leakedfiles.org
Open in
urlscan Pro
104.18.51.178
Public Scan
Submission: On March 01 via manual from ES
Summary
This is the only time leakedfiles.org was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 104.18.50.178 104.18.50.178 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 4 | 104.18.51.178 104.18.51.178 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 | 104.19.194.102 104.19.194.102 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 2 | 216.58.214.46 216.58.214.46 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 74.125.133.155 74.125.133.155 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 1 | 216.58.206.4 216.58.206.4 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
1 | 216.58.214.35 216.58.214.35 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
7 | 5 |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
leakedfiles.org |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
leakedfiles.org |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ajax.cloudflare.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f14.1e100.net
www.google-analytics.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: wo-in-f155.1e100.net
stats.g.doubleclick.net |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f4.1e100.net
www.google.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s09-in-f35.1e100.net
www.google.de |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
leakedfiles.org
1 redirects
leakedfiles.org |
21 KB |
2 |
google-analytics.com
1 redirects
www.google-analytics.com |
15 KB |
1 |
google.de
www.google.de |
453 B |
1 |
google.com
1 redirects
www.google.com |
535 B |
1 |
doubleclick.net
1 redirects
stats.g.doubleclick.net |
427 B |
1 |
cloudflare.com
ajax.cloudflare.com |
32 KB |
7 | 6 |
Domain | Requested by | |
---|---|---|
5 | leakedfiles.org |
1 redirects
leakedfiles.org
|
2 | www.google-analytics.com |
1 redirects
leakedfiles.org
|
1 | www.google.de |
leakedfiles.org
|
1 | www.google.com | 1 redirects |
1 | stats.g.doubleclick.net | 1 redirects |
1 | ajax.cloudflare.com |
leakedfiles.org
|
7 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid |
---|
This page contains 1 frames:
Primary Page:
http://leakedfiles.org/Archive/Malware/Botnet%20Files/QboT%20Sources/%5b%252A%20Scanners%20%252A%5d/Python/Love%20ares%20bot%20scanners
Frame ID: (ABFEE233A70871567062EC58AC27B6E7)
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://leakedfiles.org/Archive/Malware/Botnet%20Files/QboT%20Sources/%5b%252A%20Scanners%20%252A%5d... Page URL
-
http://leakedfiles.org/cdn-cgi/l/chk_jschl?jschl_vc=85ca89c89a3b305b9245be834b6f8437&pass=151991066...
HTTP 302
http://leakedfiles.org/Archive/Malware/Botnet%20Files/QboT%20Sources/%5b%252A%20Scanners%20%252A%5d... Page URL
Detected technologies
CloudFlare (CDN) ExpandDetected patterns
- headers server /cloudflare/i
Google Analytics (Analytics) Expand
Detected patterns
- script /google-analytics\.com\/(?:ga|urchin|(analytics))\.js/i
- env /^gaGlobal$/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://leakedfiles.org/Archive/Malware/Botnet%20Files/QboT%20Sources/%5b%252A%20Scanners%20%252A%5d/Python/Love%20ares%20bot%20scanners Page URL
-
http://leakedfiles.org/cdn-cgi/l/chk_jschl?jschl_vc=85ca89c89a3b305b9245be834b6f8437&pass=1519910665.631-5C7SfphrDB&jschl_answer=540628
HTTP 302
http://leakedfiles.org/Archive/Malware/Botnet%20Files/QboT%20Sources/%5b%252A%20Scanners%20%252A%5d/Python/Love%20ares%20bot%20scanners Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 3- http://www.google-analytics.com/analytics.js HTTP 307
- https://www.google-analytics.com/analytics.js
- http://www.google-analytics.com/r/collect?v=1&_v=j66&a=1321712710&t=pageview&_s=1&dl=http%3A%2F%2Fleakedfiles.org%2FArchive%2FMalware%2FBotnet%2520Files%2FQboT%2520Sources%2F%255b%25252A%2520Scanners%2520%25252A%255d%2FPython%2FLove%2520ares%2520bot%2520scanners&ul=en-us&de=windows-1252&dt=404%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1053961340&gjid=212530895&cid=1162017130.1519910666&tid=UA-97401965-1&_gid=850239394.1519910666&_r=1&z=1072036975 HTTP 307
- https://www.google-analytics.com/r/collect?v=1&_v=j66&a=1321712710&t=pageview&_s=1&dl=http%3A%2F%2Fleakedfiles.org%2FArchive%2FMalware%2FBotnet%2520Files%2FQboT%2520Sources%2F%255b%25252A%2520Scanners%2520%25252A%255d%2FPython%2FLove%2520ares%2520bot%2520scanners&ul=en-us&de=windows-1252&dt=404%20Not%20Found&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEAB~&jid=1053961340&gjid=212530895&cid=1162017130.1519910666&tid=UA-97401965-1&_gid=850239394.1519910666&_r=1&z=1072036975 HTTP 302
- https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-97401965-1&cid=1162017130.1519910666&jid=1053961340&_gid=850239394.1519910666&gjid=212530895&_v=j66&z=1072036975 HTTP 302
- https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97401965-1&cid=1162017130.1519910666&jid=1053961340&_v=j66&z=1072036975 HTTP 302
- https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-97401965-1&cid=1162017130.1519910666&jid=1053961340&_v=j66&z=1072036975&slf_rd=1&random=2759855432
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
Love%20ares%20bot%20scanners
leakedfiles.org/Archive/Malware/Botnet%20Files/QboT%20Sources/%5b%252A%20Scanners%20%252A%5d/Python/ |
4 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Love%20ares%20bot%20scanners
leakedfiles.org/Archive/Malware/Botnet%20Files/QboT%20Sources/%5b%252A%20Scanners%20%252A%5d/Python/ Redirect Chain
|
738 B 816 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
ukoROejdmWrEvP9aSgeKz3kiREk.js
leakedfiles.org/cdn-cgi/apps/head/ |
6 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
rocket.min.js
ajax.cloudflare.com/cdn-cgi/scripts/935cb224/cloudflare-static/ |
102 KB 32 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
analytics.js
www.google-analytics.com/ Redirect Chain
|
35 KB 14 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
TgLrkQ0kvdCb8hwjK3VFs5XW348.js
leakedfiles.org/cdn-cgi/apps/body/ |
28 KB 11 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
ga-audiences
www.google.de/ads/ Redirect Chain
|
42 B 453 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
9 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| Eager object| CloudflareApps string| GoogleAnalyticsObject function| ga object| __cfRocketOptions object| gaplugins object| gaGlobal object| gaData object| __cfRl5 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.leakedfiles.org/ | Name: _gat Value: 1 |
|
.leakedfiles.org/ | Name: _gid Value: GA1.2.850239394.1519910666 |
|
.leakedfiles.org/ | Name: _ga Value: GA1.2.1162017130.1519910666 |
|
.leakedfiles.org/ | Name: cf_clearance Value: ba84cf2e47a3c848209d9843caa17a55c92b287f-1519910665-300 |
|
.leakedfiles.org/ | Name: __cfduid Value: d8d62e0cdad5e6a75d0eb12022e8642c51519910665 |
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ajax.cloudflare.com
leakedfiles.org
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
104.18.50.178
104.18.51.178
104.19.194.102
216.58.206.4
216.58.214.35
216.58.214.46
74.125.133.155
70d1e4c5a0264d3778d6ee3b5e97f2212e4d2ae88b67939d9ef0607922841fac
8a4a166fe00cbeae541569d1bcabe1bcbe25b55744d2004f461432c09a5921a1
ad2ec5c7a0f493c97c92ad10743c6331b6e97d04cb9eea150217c83f50130b29
ad7889897f24304e713548ac48c0f1e15ffa779763d0f172cf407a3bcc3020b8
ee0991f3d1d1998589293ad47e3e6d37729f8ccf7f43e6ddfaa0f71f07f553ff
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8ef655ef916e39713ede9c6db56d7ca5618bd82cf5ac991dcd013f05e0fdfc7