urlscan.io logo urlscan.io
SecurityTrails logo

www.tubeleecher.com Open in urlscan Pro
136.244.101.234  Public Scan

Go To Rescan Add Verdict Report
URL: http://www.tubeleecher.com/
Submission: On September 14 via manual from IL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 8 domains to perform 20 HTTP transactions. The main IP is 136.244.101.234, located in Amsterdam, Netherlands and belongs to AS-CHOOPA, US. The main domain is www.tubeleecher.com.
This is the only time www.tubeleecher.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

3    136.244.101.234 (Amsterdam, Netherlands)

ASN20473 (AS-CHOOPA, US)
PTR: 136.244.101.234.vultr.com
www.tubeleecher.com
1    151.139.128.10 (Dallas, United States)

ASN20446 (HIGHWINDS3, US)
cdn.popcash.net
9    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
adservice.google.com
googleads.g.doubleclick.net
www.googletagservices.com
1    2600:1f18:510:800:47d:b712:3f09:ebd2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dcba.popcash.net
2    46.105.201.240 (France)

ASN16276 (OVH, FR)
s10.histats.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    192.99.8.34 (Richmond Hill, Canada)

ASN16276 (OVH, FR)
PTR: ns501383.ip-192-99-8.net
s4.histats.com
2    2a00:1450:4001:818::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
Domain Requested by
4 pagead2.googlesyndication.com www.tubeleecher.com
pagead2.googlesyndication.com
3 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 www.tubeleecher.com www.tubeleecher.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 s10.histats.com www.tubeleecher.com
s10.histats.com
1 s4.histats.com s10.histats.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 dcba.popcash.net cdn.popcash.net
1 cdn.popcash.net www.tubeleecher.com
20 11

This site contains links to these domains. Also see Links.

Domain
www.flv-media-player.com
www.histats.com
Subject Issuer Validity Valid
*.popcash.net
AlphaSSL CA - SHA256 - G2		 2020-04-21 -
2021-04-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google.de
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
*.google.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh
histats.com
Let's Encrypt Authority X3		 2020-09-08 -
2020-12-07		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1O1		 2020-08-26 -
2020-11-18		 3 months crt.sh

This page contains 5 frames:

Primary Page: http://www.tubeleecher.com/
Frame ID: CE54FA467CF935F7D0F11EC4931AE846
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/zrt_lookup.html
Frame ID: FF82F1EB6548F6BABBC1F6CD3141AE0C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238670679850739&output=html&h=90&slotname=3576630235&adk=2197351875&adf=3653972211&w=728&lmt=1600055836&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.tubeleecher.com%2F&flash=0&wgl=1&dt=1600055836275&bpp=13&bdt=197&idt=72&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=465458556331&frm=20&pv=2&ga_vid=116377756.1600055836&ga_sid=1600055836&ga_hid=1926265948&ga_fc=0&iag=0&icsg=2090&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358&oid=3&pvsid=2708201517639267&pem=977&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eGJEsvuAcq&p=http%3A//www.tubeleecher.com&dtd=89
Frame ID: 25F9724AB2A2DCA1323050DE8CD0DEDE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238670679850739&output=html&adk=1812271804&adf=3025194257&lmt=1600055836&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.tubeleecher.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600055836288&bpp=3&bdt=210&idt=84&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=465458556331&frm=20&pv=1&ga_vid=116377756.1600055836&ga_sid=1600055836&ga_hid=1926265948&ga_fc=0&iag=0&icsg=10282&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358&oid=3&pvsid=2708201517639267&pem=977&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=89
Frame ID: D50C4D7C32D5A56927EBD239CC181AC5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Frame ID: 71A13475D14DDA8AD091C47DF74C2D87
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /Ubuntu/i
Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

20
Requests

70 %
HTTPS

50 %
IPv6

8
Domains

11
Subdomains

9
IPs

5
Countries

239 kB
Transfer

604 kB
Size

8
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.tubeleecher.com/ 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://www.tubeleecher.com/
Protocol
HTTP/1.1
Server
136.244.101.234 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.101.234.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
b7bd4e839cb92b2d1616aef548ed4fcf3093b4df9f5c4eb6d044dc45c8b22c2a

Request headers

Host
www.tubeleecher.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server
nginx/1.14.0 (Ubuntu)
Date
Mon, 14 Sep 2020 03:57:16 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip
style.css
www.tubeleecher.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://www.tubeleecher.com/style.css
Requested by
Host: www.tubeleecher.com
URL: http://www.tubeleecher.com/
Protocol
HTTP/1.1
Server
136.244.101.234 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.101.234.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
4513ac4656621f5130a6b199ccc8d94b362646d58bb36ce51628212789cb7dc7

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 03:57:16 GMT
Content-Encoding
gzip
Last-Modified
Sat, 08 Feb 2014 15:03:00 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
W/"52f64724-74f"
Vary
Accept-Encoding
Content-Type
text/css
Transfer-Encoding
chunked
Connection
keep-alive
pop.js
cdn.popcash.net/ 		104 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://cdn.popcash.net/pop.js
Requested by
Host: www.tubeleecher.com
URL: http://www.tubeleecher.com/
Protocol
HTTP/1.1
Server
151.139.128.10 Dallas, United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software
cloudflare /
Resource Hash
68396427ddfdbfad80d1e0f6c38537a5e52994352b39cd3c4954546393d279ee

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 03:57:16 GMT
Content-Encoding
gzip
CF-Cache-Status
DYNAMIC
Connection
keep-alive
Content-Length
36688
cf-request-id
04f9d7e3510000166994ac4200000001
Last-Modified
Wed, 02 Sep 2020 11:56:56 GMT
Server
cloudflare
ETag
W/"5f4f8888-19fdf"
Vary
Accept-Encoding
X-HW
1600055836.cds056.sk1.h2,1600055836.cds022.sk1.c
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=2592000, public
Accept-Ranges
bytes
CF-RAY
5cd65c188e0e1669-ARN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		130 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.tubeleecher.com
URL: http://www.tubeleecher.com/
Protocol
HTTP/1.1
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28870619e0b50cef037f0ef0daba635dd98ea53bbdaa94244b724c42e23d94c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Mon, 14 Sep 2020 03:57:16 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
15926848246370085333
Vary
Accept-Encoding
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
45965
X-XSS-Protection
0
Expires
Mon, 14 Sep 2020 03:57:16 GMT
znWaa3gu
dcba.popcash.net/ 		0
117 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dcba.popcash.net/znWaa3gu
Requested by
Host: cdn.popcash.net
URL: http://cdn.popcash.net/pop.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:510:800:47d:b712:3f09:ebd2 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Mon, 14 Sep 2020 03:57:16 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-origin
*
expires
0
js15_as.js
s10.histats.com/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://s10.histats.com/js15_as.js
Requested by
Host: www.tubeleecher.com
URL: http://www.tubeleecher.com/
Protocol
HTTP/1.1
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 03:48:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Apr 2020 10:44:16 GMT
X-CDN-Pop-IP
137.74.120.32/27
ETag
"-375139978"
X-Cacheable
Matched cache
Vary
Accept-Encoding
X-IPLB-Instance
4761
Content-Type
text/javascript
X-CDN-Pop
sbg
Accept-Ranges
bytes
Content-Length
4547
X-Request-ID
6980946
logo.png
www.tubeleecher.com/images/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://www.tubeleecher.com/images/logo.png
Requested by
Host: www.tubeleecher.com
URL: http://www.tubeleecher.com/style.css
Protocol
HTTP/1.1
Server
136.244.101.234 Amsterdam, Netherlands, ASN20473 (AS-CHOOPA, US),
Reverse DNS
136.244.101.234.vultr.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
5dc73d8db04cc4564b6cf6b7a435a3531ad64768a159603534a199e794291643

Request headers

Referer
http://www.tubeleecher.com/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 03:57:16 GMT
Last-Modified
Sat, 08 Feb 2014 15:06:00 GMT
Server
nginx/1.14.0 (Ubuntu)
ETag
"52f647d8-38e2"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
14562
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/ 		228 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19beb10327997e7c00d9c8cb6a9ae4f72963968d2c763c6fe579071c9ee2b86a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 03:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
87777
x-xss-protection
0
server
cafe
etag
541389345409318010
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Mon, 14 Sep 2020 03:57:16 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/ Frame FF82 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20200909/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20200909/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tubeleecher.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.tubeleecher.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
vary
Accept-Encoding
date
Sun, 13 Sep 2020 23:42:04 GMT
expires
Sun, 27 Sep 2020 23:42:04 GMT
content-type
text/html; charset=UTF-8
etag
9704104221650600920
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4744
x-xss-protection
0
age
15312
cache-control
public, max-age=1209600
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
integrator.js
adservice.google.de/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.tubeleecher.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 03:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		109 B
890 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.tubeleecher.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 03:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status
200
cache-control
private, no-cache, no-store
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 25F9 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238670679850739&output=html&h=90&slotname=3576630235&adk=2197351875&adf=3653972211&w=728&lmt=1600055836&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.tubeleecher.com%2F&flash=0&wgl=1&dt=1600055836275&bpp=13&bdt=197&idt=72&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=465458556331&frm=20&pv=2&ga_vid=116377756.1600055836&ga_sid=1600055836&ga_hid=1926265948&ga_fc=0&iag=0&icsg=2090&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358&oid=3&pvsid=2708201517639267&pem=977&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eGJEsvuAcq&p=http%3A//www.tubeleecher.com&dtd=89
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8238670679850739&output=html&h=90&slotname=3576630235&adk=2197351875&adf=3653972211&w=728&lmt=1600055836&psa=0&guci=1.2.0.0.2.2.0.0&format=728x90&url=http%3A%2F%2Fwww.tubeleecher.com%2F&flash=0&wgl=1&dt=1600055836275&bpp=13&bdt=197&idt=72&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=465458556331&frm=20&pv=2&ga_vid=116377756.1600055836&ga_sid=1600055836&ga_hid=1926265948&ga_fc=0&iag=0&icsg=2090&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=250&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358&oid=3&pvsid=2708201517639267&pem=977&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=eGJEsvuAcq&p=http%3A//www.tubeleecher.com&dtd=89
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tubeleecher.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.tubeleecher.com/

Response headers

status
403
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Mon, 14 Sep 2020 03:57:16 GMT
server
cafe
content-length
46
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 04:12:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 03:57:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1599824047903655"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
27476
x-xss-protection
0
expires
Mon, 14 Sep 2020 03:57:16 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame D50C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8238670679850739&output=html&adk=1812271804&adf=3025194257&lmt=1600055836&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.tubeleecher.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600055836288&bpp=3&bdt=210&idt=84&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=465458556331&frm=20&pv=1&ga_vid=116377756.1600055836&ga_sid=1600055836&ga_hid=1926265948&ga_fc=0&iag=0&icsg=10282&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358&oid=3&pvsid=2708201517639267&pem=977&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=89
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-8238670679850739&output=html&adk=1812271804&adf=3025194257&lmt=1600055836&plat=1%3A32776%2C2%3A32776%2C9%3A32776%2C10%3A32%2C11%3A32%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fwww.tubeleecher.com%2F&ea=0&flash=0&pra=7&wgl=1&dt=1600055836288&bpp=3&bdt=210&idt=84&shv=r20200909&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&nras=1&correlator=465458556331&frm=20&pv=1&ga_vid=116377756.1600055836&ga_sid=1600055836&ga_hid=1926265948&ga_fc=0&iag=0&icsg=10282&dssz=11&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44723321%2C21066358&oid=3&pvsid=2708201517639267&pem=977&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&dtd=89
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tubeleecher.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.tubeleecher.com/

Response headers

status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 14 Sep 2020 03:57:16 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Mon, 14-Sep-2020 04:12:16 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Sep 2020 03:57:16 GMT
cache-control
private
4444817.php
s4.histats.com/stats/ 		48 B
319 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s4.histats.com/stats/4444817.php?4444817&@f16&@g1&@h1&@i1&@j1600055836380&@k0&@l1&@mDownload%20youtube%20videos%20to%20computer&@n0&@o1000&@q0&@r0&@s24&@ten-US&@u1600&@b1:171035871&@b3:1600055836&@b4:js15_as.js&@b5:120&@a-_0.2.1&@vhttp%3A%2F%2Fwww.tubeleecher.com%2F&@w
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.99.8.34 Richmond Hill, Canada, ASN16276 (OVH, FR),
Reverse DNS
ns501383.ip-192-99-8.net
Software
/
Resource Hash
4ac0dc6db4035706a64bc070d10945b2f5ba37ea3459c330351f43fc4886428e

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Mon, 14 Sep 2020 03:57:16 GMT
Connection
close
Content-Length
48
Content-Type
text/html;charset=UTF-8
cc_24.js
s10.histats.com/counters/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s10.histats.com/counters/cc_24.js
Requested by
Host: s10.histats.com
URL: http://s10.histats.com/js15_as.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.105.201.240 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
661a80feb942484be1fd82ba9ede119164168d45b811189755fcbe9f12c12574

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 03:48:10 GMT
content-encoding
br
last-modified
Thu, 16 Apr 2020 10:45:31 GMT
x-cdn-pop-ip
137.74.120.0/27
etag
W/"-184721671"
x-cacheable
Matched cache
content-type
text/javascript
status
200
x-cdn-pop
sbg
accept-ranges
bytes
content-length
6181
x-request-id
77268670
sodar
pagead2.googlesyndication.com/getconfig/ 		8 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20200909&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2763dbbd42d6cc3af6e0a2c37b5dea3b4aa0d04acfae9536295ba2b12ae17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Sep 2020 03:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
6366
x-xss-protection
0
truncated
/ 		1 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4533715235244b5f4400b78c06fd2cb50a0e2eed78c93b5ad934b253e921f6b

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type
image/png
sodar2.js
tpc.googlesyndication.com/sodar/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200909/r20190131/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Mon, 14 Sep 2020 03:57:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1591403518460474"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5540
x-xss-protection
0
expires
Mon, 14 Sep 2020 03:57:17 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/210/ Frame 71A1 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/210/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:818::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/210/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
http://www.tubeleecher.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://www.tubeleecher.com/

Response headers

status
200
accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
content-length
4590
date
Mon, 14 Sep 2020 01:10:10 GMT
expires
Tue, 14 Sep 2021 01:10:10 GMT
last-modified
Wed, 26 Feb 2020 19:47:50 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
10027
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
gen_204
pagead2.googlesyndication.com/pagead/ 		0
197 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=210&t=2&li=gda_r20200909&jk=2708201517639267&bg=!PT6lPiZYVohGoVrqGyMCAAAATFIAAAAMCgCaK2HxHewTaV_tXoG30PKI2dKuyZOynEddaRcBHVlfO1Tt5aQcG7ZfmqlkBJZkZxRZVWUhG4Yfc6HcsjDIJQJOZQN4zZpeY2BdSk9u05oMnBG-jQO2oCZXwMTpqV3KTwf5IabCJsyp1_VG2jEKwatriEXAdtjpeXQw-HihdldAq5zNL--0v48cmky7qumvnia9q1QyC_x7SnKaN5kBq2nOOl60RPF7VvkOano3dkjfWpbBhaNE6isPg3D5pupUxKxe1FO_PFC3T7Kvlt0VBxHesyMac2yoGjmI9kRPw5YUEUklawIXQ6uW0Zc3HTDXx7AFZUy7EhYI_c6mkB3UDucepXVl0LBN7Cy2BNHkTBh5X2OkVSexXcxd2siFEYNFaSQud31McrsJd6Lal1ACt5IITYzzLJnaGs0cUfZcKIfHzNAVJK5FkrbChaL8KDfCnDn5VOZsgqZESWS7FZoTZuCFl5m9xvwuMics6XMpkr4PgJbhxys9G0rdDeLWJjfJAw8boq7ibq38woRu-6FoZgo4dotgn2up7WdRZsd1lLD9ppafutv2JaOBmU30HPOpv69ELaD3_NKTMZ36xpQDu3BwkmH2_nDesfLtrN8ny0T_K-1pgYaroNJ_dYH9uHe2Wlqym6GXwP3_jq4mC4P6arzhO41nWIc4B7oHP9qPZbG5KKF1N6xtHweeBgWC49_rB5kNJFxJhgtQH5k-vClYu0TuLaLyRrlB5wJnSNB37cJthRuRVsa_OXig7mErnyFzvtl1QyGg-B0s-kY
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://www.tubeleecher.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Sep 2020 03:57:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
204
cache-control
no-cache, must-revalidate
content-type
image/gif
alt-svc
h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-27="googleads.g.doubleclick.net:443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050="googleads.g.doubleclick.net:443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

58 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| emptyText string| uid string| wid string| popns number| pop_cdn boolean| N3 object| IOarzRhPlP number| pop_fcap object| adsbygoogle object| _Hasync object| google_js_reporting_queue number| google_srt object| google_ad_modifications object| google_logging_queue object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots boolean| google_apltlad boolean| _gfp_p_ function| google_spfd number| google_lpabyc number| google_unique_id object| google_sv_map function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState function| processGoogleToken object| google_prev_clients object| gaGlobal object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired function| chfh function| chfh2 string| _HST_cntval object| Histats function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| _HistatsCounterGraphics_24_setValues boolean| _value_RETURN_BUILDER function| _HistatsCounterGraphics_24 function| histats_canvascounters_base.js object| GoogleGcLKhOms object| google_image_requests

8 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
www.tubeleecher.com/ Name: HstCnv4444817
Value: 1
www.tubeleecher.com/ Name: HstCmu4444817
Value: 1600055836380
www.tubeleecher.com/ Name: HstCla4444817
Value: 1600055836380
www.tubeleecher.com/ Name: HstCns4444817
Value: 1
www.tubeleecher.com/ Name: HstPt4444817
Value: 1
www.tubeleecher.com/ Name: HstPn4444817
Value: 1
www.tubeleecher.com/ Name: HstCfa4444817
Value: 1600055836380

7 Console Messages

Source Level URL
Text
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
Popunder Script @ popunderjs.com
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
Author: Phan Thanh Cong <contact@ptcong.com>
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
Version: 2.11.15
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
Release: 2020/1/2
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
111
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
[License] Domains: popcash.net,@network,.local,localhost,127.0.0.1
console-api log URL: http://cdn.popcash.net/pop.js(Line 4)
Message:
[License] Expires: 2021/2/15

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
cdn.popcash.net
dcba.popcash.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
s10.histats.com
s4.histats.com
tpc.googlesyndication.com
www.googletagservices.com
www.tubeleecher.com
136.244.101.234
151.139.128.10
192.99.8.34
2600:1f18:510:800:47d:b712:3f09:ebd2
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:818::2001
46.105.201.240
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
08f50e9e70388c99977ca13b6af3a49f8f48c83e79230d51ea72a56c0735bd0c
19beb10327997e7c00d9c8cb6a9ae4f72963968d2c763c6fe579071c9ee2b86a
28870619e0b50cef037f0ef0daba635dd98ea53bbdaa94244b724c42e23d94c1
2defe59e357a7d0683c8283ac42841db404a0884cae2eaecebf4b676e559dede
4513ac4656621f5130a6b199ccc8d94b362646d58bb36ce51628212789cb7dc7
4ac0dc6db4035706a64bc070d10945b2f5ba37ea3459c330351f43fc4886428e
568c4d6160efabb5b61ed1d2add90083e6bef67fc9964a27310c8a135b1e077d
5dc73d8db04cc4564b6cf6b7a435a3531ad64768a159603534a199e794291643
661a80feb942484be1fd82ba9ede119164168d45b811189755fcbe9f12c12574
68396427ddfdbfad80d1e0f6c38537a5e52994352b39cd3c4954546393d279ee
b4533715235244b5f4400b78c06fd2cb50a0e2eed78c93b5ad934b253e921f6b
b7bd4e839cb92b2d1616aef548ed4fcf3093b4df9f5c4eb6d044dc45c8b22c2a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ecc2763dbbd42d6cc3af6e0a2c37b5dea3b4aa0d04acfae9536295ba2b12ae17