 15 Dec 2017 17:55:15 GMT
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.139.237.113 Dallas, United States, ASN54104 (AS-STACKPATH - netDNA, US),
Reverse DNS
Software
NetDNA-cache/2.2 /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

:path
/jquery-1.11.3.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
code.jquery.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 15 Dec 2017 17:54:02 GMT
content-encoding
gzip
last-modified
Tue, 28 Apr 2015 16:20:58 GMT
server
NetDNA-cache/2.2
status
200
etag
W/"553fb36a-176d5"
vary
Accept-Encoding
x-cache
HIT
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=315360000 public
expires
Thu, 31 Dec 2037 23:55:55 GMT
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/ 		2 KB
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/js.cookie.min.js
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c366 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare-nginx /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

:path
/ajax/libs/js-cookie/2.1.3/js.cookie.min.js
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
cdnjs.cloudflare.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

date
Fri, 15 Dec 2017 17:54:02 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Fri, 02 Sep 2016 09:46:13 GMT
server
cloudflare-nginx
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
strict-transport-security
max-age=15780000; includeSubDomains
cf-ray
3cdb440b1c6c973e-FRA
expires
Wed, 05 Dec 2018 17:54:02 GMT
main.936E07116E1C36ED112A223DCA84B793.js
i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/ 		37 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/main.936E07116E1C36ED112A223DCA84B793.js?v=BD82A106B74962B853813F15E5F109F6
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
9cbf12183f5fba59f2275ddda0e0a3c3d2f47203b150794e0ab1e7018b29cb67

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i3j3u3u9.ssl.hwcdn.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Content-Encoding
gzip
Last-Modified
Thu, 14 Dec 2017 23:04:50 GMT
ETag
1513292690
X-HW
1513360442.dop013.fr8.t,1513360442.cds047.fr8.shn,1513360442.dop013.fr8.t,1513360442.cds012.fr8.c
Content-Type
application/octet-stream
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11631
icon.png
i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/images/2/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/images/2/icon.png
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
110fc14dfe76944a2ea221b0e7d99b7a98157e950534a74e1320535b80eb8fc5

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i3j3u3u9.ssl.hwcdn.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Last-Modified
Sun, 17 Sep 2017 15:34:58 GMT
ETag
1505662498
X-HW
1513360442.dop013.fr8.t,1513360442.cds047.fr8.shn,1513360442.dop013.fr8.t,1513360442.cds001.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12914
collect
www.google-analytics.com/r/ 		35 B
53 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1077238364&t=pageview&_s=1&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABE~&jid=151120555&gjid=878216009&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&_r=1&z=528509696
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/r/collect?v=1&_v=j66&a=1077238364&t=pageview&_s=1&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABE~&jid=151120555&gjid=878216009&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&_r=1&z=528509696
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 15 Dec 2017 17:54:02 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Fri, 01 Jan 1990 00:00:00 GMT
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v11/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v11/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
3696787b5628c80ea9ae73a18a2de9414b9cd5b8106de5edc9acc377c722ca61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/ubuntu/v11/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
pragma
no-cache
origin
https://install.incognitosearches.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
Origin
https://install.incognitosearches.com

Response headers

date
Mon, 11 Dec 2017 14:19:00 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:22:13 GMT
server
sffe
age
358502
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
14036
x-xss-protection
1; mode=block
expires
Tue, 11 Dec 2018 14:19:00 GMT
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v11/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v11/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a8d0fedb1ea3bf3105179cbc2f16c83a387c7293ec70b17132148cf2fe5035ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:path
/s/ubuntu/v11/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
pragma
no-cache
origin
https://install.incognitosearches.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
Origin
https://install.incognitosearches.com

Response headers

date
Mon, 11 Dec 2017 09:13:13 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:22:06 GMT
server
sffe
age
376849
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
13508
x-xss-protection
1; mode=block
expires
Tue, 11 Dec 2018 09:13:13 GMT
buttons.png
i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/images/2/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/images/2/buttons.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
fbf392ffb33e23b5a47af49eda81b3934e1c0480bba32583b9bb57aa8a2453f2

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
i3j3u3u9.ssl.hwcdn.net
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/styles/style_2.css?v=1.2
Connection
keep-alive
Cache-Control
no-cache
Referer
https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/styles/style_2.css?v=1.2
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Last-Modified
Sun, 17 Sep 2017 15:34:57 GMT
ETag
1505662497
X-HW
1513360442.dop013.fr8.t,1513360442.cds047.fr8.shn,1513360442.dop013.fr8.t,1513360442.cds012.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11519
700
fonts.gstatic.com/stats/Ubuntu/normal/ 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/stats/Ubuntu/normal/700
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:817::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:path
/stats/Ubuntu/normal/700
pragma
no-cache
origin
https://install.incognitosearches.com
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
*/*
cache-control
no-cache
:authority
fonts.gstatic.com
referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
:scheme
https
:method
GET
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
Origin
https://install.incognitosearches.com

Response headers

pragma
no-cache
date
Fri, 15 Dec 2017 17:54:02 GMT
server
ESF
status
204
x-frame-options
SAMEORIGIN
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
0
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.aspx
pixel.sendmepixel.com/ 		277 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.sendmepixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525190000000785&userid=b11ddd67-cbd2-455a-b75a-605b4fc3283a&installdate=15-12-2017&type=pageload&data1=IncognitoSearches%20B&data2=Chrome&data3=5a340c399125fb0001d54036&data4=1600x1200&data5=1600x1200&data6=0&data7=8&data8=1&data9=en-US&data10=d39dd2a9-e962-4164-91eb-605b4fc325b9&data11=Chrome&data12=61&data13=Mac%20OS%20X&data14=10_12_6&data16=0&data17=&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/main.936E07116E1C36ED112A223DCA84B793.js?v=BD82A106B74962B853813F15E5F109F6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
caa4f1b40630a36d4bbbea18bdfd20256691faaf8a45bb1531608fa46a81b8b5

Request headers

Pragma
no-cache
Origin
https://install.incognitosearches.com
Accept-Encoding
gzip, deflate
Host
pixel.sendmepixel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Last-Modified
Fri, 15 Dec 2017 17:54:02 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
277
pixel.aspx
pixel.sendmepixel.com/ 		277 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.sendmepixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525190000000785&userid=b11ddd67-cbd2-455a-b75a-605b4fc3283a&installdate=15-12-2017&type=invalidpage&data1=IncognitoSearches%20B&data3=5a340c399125fb0001d54036&date4=fullscreen&data10=d39dd2a9-e962-4164-91eb-605b4fc325b9&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/main.936E07116E1C36ED112A223DCA84B793.js?v=BD82A106B74962B853813F15E5F109F6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
caa4f1b40630a36d4bbbea18bdfd20256691faaf8a45bb1531608fa46a81b8b5

Request headers

Pragma
no-cache
Origin
https://install.incognitosearches.com
Accept-Encoding
gzip, deflate
Host
pixel.sendmepixel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 15 Dec 2017 17:54:01 GMT
Last-Modified
Fri, 15 Dec 2017 17:54:02 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
277
pixel.aspx
pixel.sendmepixel.com/ 		277 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.sendmepixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525190000000785&userid=b11ddd67-cbd2-455a-b75a-605b4fc3283a&installdate=15-12-2017&type=failreason&data1=IncognitoSearches%20B&data2=fullscreen&data3=5a340c399125fb0001d54036&data10=d39dd2a9-e962-4164-91eb-605b4fc325b9&data16=0&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/main.936E07116E1C36ED112A223DCA84B793.js?v=BD82A106B74962B853813F15E5F109F6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
caa4f1b40630a36d4bbbea18bdfd20256691faaf8a45bb1531608fa46a81b8b5

Request headers

Pragma
no-cache
Origin
https://install.incognitosearches.com
Accept-Encoding
gzip, deflate
Host
pixel.sendmepixel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Last-Modified
Fri, 15 Dec 2017 17:54:03 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
277
pixel.aspx
pixel.sendmepixel.com/ 		277 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.sendmepixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525190000000785&userid=b11ddd67-cbd2-455a-b75a-605b4fc3283a&installdate=15-12-2017&type=failreason&data1=IncognitoSearches%20B&data2=unsupported_browser&data3=5a340c399125fb0001d54036&data10=d39dd2a9-e962-4164-91eb-605b4fc325b9&data16=0&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/main.936E07116E1C36ED112A223DCA84B793.js?v=BD82A106B74962B853813F15E5F109F6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
caa4f1b40630a36d4bbbea18bdfd20256691faaf8a45bb1531608fa46a81b8b5

Request headers

Pragma
no-cache
Origin
https://install.incognitosearches.com
Accept-Encoding
gzip, deflate
Host
pixel.sendmepixel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Last-Modified
Fri, 15 Dec 2017 17:54:03 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
277
pixel.aspx
pixel.sendmepixel.com/ 		277 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.sendmepixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525190000000785&userid=b11ddd67-cbd2-455a-b75a-605b4fc3283a&installdate=15-12-2017&type=invalidpage&data1=IncognitoSearches%20B&data3=5a340c399125fb0001d54036&date4=testfailed&data10=d39dd2a9-e962-4164-91eb-605b4fc325b9&data16=0&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/main.936E07116E1C36ED112A223DCA84B793.js?v=BD82A106B74962B853813F15E5F109F6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
caa4f1b40630a36d4bbbea18bdfd20256691faaf8a45bb1531608fa46a81b8b5

Request headers

Pragma
no-cache
Origin
https://install.incognitosearches.com
Accept-Encoding
gzip, deflate
Host
pixel.sendmepixel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Last-Modified
Fri, 15 Dec 2017 17:54:02 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
277
collect
www.google-analytics.com/ 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&a=1077238364&t=event&_s=2&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=52519&ea=IncognitoSearches%20B&el=load&_u=KEBAAEABE~&jid=&gjid=&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&z=336752018
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/collect?v=1&_v=j66&a=1077238364&t=event&_s=2&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=52519&ea=IncognitoSearches%20B&el=load&_u=KEBAAEABE~&jid=&gjid=&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&z=336752018
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2017 15:45:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
439694
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&a=1077238364&t=event&_s=3&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=52519&ea=IncognitoSearches%20B&el=invalidpage&_u=KEBAAEABE~&jid=&gjid=&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&z=1754122927
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/collect?v=1&_v=j66&a=1077238364&t=event&_s=3&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=52519&ea=IncognitoSearches%20B&el=invalidpage&_u=KEBAAEABE~&jid=&gjid=&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&z=1754122927
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2017 15:45:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
439694
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&a=1077238364&t=event&_s=4&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=52519&ea=IncognitoSearches%20B&el=unsupported_browser%20&_u=KEBAAEABE~&jid=&gjid=&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&z=1995373399
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/collect?v=1&_v=j66&a=1077238364&t=event&_s=4&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=52519&ea=IncognitoSearches%20B&el=unsupported_browser%20&_u=KEBAAEABE~&jid=&gjid=&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&z=1995373399
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2017 15:45:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
439694
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j66&a=1077238364&t=event&_s=5&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=52519&ea=IncognitoSearches%20B&el=invalidpage&_u=KEBAAEABE~&jid=&gjid=&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&z=1153913639
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a00:1450:4001:817::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

:path
/collect?v=1&_v=j66&a=1077238364&t=event&_s=5&dl=https%3A%2F%2Finstall.incognitosearches.com%2F%3Fpid%3D52519%26subid%3D785%26clickid%3D5a340c399125fb0001d54036&ul=en-us&de=UTF-8&dt=IncognitoSearches&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=52519&ea=IncognitoSearches%20B&el=invalidpage&_u=KEBAAEABE~&jid=&gjid=&cid=2055964338.1513360442&tid=UA-67048757-27&_gid=1773968889.1513360442&z=1153913639
pragma
no-cache
accept-encoding
gzip, deflate
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
accept
image/webp,image/apng,image/*,*/*;q=0.8
cache-control
no-cache
:authority
www.google-analytics.com
referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
:scheme
https
:method
GET
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 10 Dec 2017 15:45:48 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
439694
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
hq=":443"; ma=2592000; quic=51303431; quic=51303339; quic=51303338; quic=51303337; quic=51303335,quic=":443"; ma=2592000; v="41,39,38,37,35"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
pixel.aspx
pixel.sendmepixel.com/ 		277 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pixel.sendmepixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525190000000785&userid=b11ddd67-cbd2-455a-b75a-605b4fc3283a&installdate=15-12-2017&type=gb_detected&data1=Suspicious&data2=2&data3=5a340c399125fb0001d54036&data4=50&data5=1.9150000000000205&data10=d39dd2a9-e962-4164-91eb-605b4fc325b9&data16=0&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/main.936E07116E1C36ED112A223DCA84B793.js?v=BD82A106B74962B853813F15E5F109F6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
caa4f1b40630a36d4bbbea18bdfd20256691faaf8a45bb1531608fa46a81b8b5

Request headers

Pragma
no-cache
Origin
https://install.incognitosearches.com
Accept-Encoding
gzip, deflate
Host
pixel.sendmepixel.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Accept
*/*
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Connection
keep-alive
Cache-Control
no-cache
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/61.0.3163.100 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52519&subid=785&clickid=5a340c399125fb0001d54036
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 15 Dec 2017 17:54:02 GMT
Last-Modified
Fri, 15 Dec 2017 17:54:02 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
277

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onafterprint object| onbeforeprint string| creativenumber string| extensionid string| co string| ip string| currentBrowser string| pgSegment function| ga object| gaplugins function| $ function| jQuery function| Cookies string| GoogleAnalyticsObject object| gaGlobal object| gaData function| g function| p function| q function| r function| t function| u function| C function| D function| E function| Q function| R function| F function| G function| H function| I function| J function| K function| L function| M function| N function| O function| P function| T function| S object| conf object| localization_text object| mapping function| d object| e number| n string| y object| Base string| testValue function| v object| w number| x string| z function| A function| B function| GB

6 Cookies

Domain/Path Name / Value
.incognitosearches.com/ Name: uid
Value: b11ddd67-cbd2-455a-b75a-605b4fc3283a
.incognitosearches.com/ Name: _gid
Value: GA1.2.1773968889.1513360442
.incognitosearches.com/ Name: _ga
Value: GA1.2.2055964338.1513360442
install.incognitosearches.com/ Name: __lpval
Value: pid=52519&subid=785&clickid=5a340c399125fb0001d54036&pagename=page2.html
.incognitosearches.com/ Name: _gat
Value: 1
.incognitosearches.com/ Name: __cfduid
Value: d2e9e9f45de31938da0011e553b2fd4eb1513360441

1 Console Messages

Source Level URL
Text
console-api log URL: https://i3j3u3u9.ssl.hwcdn.net/IncognitoSearches/resources/scripts/minified/main.936E07116E1C36ED112A223DCA84B793.js?v=BD82A106B74962B853813F15E5F109F6(Line 1)
Message:
new 1.7

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
code.jquery.com
cst.peakonsrv.com
fonts.googleapis.com
fonts.gstatic.com
i3j3u3u9.ssl.hwcdn.net
install.incognitosearches.com
pixel.sendmepixel.com
sax.perfonspot.com
tracking.pluscpi.mobi
www.google-analytics.com
xml.explorads.com
13.94.252.251
151.139.237.113
198.134.116.30
205.185.208.154
2400:cb00:2048:1::6812:3827
2400:cb00:2048:1::6812:3927
2400:cb00:2048:1::6813:c366
2a00:1450:4001:817::2003
2a00:1450:4001:817::200a
2a00:1450:4001:817::200e
34.203.184.13
34.203.7.24
52.59.104.44
101c479f8693f33361b3152bc8309f036136f6518563f843507886987c503930
110fc14dfe76944a2ea221b0e7d99b7a98157e950534a74e1320535b80eb8fc5
11b8816202e0dfe21216dca43f866ae46320007b36afca128faf7c1ae39dc579
23ad1d78a58aefd754ebfaa3e4e57a69f88148bc7ac42a36cde5e50da539b534
3696787b5628c80ea9ae73a18a2de9414b9cd5b8106de5edc9acc377c722ca61
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
5fa9902cfc73ebe0c4043bd9e7baf7df32c27a82a083b7b321dbb849c525db4f
638f4b33eaa345c1afa8c48212a3168e9fffb81a88bb9fba8a58e70c6cf44435
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9cbf12183f5fba59f2275ddda0e0a3c3d2f47203b150794e0ab1e7018b29cb67
a8d0fedb1ea3bf3105179cbc2f16c83a387c7293ec70b17132148cf2fe5035ab
caa4f1b40630a36d4bbbea18bdfd20256691faaf8a45bb1531608fa46a81b8b5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7
fbf392ffb33e23b5a47af49eda81b3934e1c0480bba32583b9bb57aa8a2453f2