urlscan.io logo urlscan.io
SecurityTrails logo

install.incognitosearches.com Open in urlscan Pro
13.80.30.142  Public Scan

Go To Rescan Add Verdict Report
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=143...
Submission: On September 07 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 18 HTTP transactions. The main IP is 13.80.30.142, located in Amsterdam, Netherlands and belongs to MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US. The main domain is install.incognitosearches.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on July 8th 2018. Valid for: 3 months.
This is the only time install.incognitosearches.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 13.80.30.142 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
5 205.185.208.154 20446 (HIGHWINDS3)
1 205.185.208.52 20446 (HIGHWINDS3)
1 2400:cb00:204... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
6 13.94.252.251 8075 (MICROSOFT...)
18 7
1    13.80.30.142 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
install.incognitosearches.com
2    2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
5    205.185.208.154 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip154.ssl.hwcdn.net
i3j3u3u9.ssl.hwcdn.net
1    205.185.208.52 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip052.ssl.hwcdn.net
code.jquery.com
1    2400:cb00:2048:1::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdnjs.cloudflare.com
2    2a00:1450:4001:820::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
6    13.94.252.251 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)
px.keepmypixel.com
Domain Requested by
6 px.keepmypixel.com i3j3u3u9.ssl.hwcdn.net
5 i3j3u3u9.ssl.hwcdn.net install.incognitosearches.com
code.jquery.com
2 fonts.gstatic.com code.jquery.com
2 fonts.googleapis.com install.incognitosearches.com
1 cdnjs.cloudflare.com install.incognitosearches.com
1 code.jquery.com install.incognitosearches.com
1 install.incognitosearches.com
18 7

This site contains links to these domains. Also see Links.

Domain
incognitosearches.com
Subject Issuer Validity Valid
*.incognitosearches.com
Let's Encrypt Authority X3		 2018-07-08 -
2018-10-06		 3 months crt.sh
*.googleapis.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
*.ssl.hwcdn.net
COMODO RSA Domain Validation Secure Server CA		 2017-12-19 -
2019-01-20		 a year crt.sh
code.jquery.com
Let's Encrypt Authority X3		 2018-08-29 -
2018-11-27		 3 months crt.sh
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2		 2018-04-14 -
2018-10-21		 6 months crt.sh
*.google.com
Google Internet Authority G3		 2018-08-21 -
2018-11-13		 3 months crt.sh
*.keepmypixel.com
Let's Encrypt Authority X3		 2018-07-26 -
2018-10-24		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Frame ID: CEB56E92B1D5A163AD05B0DF32B2DAC4
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Overall confidence: 100%
Detected patterns
  • script /jquery(?:\-|\.)([\d.]*\d)[^\/]*\.js/i
  • script /jquery.*\.js/i
  • env /^jQuery$/i

Page Statistics

18
Requests

100 %
HTTPS

43 %
IPv6

7
Domains

7
Subdomains

7
IPs

3
Countries

113 kB
Transfer

208 kB
Size

2
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
install.incognitosearches.com/ 		4 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.80.30.142 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
702fc71c87d2cb27f09401d5a5a05c8dae5c775e719dc8c83b684fe91cea9750
Security Headers
Name Value
Content-Security-Policy default-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com; img-src * data:; connect-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.fontawesome.com; script-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.google-analytics.com maps.googleapis.com code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.fontawesome.com 'unsafe-inline'; style-src i3j3u3u9.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com *.fontawesome.com 'unsafe-inline'; font-src fonts.gstatic.com fonts.googleapis.com i3j3u3u9.ssl.hwcdn.net *.fontawesome.com

Request headers

Host
install.incognitosearches.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
CEB56E92B1D5A163AD05B0DF32B2DAC4

Response headers

Cache-Control
private
Content-Type
text/html; charset=utf-8
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/8.5
Request-Context
appId=cid-v1:c0cefd76-e557-4b17-af62-0702bbb01277
Access-Control-Expose-Headers
Request-Context
X-AspNetMvc-Version
5.2
Content-Security-Policy
default-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com; img-src * data:; connect-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.fontawesome.com; script-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.google-analytics.com maps.googleapis.com code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.fontawesome.com 'unsafe-inline'; style-src i3j3u3u9.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com *.fontawesome.com 'unsafe-inline'; font-src fonts.gstatic.com fonts.googleapis.com i3j3u3u9.ssl.hwcdn.net *.fontawesome.com
X-AspNet-Version
4.0.30319
Set-Cookie
uid=dda1e403-4977-40b9-ade9-1ff9a18408eb; domain=.incognitosearches.com; expires=Tue, 07-Sep-2038 16:14:16 GMT; path=/ __lpval=pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&pagename=B; expires=Fri, 07-Sep-2018 16:19:16 GMT; path=/
X-Powered-By
ASP.NET
Date
Fri, 07 Sep 2018 16:14:16 GMT
Content-Length
2061
css
fonts.googleapis.com/ 		10 KB
880 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
856f9ba0283aa3929c045f0252752df4892fd6f17104185133c8e65046542d61
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Fri, 07 Sep 2018 16:14:17 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 07 Sep 2018 16:14:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Fri, 07 Sep 2018 16:14:17 GMT
css
fonts.googleapis.com/ 		1 KB
530 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
c9f755413c6709e8078e13aa655b230d7f55b068dc3e379080d99faa650e9957
Security Headers
Name Value
Strict-Transport-Security max-age=86400
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-encoding
gzip
last-modified
Fri, 07 Sep 2018 16:14:17 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Fri, 07 Sep 2018 16:14:17 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Fri, 07 Sep 2018 16:14:17 GMT
user-action-elements.css
i3j3u3u9.ssl.hwcdn.net/common/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/common/styles/user-action-elements.css?v=4.52
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
44636ed3dd47d3328c62811765772efee1312d37ea96f4ffaeb502e7c8055bcf

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 16:14:17 GMT
Content-Encoding
gzip
Last-Modified
Mon, 27 Aug 2018 13:09:12 GMT
ETag
"1535375352"
X-HW
1536336857.dop014.fr8.t,1536336857.cds014.fr8.shn,1536336857.dop014.fr8.t,1536336857.cds023.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
1486
style.css
i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/styles/b/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/styles/b/style.css?v=4.61
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
1b508c36134cd0cdb54ae979692fec58f4f8b083f0506727a47483e3cdf6b82b

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 16:14:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Sep 2018 11:39:24 GMT
ETag
"1536233964"
X-HW
1536336857.dop014.fr8.t,1536336857.cds052.fr8.shn,1536336857.dop014.fr8.t,1536336857.cds026.fr8.c
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
884
jquery-1.11.3.min.js
code.jquery.com/ 		94 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.11.3.min.js
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.52 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip052.ssl.hwcdn.net
Software
nginx /
Resource Hash
ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 16:14:17 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Apr 2015 16:20:58 GMT
Server
nginx
ETag
W/"553fb36a-176d5"
Vary
Accept-Encoding
X-HW
1536336857.dop014.fr8.shc,1536336857.dop014.fr8.t,1536336857.cds028.fr8.c
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
max-age=315360000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
38889
js.cookie.min.js
cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/js-cookie/2.1.3/js.cookie.min.js
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2400:cb00:2048:1::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
4b6d244a569a8befc0b901e3dca8e82f19b188e2d3e76f7c62fce96935ed6311
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Fri, 07 Sep 2018 16:14:17 GMT
content-encoding
gzip
vary
Accept-Encoding
cf-cache-status
HIT
status
200
served-in-seconds
0.000
last-modified
Thu, 17 May 2018 09:21:01 GMT
server
cloudflare
etag
W/"5afd497d-6d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
456a77ac7e2a6481-FRA
expires
Wed, 28 Aug 2019 16:14:17 GMT
main.92EB5FFEE6AE2FEC3AD71C777531578F.js
i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/main.92EB5FFEE6AE2FEC3AD71C777531578F.js?v=1536234512
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
fe5b44b470ba6a02c708bd19b0f45dc430ab80e7210ee1ab71364650b46d1020

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 16:14:17 GMT
Content-Encoding
gzip
Last-Modified
Thu, 06 Sep 2018 11:50:42 GMT
ETag
"1536234642"
X-HW
1536336857.dop014.fr8.t,1536336857.cds034.fr8.shn,1536336857.dop014.fr8.t,1536336857.cds009.fr8.c
Content-Type
application/unknown
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
10592
logo.png
i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/images/b/ 		13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/images/b/logo.png
Requested by
Host: install.incognitosearches.com
URL: https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
110fc14dfe76944a2ea221b0e7d99b7a98157e950534a74e1320535b80eb8fc5

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 16:14:17 GMT
Last-Modified
Wed, 15 Aug 2018 08:24:54 GMT
ETag
"1534321494"
X-HW
1536336857.dop014.fr8.t,1536336857.cds034.fr8.shn,1536336857.dop014.fr8.t,1536336857.cds046.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
12914
download-Chrome.png
i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/images/b/ 		11 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/images/b/download-Chrome.png
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.185.208.154 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
vip154.ssl.hwcdn.net
Software
/
Resource Hash
fbf392ffb33e23b5a47af49eda81b3934e1c0480bba32583b9bb57aa8a2453f2

Request headers

Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date
Fri, 07 Sep 2018 16:14:17 GMT
Last-Modified
Mon, 13 Aug 2018 08:58:52 GMT
ETag
"1534150732"
X-HW
1536336857.dop014.fr8.t,1536336857.cds034.fr8.shn,1536336857.dop014.fr8.t,1536336857.cds039.fr8.c
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
11519
4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
fonts.gstatic.com/s/ubuntu/v12/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v12/4iCv6KVjbNBYlgoCxCvjsGyNPYZvgw.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
251e8e864140d9a7ceacce3371ff692595dd0a455ad000de4041d8a313618bd7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
Origin
https://install.incognitosearches.com

Response headers

date
Tue, 28 Aug 2018 17:53:01 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Aug 2018 17:28:28 GMT
server
sffe
age
858076
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14096
x-xss-protection
1; mode=block
expires
Wed, 28 Aug 2019 17:53:01 GMT
4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
fonts.gstatic.com/s/ubuntu/v12/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ubuntu/v12/4iCs6KVjbNBYlgoKfw72nU6AFw.woff2
Requested by
Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.3.min.js
Protocol
SPDY
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a00:1450:4001:820::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
943a150e9577247cc5e8e493065795ca77a35485b4169f33a4d6f570c209b010
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Ubuntu:300,400,400i,700,700i
Origin
https://install.incognitosearches.com

Response headers

date
Tue, 28 Aug 2018 18:05:41 GMT
x-content-type-options
nosniff
last-modified
Wed, 01 Aug 2018 17:29:07 GMT
server
sffe
age
857316
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
13720
x-xss-protection
1; mode=block
expires
Wed, 28 Aug 2019 18:05:41 GMT
pixel.aspx
px.keepmypixel.com/ 		43 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.keepmypixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525390000033287&userid=dda1e403-4977-40b9-ade9-1ff9a18408eb&installdate=07-09-2018&type=pageload&data1=IncognitoSearches%20B&data2=Chrome&data3=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&data4=1600x1200&data5=1600x1200&data6=0&data7=8&data8=1&data9=en-US&data10=a764d425-52d1-4ff7-bd1e-65b4d007fa83&data11=Chrome&data12=67&data13=Mac%20OS%20X&data14=10_13_5&data15=mclkncgplnlincdikfegcbbgjcaodpef&data16=2&data17=&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/main.92EB5FFEE6AE2FEC3AD71C777531578F.js?v=1536234512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 07 Sep 2018 16:14:16 GMT
Last-Modified
Fri, 07 Sep 2018 16:14:17 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
43
Request-Context
appId=cid-v1:c81b1c33-8037-4c54-b6ac-87ee3f2902c5
pixel.aspx
px.keepmypixel.com/ 		43 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.keepmypixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525390000033287&userid=dda1e403-4977-40b9-ade9-1ff9a18408eb&installdate=07-09-2018&type=invalidpage&data1=IncognitoSearches%20B&data3=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&date4=fullscreen&data10=a764d425-52d1-4ff7-bd1e-65b4d007fa83&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/main.92EB5FFEE6AE2FEC3AD71C777531578F.js?v=1536234512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 07 Sep 2018 16:14:16 GMT
Last-Modified
Fri, 07 Sep 2018 16:14:17 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
43
Request-Context
appId=cid-v1:c81b1c33-8037-4c54-b6ac-87ee3f2902c5
pixel.aspx
px.keepmypixel.com/ 		43 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.keepmypixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525390000033287&userid=dda1e403-4977-40b9-ade9-1ff9a18408eb&installdate=07-09-2018&type=failreason&data1=IncognitoSearches%20B&data2=fullscreen&data3=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&data10=a764d425-52d1-4ff7-bd1e-65b4d007fa83&data16=2&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/main.92EB5FFEE6AE2FEC3AD71C777531578F.js?v=1536234512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 07 Sep 2018 16:14:16 GMT
Last-Modified
Fri, 07 Sep 2018 16:14:17 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
43
Request-Context
appId=cid-v1:c81b1c33-8037-4c54-b6ac-87ee3f2902c5
pixel.aspx
px.keepmypixel.com/ 		43 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.keepmypixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525390000033287&userid=dda1e403-4977-40b9-ade9-1ff9a18408eb&installdate=07-09-2018&type=failreason&data1=IncognitoSearches%20B&data2=unsupported_browser&data3=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&data10=a764d425-52d1-4ff7-bd1e-65b4d007fa83&data16=2&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/main.92EB5FFEE6AE2FEC3AD71C777531578F.js?v=1536234512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 07 Sep 2018 16:14:16 GMT
Last-Modified
Fri, 07 Sep 2018 16:14:17 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
43
Request-Context
appId=cid-v1:c81b1c33-8037-4c54-b6ac-87ee3f2902c5
pixel.aspx
px.keepmypixel.com/ 		43 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.keepmypixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525390000033287&userid=dda1e403-4977-40b9-ade9-1ff9a18408eb&installdate=07-09-2018&type=invalidpage&data1=IncognitoSearches%20B&data3=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&date4=testfailed&data10=a764d425-52d1-4ff7-bd1e-65b4d007fa83&data16=2&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/main.92EB5FFEE6AE2FEC3AD71C777531578F.js?v=1536234512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 07 Sep 2018 16:14:16 GMT
Last-Modified
Fri, 07 Sep 2018 16:14:17 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
43
Request-Context
appId=cid-v1:c81b1c33-8037-4c54-b6ac-87ee3f2902c5
pixel.aspx
px.keepmypixel.com/ 		43 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://px.keepmypixel.com/pixel.aspx?name=incognitosearches&entity=26&barcode=525390000033287&userid=dda1e403-4977-40b9-ade9-1ff9a18408eb&installdate=07-09-2018&type=gb_detected&data1=Suspicious&data2=2&data3=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&data4=50&data5=3.699999302625656&data10=a764d425-52d1-4ff7-bd1e-65b4d007fa83&data16=2&co=DE
Requested by
Host: i3j3u3u9.ssl.hwcdn.net
URL: https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/main.92EB5FFEE6AE2FEC3AD71C777531578F.js?v=1536234512
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
13.94.252.251 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://install.incognitosearches.com/?pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&subid2=10632&subid3=14394139
Origin
https://install.incognitosearches.com

Response headers

Date
Fri, 07 Sep 2018 16:14:16 GMT
Last-Modified
Fri, 07 Sep 2018 16:14:17 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
public
Content-Length
43
Request-Context
appId=cid-v1:c81b1c33-8037-4c54-b6ac-87ee3f2902c5

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| Cookies string| creativenumber string| extensionid string| xpiUrl string| safariUrl string| co string| ip string| currentBrowser string| pgSegment string| pgSTO string| pgSTT string| soDomain string| pgData object| conf function| g function| p function| q function| r function| t function| u function| C function| D function| E function| Q function| R function| F function| G function| H function| I function| J function| K function| L function| M function| N function| O function| P function| T function| S string| y object| Base string| testValue function| d object| e number| n function| v object| w number| x string| z function| A function| B function| GB

2 Cookies

Domain/Path Name / Value
install.incognitosearches.com/ Name: __lpval
Value: pid=52539&subid=33287&clickid=HO__10632__102d4109ad3cc9d57fa9900fb0f0be&pagename=B
.incognitosearches.com/ Name: uid
Value: dda1e403-4977-40b9-ade9-1ff9a18408eb

1 Console Messages

Source Level URL
Text
console-api log URL: https://i3j3u3u9.ssl.hwcdn.net/pages/IncognitoSearches/resources/scripts/minified/main.92EB5FFEE6AE2FEC3AD71C777531578F.js?v=1536234512(Line 1)
Message:
new

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com maps.googleapis.com; img-src * data:; connect-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.fontawesome.com; script-src 'self' i3j3u3u9.ssl.hwcdn.net *.sendmepixel.com *.keepmypixel.com *.pxcollect.com *.google-analytics.com maps.googleapis.com code.jquery.com cdnjs.cloudflare.com script.crazyegg.com *.fontawesome.com 'unsafe-inline'; style-src i3j3u3u9.ssl.hwcdn.net fonts.gstatic.com fonts.googleapis.com code.jquery.com *.fontawesome.com 'unsafe-inline'; font-src fonts.gstatic.com fonts.googleapis.com i3j3u3u9.ssl.hwcdn.net *.fontawesome.com