leaksville.com Open in urlscan Pro
64.138.196.132 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://leaksville.com/
Submission: On March 12 via api (March 12th 2023, 7:08:05 am UTC) from US — Scanned from DE

Summary HTTP 89 Redirects Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 23 domains to perform 89 HTTP transactions. The main IP is 64.138.196.132, located in Loris, United States and belongs to AS21565, US. The main domain is leaksville.com.

This is the only time leaksville.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
19	64.138.196.132 64.138.196.132	21565 (AS21565) (AS21565)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::178	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1 2	198.50.213.200 198.50.213.200	16276 (OVH) (OVH)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1 1	34.231.80.95 34.231.80.95	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6812:400b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 7	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
2 2	216.52.2.16 216.52.2.16	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
2 2	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	3.123.72.57 3.123.72.57	16509 (AMAZON-02) (AMAZON-02)
89	22

19 64.138.196.132 (Loris, United States)

ASN21565 (AS21565, US)
PTR: 132.64-138-196-net.sccoast.net

leaksville.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 198.50.213.200 (Montreal, Canada) 1 redirects

ASN16276 (OVH, FR)
PTR: afsanalytics.com

www.addfreestats.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.afsanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.80.95 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-80-95.compute-1.amazonaws.com

network54.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:400b (United States)

ASN13335 (CLOUDFLARENET, US)

www.tapatalk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.16 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.72.57 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-72-57.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 134	471 KB
19	leaksville.com leaksville.com	152 KB
14	doubleclick.net 1 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 76 googleads.g.doubleclick.net — Cisco Umbrella Rank: 32 static.doubleclick.net — Cisco Umbrella Rank: 241 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	67 KB
6	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 68	3 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	68 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	40 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 285	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 354	958 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 575	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 425	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 752 s.tribalfusion.com — Cisco Umbrella Rank: 1848	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3354	869 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	98 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8720	696 B
2	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 860	707 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	88 KB
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 595	542 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	944 B
1	tapatalk.com www.tapatalk.com — Cisco Umbrella Rank: 105324
1	network54.com 1 redirects network54.com	380 B
1	afsanalytics.com www.afsanalytics.com	692 B
1	addfreestats.com 1 redirects www.addfreestats.com	348 B
0	sitemeter.com Failed s27.sitemeter.com Failed
89	23

	Domain	Requested by
19	leaksville.com	leaksville.com
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com leaksville.com
15	pagead2.googlesyndication.com	leaksville.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com
7	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	www.google.com	1 redirects tpc.googlesyndication.com googleads.g.doubleclick.net
4	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com leaksville.com
3	www.gstatic.com	leaksville.com googleads.g.doubleclick.net
2	x.bidswitch.net	2 redirects
2	eb2.3lift.com	2 redirects
2	ap.lijit.com	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	partner.googleadservices.com	pagead2.googlesyndication.com
2	www.googletagmanager.com	leaksville.com
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	r.turn.com
1	ad.turn.com	1 redirects
1	fonts.gstatic.com	fonts.googleapis.com
1	static.doubleclick.net	googleads.g.doubleclick.net
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.tapatalk.com	leaksville.com
1	network54.com	1 redirects
1	www.afsanalytics.com	leaksville.com
1	www.addfreestats.com	1 redirects
0	s27.sitemeter.com Failed	leaksville.com
89	31

This site contains no links.

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh

This page contains 13 frames:

Primary Page: http://leaksville.com/
Frame ID: 7F14410D291D9410892FF5A09B476DEA
Requests: 1 HTTP requests in this frame

Frame: http://leaksville.com/welcome_to_leaksville.htm
Frame ID: C7108102B76DFE94F97BB87E06199441
Requests: 7 HTTP requests in this frame

Frame: http://leaksville.com/leaksville2.htm
Frame ID: 0E5C98B26AE8559B19B650682A2C188C
Requests: 15 HTTP requests in this frame

Frame: http://leaksville.com/leaksville3.htm
Frame ID: 6C1A934C38F676708ACE7838C497962D
Requests: 23 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html
Frame ID: 7FDCDD5DE4E83C81D5BC3B0A8D4A2FA9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=1383425135&adf=3291215023&pi=t.ma~as.2679686752&w=125&fwrn=3&lmt=1486577728&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville2.htm&wgl=1&dt=1678604881210&bpp=3&bdt=98&idt=136&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&correlator=6568028331237&frm=21&ife=1&pv=2&ga_vid=1408185938.1678604881&ga_sid=1678604881&ga_hid=1464910814&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=40&ady=69&biw=1600&bih=1200&isw=204&ish=1139&ifk=345069011&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31072742&oid=2&pvsid=4704801745054&tmod=1702795369&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C204%2C1139&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iwd4q474ypno&fsb=1&xpc=0jCTEkO72o&p=http%3A//leaksville.com&dtd=156
Frame ID: 071B9B4AA955CC479577E8B99AD48772
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97
Frame ID: AC752456F9A3E481A5655C8A4E9EA685
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EC7E639EABB83E69F04B2671CAC9BA8C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6A8DD4646617FEF633B6F85583011147
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A8777D9C968FFF85BA6045137B8F68A4
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js
Frame ID: B4A9A5A6870A8720505508CACB21CED3
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A35D67B3F77E64395CB5A5A05399A407
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6D1D11D7B709AB4D5A7009791EB11F03
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Welcome To Leaksville, North Carolina

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

89
Requests

64 %
HTTPS

67 %
IPv6

23
Domains

31
Subdomains

22
IPs

5
Countries

989 kB
Transfer

2433 kB
Size

17
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://www.addfreestats.com/cgi-bin/countnow.cgi?usr=00063916&type=2 HTTP 301
https://www.afsanalytics.com/cgi-bin/countnow.cgi?usr=00063916&type=2

Request Chain 15

http://www.google.com/jsapi HTTP 301
https://www.gstatic.com/charts/loader.js

Request Chain 16

http://network54.com/Hide/Votelet/12098?javascript=on HTTP 301
https://www.tapatalk.com/groups/network54/Hide/Votelet/12098?javascript=on

Request Chain 72

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEINCD-RE_KJnT-VTP9sMyEM&google_cver=1&google_push=Aa02lx8k6Xjk0QiTkGleqOy-Qkotok5nbGfzwJUnETTAl7T89FcIYEEWnY-_K5fN3Al6fdhEbny_2X1I5hf2oFefIbV25i1EAJK91w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIxNTk2MDQ1NjIzMTM3MjQwNA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEINCD-RE_KJnT-VTP9sMyEM&google_cver=1

Request Chain 73

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIKXKfi2CT--Ph_udRpqvPI&google_cver=1&google_push=Aa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI5Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI5Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIKXKfi2CT--Ph_udRpqvPI&google_cver=1&google_push=Aa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI5Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI5Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 74

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEA8ZHDCBTzl5Q7mAcSc8mw0&google_cver=1&google_push=Aa02lx8f8l3NE6wrzfP60mWGmOEtAEdDeuULsj5PJNQlhLz3cCJF-DpYXqiMp9ZtBNKyqcZbG7fgETei1vHtl6ryLg_OgClmb1NpJA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEA8ZHDCBTzl5Q7mAcSc8mw0&google_push=Aa02lx8f8l3NE6wrzfP60mWGmOEtAEdDeuULsj5PJNQlhLz3cCJF-DpYXqiMp9ZtBNKyqcZbG7fgETei1vHtl6ryLg_OgClmb1NpJA

Request Chain 75

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK2-mMNKAJEhV5alJUaHv6k&google_cver=1&google_push=Aa02lx8pDwTuCj3nDum1nHdRjZ-5rIjkBLuupZtgt4Ff3nKuEsKG-z-TPWejaY9h059c8s-y2sEOpfckefZMfLxt9RMBsmD9X4hblg HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK2-mMNKAJEhV5alJUaHv6k&google_push=Aa02lx8pDwTuCj3nDum1nHdRjZ-5rIjkBLuupZtgt4Ff3nKuEsKG-z-TPWejaY9h059c8s-y2sEOpfckefZMfLxt9RMBsmD9X4hblg&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK2-mMNKAJEhV5alJUaHv6k&google_hm=ZA16U6N3xA-QdaFI7BT0YwAACFQAAAIB&google_nid=index&google_push=Aa02lx8pDwTuCj3nDum1nHdRjZ-5rIjkBLuupZtgt4Ff3nKuEsKG-z-TPWejaY9h059c8s-y2sEOpfckefZMfLxt9RMBsmD9X4hblg

Request Chain 76

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIFBizmESwqC6h3JYj-q74s&google_cver=1&google_push=Aa02lx_HlpH2jg55oVWpZey7kK2lATdRojKcyxW66IBnDLzJjIL43cdxj31CyV1buAivak0it9sQHx0uPLf4_KEn7-V38xyf51cXcvQ HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIFBizmESwqC6h3JYj-q74s&google_cver=1&google_push=Aa02lx_HlpH2jg55oVWpZey7kK2lATdRojKcyxW66IBnDLzJjIL43cdxj31CyV1buAivak0it9sQHx0uPLf4_KEn7-V38xyf51cXcvQ&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_HlpH2jg55oVWpZey7kK2lATdRojKcyxW66IBnDLzJjIL43cdxj31CyV1buAivak0it9sQHx0uPLf4_KEn7-V38xyf51cXcvQ&google_hm=GS_srGZH6Vqw4RcVS76uMchm

Request Chain 77

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKeJRAu6wNjwiR3lw1vbDjI&google_cver=1&google_push=Aa02lx-s7VEYHPkCnStc5rmLyz9nqgP9HJk1wDmLhwgrZLdZ07vxuIbI6eQU1JHDAdQTdPOlsvz6ZE3Qj_Tx_ksRm1p4hw-y-62m-w HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-s7VEYHPkCnStc5rmLyz9nqgP9HJk1wDmLhwgrZLdZ07vxuIbI6eQU1JHDAdQTdPOlsvz6ZE3Qj_Tx_ksRm1p4hw-y-62m-w&google_gid=CAESEKeJRAu6wNjwiR3lw1vbDjI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc5Njc1MDE2OTExNzQ0MzEwMTA5OA%3D%3D&google_push=Aa02lx-s7VEYHPkCnStc5rmLyz9nqgP9HJk1wDmLhwgrZLdZ07vxuIbI6eQU1JHDAdQTdPOlsvz6ZE3Qj_Tx_ksRm1p4hw-y-62m-w

Request Chain 78

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEK5DlN11lYDoyUIg7bAgdi4&google_cver=1&google_push=Aa02lx8OlEHgsjwiwlgK4wQCc1CiYuvC4ahqgZ8iHScQYnh50FhGwaO9uymuSn-_qpZNg7mHmqcYhDGDJxTjUbfIN-8UqgnRvU2ocb9F HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEK5DlN11lYDoyUIg7bAgdi4&google_cver=1&google_push=Aa02lx8OlEHgsjwiwlgK4wQCc1CiYuvC4ahqgZ8iHScQYnh50FhGwaO9uymuSn-_qpZNg7mHmqcYhDGDJxTjUbfIN-8UqgnRvU2ocb9F HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b309ed08-5c0d-473d-9504-309cfdbc1d5f&%%GOOGLE_PUSH_PAIR%%

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
leaksville.com/ 2 KB
1 KB 287ms
132ms Document
text/html 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to

Full URL: http://leaksville.com/
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 1ee502aab815b05c16314aa25dd1734649d71871243283eb3b7b996bba7647e7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 1174
Content-Type: text/html
Date: Sun, 12 Mar 2023 07:08:00 GMT
ETag: "8f1-54808d9689000-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Wed, 08 Feb 2017 18:15:28 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK welcome_to_leaksville.htm Show response
leaksville.com/ Frame C710 2 KB
1 KB 127ms
126ms Document
text/html 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to

Full URL: http://leaksville.com/welcome_to_leaksville.htm
Requested by: Host: leaksville.com
URL: http://leaksville.com/
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 59781bfd842c07107a1e18b66504a24b98225e6d74517db1780480f6d226e1e2

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 923
Content-Type: text/html
Date: Sun, 12 Mar 2023 07:08:00 GMT
ETag: "70e-563c62ba95bb5-gzip"
Keep-Alive: timeout=5, max=99
Last-Modified: Sat, 27 Jan 2018 18:27:50 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK leaksville2.htm Show response
leaksville.com/ Frame 0E5C 5 KB
2 KB 252ms
126ms Document
text/html 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to

Full URL: http://leaksville.com/leaksville2.htm
Requested by: Host: leaksville.com
URL: http://leaksville.com/
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: aac252443f770c78ae8acf0e8c9af91efc98a13d8e39ab0eb5ccea4299598506

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 2040
Content-Type: text/html
Date: Sun, 12 Mar 2023 07:08:01 GMT
ETag: "1496-54808d9689000-gzip"
Keep-Alive: timeout=5, max=98
Last-Modified: Wed, 08 Feb 2017 18:15:28 GMT
Server: Apache
Vary: Accept-Encoding

GET
H/1.1 200
OK leaksville3.htm Show response
leaksville.com/ Frame 6C1A 8 KB
3 KB 265ms
136ms Document
text/html 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to

Full URL: http://leaksville.com/leaksville3.htm
Requested by: Host: leaksville.com
URL: http://leaksville.com/
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 7eaad02977db7fb49d7605dc47112223121088d2e5985650c6b62825883e6249

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 3106
Content-Type: text/html
Date: Sun, 12 Mar 2023 07:08:01 GMT
ETag: "1e29-562a08d8acf8a-gzip"
Keep-Alive: timeout=5, max=100
Last-Modified: Sat, 13 Jan 2018 04:09:52 GMT
Server: Apache
Vary: Accept-Encoding

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame C710 112 KB
44 KB 60ms
25ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-112361094-1

Requested by

Host: leaksville.com
URL: http://leaksville.com/welcome_to_leaksville.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73204fb3ea10a235495da7716e88a8a4790e0aa8ae70541b795438a98b97e220

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44814
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H/1.1 200
OK norcarlC[1].gif
leaksville.com/ Frame C710 8 KB
9 KB 134ms
133ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/norcarlC[1].gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/welcome_to_leaksville.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 74dba6d490057f7d7368576922b913e21e5377dd951af3970155f45aadd6daef

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/welcome_to_leaksville.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:15:46 GMT
Server: Apache
ETag: "2132-54808da7b3880"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 8498

GET
H/1.1 200
OK Gray_Parchment.gif
leaksville.com/images/ Frame C710 2 KB
2 KB 242ms
131ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/images/Gray_Parchment.gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/welcome_to_leaksville.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 6d73702438b0b1623b204df6074450107a7fa6cf05490fb9c2118e3b1da9bf10

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/welcome_to_leaksville.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:20 GMT
Server: Apache
ETag: "6ea-54808d1c77000"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 1770

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame C710 49 KB
20 KB 46ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112361094-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Mar 2023 06:43:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1486
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 12 Mar 2023 08:43:15 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 0E5C 142 KB
51 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: leaksville.com
URL: http://leaksville.com/leaksville2.htm

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b42ec632fc462befd9c5cfceac1f89a360b36519b47c554828d5f7cb6afceaac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51193
X-XSS-Protection: 0
Server: cafe
ETag: 106646205501015368
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H/1.1 200
OK leaksv3.jpg
leaksville.com/images2/images2/ Frame 0E5C 2 KB
3 KB 136ms
132ms Image
image/jpeg 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/images2/images2/leaksv3.jpg
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville2.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 885ca4e8ddfd019f10c0b318989590cff2b7b4e20acb128c2388dd13586431a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:36 GMT
Server: Apache
ETag: "9bc-54808d2bb9400"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2492

GET
H/1.1 200
OK guestboo1.gif
leaksville.com/ Frame 0E5C 3 KB
3 KB 142ms
128ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/guestboo1.gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville2.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: c34233f89867febd3e986af128a0f680973f63f27b1ae32f347f90b60d93ab7f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:15:28 GMT
Server: Apache
ETag: "b36-54808d9689000"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 2870

GET counter.js
s27.sitemeter.com/js/ Frame 0E5C 0
0

GET
H/1.1

200
OK

countnow.cgi Show response
www.afsanalytics.com/cgi-bin/ Frame 0E5C
Redirect Chain

http://www.addfreestats.com/cgi-bin/countnow.cgi?usr=00063916&type=2
https://www.afsanalytics.com/cgi-bin/countnow.cgi?usr=00063916&type=2

803 B
692 B

432ms
141ms

Script
application/x-javascript

198.50.213.200
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://www.afsanalytics.com/cgi-bin/countnow.cgi?usr=00063916&type=2
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville2.htm
Protocol: HTTP/1.1
Server: 198.50.213.200 Montreal, Canada, ASN16276 (OVH, FR),
Reverse DNS: afsanalytics.com
Software: Apache /
Resource Hash: 51f0cd79098242438105cf6fc8751040708a6a975432423ec77059706c3a91fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/x-javascript
Connection: Keep-Alive
Keep-Alive: timeout=15
Content-Length: 413
Expires: Tue, 20 Aug 1996 14:25:27 GMT

Redirect headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Server: Apache
Content-Type: text/html; charset=iso-8859-1
Location: https://www.afsanalytics.com/cgi-bin/countnow.cgi?usr=00063916&type=2
Cache-Control: max-age=0
Connection: Keep-Alive
Keep-Alive: timeout=15
Content-Length: 281
Expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H/1.1 404
Not Found /
leaksville.com/_vti_bin/fpcount.exe/ Frame 0E5C 196 B
196 B 148ms
134ms Image
text/html 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/_vti_bin/fpcount.exe/?Page=leaksville2.htm|Image=0
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville2.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 196
Content-Type: text/html; charset=iso-8859-1

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 6C1A 112 KB
44 KB 28ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-112361094-1

Requested by

Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e8fdbf65595c0437ff7e5d3f3d13c4967623e1bdbd9148d7efef65f504fd63df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44813
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H/1.1 200
OK wpe22.gif
leaksville.com/images/ Frame 6C1A 48 KB
49 KB 249ms
134ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/images/wpe22.gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 137d538a567e629997e6fa231717360e92046b1197ee812c092a7b950653074c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:22 GMT
Server: Apache
ETag: "c0fe-54808d1e5f480"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 49406

GET
H2

200

loader.js Show response
www.gstatic.com/charts/ Frame 6C1A
Redirect Chain

http://www.google.com/jsapi
https://www.gstatic.com/charts/loader.js

61 KB
19 KB

48ms
14ms

Script
text/javascript

2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/charts/loader.js

Requested by

Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm

Protocol

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94f2d65c29680e0e94f04aa9a2a9e1877786edaf8013029bf260217a0a5ee2ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 06:24:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2606
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18426
x-xss-protection: 0
last-modified: Sat, 18 Feb 2023 18:04:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="gviz"
vary: Accept-Encoding, Origin
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-type: text/javascript
cache-control: public, max-age=3600
access-control-allow-credentials: true
accept-ranges: bytes
expires: Sun, 12 Mar 2023 07:24:35 GMT

Redirect headers

Date: Sun, 12 Mar 2023 06:38:27 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 1774
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/charts/loader.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Sun, 12 Mar 2023 07:08:27 GMT

GET
H2

404

12098
www.tapatalk.com/groups/network54/Hide/Votelet/ Frame 6C1A
Redirect Chain

http://network54.com/Hide/Votelet/12098?javascript=on
https://www.tapatalk.com/groups/network54/Hide/Votelet/12098?javascript=on

0
0

536ms
509ms

Script
text/html

2606:4700::6812:400b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tapatalk.com/groups/network54/Hide/Votelet/12098?javascript=on
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: H2
Server: 2606:4700::6812:400b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Redirect headers

Ignore-Matching: yes
Pragma: no-cache
Date: Sun, 12 Mar 2023 07:08:01 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
Location: https://www.tapatalk.com/groups/network54/Hide/Votelet/12098?javascript=on
Cache-Control: no-cache
Connection: keep-alive
Expires: Thu Jan 1 00:00:00 1970

GET
H/1.1 200
OK blue_thin_line_2.gif
leaksville.com/ Frame 6C1A 2 KB
2 KB 255ms
136ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/blue_thin_line_2.gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 56b308a83c6a6454dd08a5401c12e8b02a014cc03a2d5c1334b7b1cafad4bb9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:00 GMT
Server: Apache
ETag: "756-54808d0964300"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1878

GET
H/1.1 200
OK leaksmap.gif
leaksville.com/images/ Frame 6C1A 22 KB
23 KB 253ms
129ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/images/leaksmap.gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 01e24191aa47b90c3ed7c7500a3c017b1979e98b10ed4f24171a633b1a1a9973

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:24 GMT
Server: Apache
ETag: "5903-54808d2047900"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 22787

GET
H/1.1 200
OK tyner.jpg
leaksville.com/ Frame 6C1A 3 KB
3 KB 264ms
129ms Image
image/jpeg 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/tyner.jpg
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 2d78ecf4cbb331f3a777cee8ecd1a4477164787b07e3aa9a3590dab594c696c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:18:40 GMT
Server: Apache
ETag: "b88-54808e4da4000"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 2952

GET
H/1.1 200
OK casteen.jpg
leaksville.com/ Frame 6C1A 3 KB
3 KB 270ms
133ms Image
image/jpeg 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/casteen.jpg
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 1e2a507d4d20148cf13ba43ccc31015d33d2199c1052a10e7bd1977c43826bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:00 GMT
Server: Apache
ETag: "bfb-54808d0964300"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3067

GET
H/1.1 200
OK leaksv7.gif
leaksville.com/images2/ Frame 6C1A 30 KB
30 KB 370ms
125ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/images2/leaksv7.gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 06d8b1b0182cf90218df80b8c3f6705b1298edcaf9285b7e393ba3dc9c4f0002

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:42 GMT
Server: Apache
ETag: "78c7-54808d3172180"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 30919

GET
H/1.1 200
OK hospital1.jpg
leaksville.com/Poole_files/ Frame 6C1A 7 KB
7 KB 142ms
132ms Image
image/jpeg 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/Poole_files/hospital1.jpg
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 0927620e10d5756326ba1e8aef5133342a49d1a3df6d6b9dec0e2e3c6e75a4a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:08:36 GMT
Server: Apache
ETag: "1c79-54808c0d9f100"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 7289

GET
H/1.1 200
OK 2002.h31.jpg
leaksville.com/images/ Frame 6C1A 6 KB
6 KB 139ms
133ms Image
image/jpeg 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/images/2002.h31.jpg
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: e5e5b556211ac8c15281f4237962498c6c75386a3ce3d38fa8cac50eb00c3ad9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:22 GMT
Server: Apache
ETag: "16a1-54808d1e5f480"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 5793

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 6C1A 142 KB
51 KB 53ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm

Protocol

HTTP/1.1

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a64134fb287b3e21b6b6d7910da0c2190473e20fb5d0e09fbc3d3de7becdd96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 51192
X-XSS-Protection: 0
Server: cafe
ETag: 4902492481898104134
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H/1.1 200
OK Gray_Parchment.gif
leaksville.com/images/ Frame 0E5C 2 KB
2 KB 390ms
136ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/images/Gray_Parchment.gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville2.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 6d73702438b0b1623b204df6074450107a7fa6cf05490fb9c2118e3b1da9bf10

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville2.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:20 GMT
Server: Apache
ETag: "6ea-54808d1c77000"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 1770

GET
H/1.1 200
OK Gray_Parchment.gif
leaksville.com/images/ Frame 6C1A 2 KB
2 KB 232ms
135ms Image
image/gif 64.138.196.132
AS21565

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://leaksville.com/images/Gray_Parchment.gif
Requested by: Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm
Protocol: HTTP/1.1
Server: 64.138.196.132 Loris, United States, ASN21565 (AS21565, US),
Reverse DNS: 132.64-138-196-net.sccoast.net
Software: Apache /
Resource Hash: 6d73702438b0b1623b204df6074450107a7fa6cf05490fb9c2118e3b1da9bf10

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/leaksville3.htm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Sun, 12 Mar 2023 07:08:01 GMT
Last-Modified: Wed, 08 Feb 2017 18:13:20 GMT
Server: Apache
ETag: "6ea-54808d1c77000"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 1770

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame C710 2 B
205 B 18ms
18ms XHR
text/plain 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1296572312&t=pageview&_s=1&dl=http%3A%2F%2Fleaksville.com%2Fwelcome_to_leaksville.htm&ul=en-us&de=windows-1252&dt=Welcome%20to%20Leaksville%2C%20North%20Carolina&sd=24-bit&sr=1600x1200&vp=1600x61&je=0&_u=YEBAAUABAAAAACAAI~&jid=547214446&gjid=1409938035&cid=1408185938.1678604881&tid=UA-112361094-1&_gid=1389750848.1678604881&_r=1&gtm=457e3360&z=982036460

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://leaksville.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://leaksville.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 6C1A 49 KB
20 KB 15ms
14ms Script
text/javascript 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-112361094-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 12 Mar 2023 06:43:15 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1486
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Sun, 12 Mar 2023 08:43:15 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame C710 1 B
344 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-112361094-1&cid=1408185938.1678604881&jid=547214446&gjid=1409938035&_gid=1389750848.1678604881&_u=YEBAAUAAAAAAACAAI~&z=1784565309

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://leaksville.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 12 Mar 2023 07:08:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://leaksville.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ Frame 0E5C 362 KB
120 KB 85ms
50ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2980408569545194&plah=leaksville.com&bust=31072742

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67efa092b7a5d5f4a53a42902e0f5d9bfe62e806c39938c584e53908ac160374

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122001
x-xss-protection: 0
server: cafe
etag: 730517302426151351
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/ Frame 7FDC 10 KB
5 KB 79ms
23ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230308/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 38578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 20:25:03 GMT
etag: 2378337311435320485
expires: Sat, 25 Mar 2023 20:25:03 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 collect
www.google-analytics.com/ Frame 6C1A 35 B
55 B 13ms
13ms Image
image/gif 2001:4860:4802:34::178
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1788981541&t=pageview&_s=1&dl=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&ul=en-us&de=windows-1252&dt=Welcome%20to%20Leaksville%2C%20North%20Carolina&sd=24-bit&sr=1600x1200&vp=1396x1139&je=0&_u=QACAAUABAAAAAAAAI~&jid=&gjid=&cid=1408185938.1678604881&tid=UA-112361094-1&_gid=1389750848.1678604881&gtm=457e3360&z=709085997

Requested by

Host: leaksville.com
URL: http://leaksville.com/leaksville3.htm

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:34::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 11 Mar 2023 20:43:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 37493
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 0E5C 395 B
607 B 78ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=leaksville.com&callback=_gfp_s_&client=ca-pub-2980408569545194

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2980408569545194&plah=leaksville.com&bust=31072742

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2bc1679d7d5178fe331d3f0e54d967bf9e03f26cad89a8e8596f95e0a1a67542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 0E5C 107 B
531 B 81ms
23ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=leaksville.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0E5C 107 B
456 B 58ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=leaksville.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 071B 66 KB
22 KB 492ms
491ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=1383425135&adf=3291215023&pi=t.ma~as.2679686752&w=125&fwrn=3&lmt=1486577728&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville2.htm&wgl=1&dt=1678604881210&bpp=3&bdt=98&idt=136&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&correlator=6568028331237&frm=21&ife=1&pv=2&ga_vid=1408185938.1678604881&ga_sid=1678604881&ga_hid=1464910814&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=40&ady=69&biw=1600&bih=1200&isw=204&ish=1139&ifk=345069011&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31072742&oid=2&pvsid=4704801745054&tmod=1702795369&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C204%2C1139&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iwd4q474ypno&fsb=1&xpc=0jCTEkO72o&p=http%3A//leaksville.com&dtd=156

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba44198fac9bb869a6a16f255b69ec97cbdcb0acf1080f1f2395da7fc00f9e36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 21835
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 07:08:01 GMT
expires: Sun, 12 Mar 2023 07:08:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame 071B 2 KB
944 B 57ms
23ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=1383425135&adf=3291215023&pi=t.ma~as.2679686752&w=125&fwrn=3&lmt=1486577728&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville2.htm&wgl=1&dt=1678604881210&bpp=3&bdt=98&idt=136&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&correlator=6568028331237&frm=21&ife=1&pv=2&ga_vid=1408185938.1678604881&ga_sid=1678604881&ga_hid=1464910814&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=40&ady=69&biw=1600&bih=1200&isw=204&ish=1139&ifk=345069011&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31072742&oid=2&pvsid=4704801745054&tmod=1702795369&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C204%2C1139&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iwd4q474ypno&fsb=1&xpc=0jCTEkO72o&p=http%3A//leaksville.com&dtd=156

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 12 Mar 2023 05:58:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 071B 2 KB
846 B 51ms
17ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48347
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:42:14 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 071B 0
0 57ms
57ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEa1gUXoNZM77GNeTxdwPwLeFsA__yMS3b8vgqLWIEYmYv7uKORABIKr_lxxglYKAgMAHoAHVlP7HA8gBBqkCDhS7LA_bsT6oAwHIAwKqBPIBT9BzCUEhUFkan8X182kjtfuUlfH8X2i50de2mwJzc4k9Mxj-kGMcNsiZyh9Gs-LjiJZF79Rxc112-YCEp_gDCnMnspQaqhbEHktWmBCzI6fW_wDZOZXWGWMpTxnNybQbgvyVWbNijq5hCn1QbrbfDOyCP6sXR_Frqf6z84f7hyUS1ynhiIAmF6wNtY5xHo7XoKcreX556HlQT0cIggQFBx1YjkNF00dNRb37xDCnMabMyWCr9SPqmfZfbdrraJH8n3apyzZ68zNixRexKOdQT9Q7GHWs7tmM8ii7AClUX32sORfhpjtsRAEBagD6bce0DQ_ABLjUzL-7BJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAe8v6kuqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgHpr4b2AcB8gcEENbOftIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTI5ODA0MDg1Njk1NDUxOTQYAA&sigh=Mx_2eVe7uaI&uach_m=[UACH]&cid=CAQSGwDUE5ymUH3aBXV2XHIsLFO1YTDLcQdoX1qYLxgB&template_id=493

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=1383425135&adf=3291215023&pi=t.ma~as.2679686752&w=125&fwrn=3&lmt=1486577728&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville2.htm&wgl=1&dt=1678604881210&bpp=3&bdt=98&idt=136&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&correlator=6568028331237&frm=21&ife=1&pv=2&ga_vid=1408185938.1678604881&ga_sid=1678604881&ga_hid=1464910814&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=40&ady=69&biw=1600&bih=1200&isw=204&ish=1139&ifk=345069011&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44777877%2C31072742&oid=2&pvsid=4704801745054&tmod=1702795369&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C204%2C1139&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.iwd4q474ypno&fsb=1&xpc=0jCTEkO72o&p=http%3A//leaksville.com&dtd=156
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 12 Mar 2023 07:08:01 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame 071B 22 KB
9 KB 45ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 15:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54835
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 15:54:06 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 071B 3 KB
1 KB 49ms
16ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:32:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:32:43 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame 071B 20 KB
8 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48914
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:32:47 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 071B 158 KB
49 KB 60ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
H2 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame 071B 34 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 20:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124546
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 20:32:15 GMT

GET
H2 200 12091747739595281699_4976315811307034038.jpeg
static.doubleclick.net/dynamic/5/399982299/ Frame 071B 2 KB
3 KB 76ms
16ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/399982299/12091747739595281699_4976315811307034038.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c40e47b987fd150d74973122bc64cd4121df544f21984ac0b6ef94b801cdf45e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 19:40:41 GMT
x-content-type-options: nosniff
age: 127640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2491
x-xss-protection: 0
last-modified: Tue, 28 Feb 2023 17:01:15 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 09 Mar 2024 19:40:41 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/ Frame 6C1A 362 KB
119 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202302280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2980408569545194&plah=leaksville.com&bust=31072787

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77a5a7acf9b5ec1424d85fa410ca60504d7cd7030ee9c859bb9b94a183dc31e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:01 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122000
x-xss-protection: 0
server: cafe
etag: 14409606818230799401
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 12 Mar 2023 07:08:01 GMT

GET
DATA 200
OK truncated
/ Frame 071B 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6de65287f801364eee90cdc4f20360a56c22b90cfd1df7c3c3e815694034de73

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 071B 20 KB
21 KB 47ms
13ms Font
font/woff2 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 20:24:54 GMT
x-content-type-options: nosniff
age: 297788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 20:24:54 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 0E5C 15 KB
11 KB 58ms
29ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9942386a5dedcb3c5b4f31377c41cf45d3bc913fc94d2d2b3f8bb7866e030f80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11221
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ Frame 6C1A 12 B
100 B 21ms
20ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=leaksville.com&callback=_gfp_s_&client=ca-pub-2980408569545194&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 6C1A 107 B
165 B 23ms
22ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=leaksville.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 6C1A 107 B
165 B 21ms
21ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=leaksville.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AC75 99 KB
36 KB 592ms
592ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5eff639be375fedecad40979f41d69f292335721fcc20ea1b65260a3a797ef8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 36778
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 07:08:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 0E5C 17 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 07:08:02 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EC7E 13 KB
5 KB 14ms
12ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 22:47:43 GMT
expires: Sun, 10 Mar 2024 22:47:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6A8D 783 B
1 KB 80ms
23ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ec6cd135849ea937b3f62793fe3b583f8a1ca7e1989e82eba6f5e91556abdac4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Rf4faa-Jp-EK0yIr-CZd4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Rf4faa-Jp-EK0yIr-CZd4w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 07:08:02 GMT
expires: Sun, 12 Mar 2023 07:08:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js Show response
pagead2.googlesyndication.com/bg/ Frame EC7E 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 20:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14374
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 20:11:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6A8D 0
0 47ms
47ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230308&jk=4704801745054&rc=
Requested by: Host: leaksville.com
URL: http://leaksville.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EC7E 0
10 B 23ms
23ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?yHV2Wg
Requested by: Host: leaksville.com
URL: http://leaksville.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame AC75 2 KB
765 B 13ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:42:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48348
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:42:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/ Frame AC75 22 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 15:54:06 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54836
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9103
x-xss-protection: 0
server: cafe
etag: 315661852888499207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 15:54:06 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame AC75 3 KB
1 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:32:43 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48919
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:32:43 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/ Frame AC75 20 KB
8 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230308/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 17:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
age: 48915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8558
x-xss-protection: 0
server: cafe
etag: 3110455901848521628
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 25 Mar 2023 17:32:47 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame AC75 0
0 21ms
21ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKEnllaY8C8DWuYpA5uOvmCRMCyqkKMnlGSycPIpn4SwCYMY33o3T8fZ4sjIiuDGXmRUZeE8BWO3n08GzrXGoj-L_Fzw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AC75 158 KB
49 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49657
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1678278820084806"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Mar 2023 07:08:02 GMT

GET
H3 200 887cfa9374a0c130d54aa7fe143e0312.js Show response
www.gstatic.com/mysidia/ Frame AC75 34 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/887cfa9374a0c130d54aa7fe143e0312.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 20:32:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 124547
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14316
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 05:15:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 08 Jun 2023 20:32:15 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame AC75 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CEm5ZUnoNZKOpBIWMxdwP3va08AaPn8WLb7a-3qbvD_LKzvvzLxABIKr_lxxglYKAgMAHoAGtlprZA8gBAagDAcgDywSqBPoBT9DpiTc7ZFpsNxkp9DzgHeuSi60FqqbVbeqkY3CLM4uRiXGcHhzGxbU4Ik9ijE0CgjGTUpsJLtjDZgk1BcUC6MqJkZFCQmidYIS4DhpQ-dwQRDc1XJDeP1nNe4ZBd-6rmhBWuHVpDLQ4_wFtFcI_ls8mF_1Jhj6Mvd4xJxmV7gQ2ux3B28zcFtOvK_K6gcdeskISFsV9Orvf-DqLpLKSBBcilsTlpPB-Pve-sLXMwD5WBDrFnai9n2QHJBAFCNRd_edTgbPFdjcTgjEatKAQe-qVCHaxBkzKh6DxmCK-z1Kt-oVunOAommveaLJY9jpftiWxHrEjy4Sh9sAE1dKQku4DkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBgKAB7vp5SaoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBCN2QzSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDYgUAtAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yOTgwNDA4NTY5NTQ1MTk0GAA&sigh=UofzFZduID4&uach_m=[UACH]&cid=CAQSPADUE5ymM4MbKBeJum3o6UtooJ9ZbtaX6JzxLTLx1W-qdbU77ZQ_jMWoOiCTyWIVI0YDZBUqcq9wYxRbkxgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 12 Mar 2023 07:08:02 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 2323030691432451459
tpc.googlesyndication.com/daca_images/simgad/ Frame AC75 4 KB
4 KB 72ms
72ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/2323030691432451459?w=150&h=125

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ad43eec03d76e5428c54dcc5d2f253d4b6d75e978b7faff3c5d1846a7dabc59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4178
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 03:24:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 19 Mar 2023 07:08:02 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A877 1 KB
643 B 16ms
13ms Document
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1588
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 06:41:34 GMT
etag: 48472445140208031
expires: Mon, 13 Mar 2023 06:41:34 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AC75 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d9a37718d738b979bc2192e1175c419db8160ddd4f8490c0d2fdc8bd3b755924

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0E5C 0
0 50ms
50ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230308&jk=4704801745054&bg=!AQKlAlbNAAZKh9k7aoc7ADkAdvg8WqxzIeeE1fgYWT2RR85LxsTpNx6XU-TJE87LmCN_rxouHnSLKKw1TJYLXp2ZZNomezjEAxoCAAAAa1IAAAACaAEHmQLmP7hRACGIIUyMG7ZTN_p0Y7_9yDGf7H3I1RimDs3RMUo2kAc_JbWn3I8FhWCVbJVWrqwYtZUDNf8nNCG303GCuSV_Ge0T4mw8uZNKrFSa3q3QWh08EGr1XIvaAJCVF1UAVQevpU-c899n6PvuKbFXcPNo2AZB4gAKYKWqxDvIIQNeCGZQ19kRlVaKdvfeA7DRDXLWjuW_OIfEKE6YDHoIExJ-j8qi7ewNHmnZgCFcX91EfiWpYhM9LNDTf4eMK85xF2Wu6bIqi2JvsetL6dnQ2RiVs-N3wTvd3Cr05ErCsPPlhH85XXuIqJ8_OQM-vMGKX71DxepqCY9PaNi4c-g0dJ2yCcUwWpItt0R7kz656ZG8uamu54-006kHPv7640Cn0XyoOEkmCco71S_zytNUt1Deex1sgaedjzfQY010F6pOT72Ck3C57DkJNxU3ZbTfqk2wuvVaKxWrLWUSQQ9wPMF-qgnCFm6e5tb5bOSjuiJJmolDyARfv3yI91RgcMcy8atKeK5KMTX0BUG1uJ61rOBnTlXaVMn6HLeyYYdGgBwSall3WDjSCidNu4AkhWdWCL9fiEk2TBMYDPCsA9-0oTI7dcMfkJ2szzyRRjbRRtsLGITL0e2tfGxJ01GlOylU3qufpx6K00vz8jP6IPVlyaUI2CmT7t8Jo60x89O9HC1JkjHG-bnNAQorIB6k0p8d7L0xWCZF1ZWMYmiXxxqP3UKo4isCLSsJs7obHiITHIHtGTx7FZwybJI1_c0ovtUYw2iqlCWaQrnusunA-gsxhzfS0TxZ9XWyY9OigyoI7JOSq5kzoRjhjjKrrtET2nxU1nTp_ZrQGfd1LwInbXMGoacpf2_1E0gEDPlNJOz13v1jBnXjqolmhvs1GMPJSUzWqXnuujWmLbqGEGz-UxZjSGos604BIjxKcANsLRWpf-Y1VWv08f6TNKPGekB_RpUMWSXDUDd-U7yoj4Dr8SaQgueMDKwOKw
Requested by: Host: leaksville.com
URL: http://leaksville.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A877
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEINCD-RE_KJnT-VTP9sMyEM&google_cver=1&google_push=Aa02lx8k6Xjk0QiTkGleqOy-Qkotok5nbGfzwJUnETTAl7T89FcIYEEWnY-_K5fN3Al6fdhEbny_2X1I5hf2oFefIbV25i1EAJK91w
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDIxNTk2MDQ1NjIzMTM3MjQwNA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEINCD-RE_KJnT-VTP9sMyEM&google_cver=1

43 B
398 B

171ms
14ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEINCD-RE_KJnT-VTP9sMyEM&google_cver=1
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 12 Mar 2023 07:08:02 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:02 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEINCD-RE_KJnT-VTP9sMyEM&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A877
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEIKXKfi2CT--Ph_udRpqvPI&google_cver=1&google_push=Aa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIKXKfi2CT--Ph_udRpqvPI&google_cver=1&google_push=Aa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1Qmwvh...

43 B
445 B

159ms
150ms

Image
image/gif

2606:4700::6812:19ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIKXKfi2CT--Ph_udRpqvPI&google_cver=1&google_push=Aa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI5Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI5Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:03 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a6a3426b8d19299-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:02 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 88
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEIKXKfi2CT--Ph_udRpqvPI&google_cver=1&google_push=Aa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI5Y&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAa02lx_n2nUXi0hlJ2jHHGpmhdwtEF8zGUGWNYbPg2OHBkNh88W3FqYwTB0hkAJD4gP9dnyQ6FEtzEFksunLvmuMA5quS1QmwvhOI5Y%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 7a6a3425bfe69299-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A877
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEA8ZHDCBTzl5Q7mAcSc8mw0&google_push=Aa02lx8f8l3NE6wrzfP60mWGmOEtAEdDeuULsj5PJNQlhLz3cCJF-DpYXq...

170 B
188 B

23ms
22ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEA8ZHDCBTzl5Q7mAcSc8mw0&google_push=Aa02lx8f8l3NE6wrzfP60mWGmOEtAEdDeuULsj5PJNQlhLz3cCJF-DpYXqiMp9ZtBNKyqcZbG7fgETei1vHtl6ryLg_OgClmb1NpJA

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230039-FRA
pragma: no-cache
date: Sun, 12 Mar 2023 07:08:02 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1678604883.842629,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEA8ZHDCBTzl5Q7mAcSc8mw0&google_push=Aa02lx8f8l3NE6wrzfP60mWGmOEtAEdDeuULsj5PJNQlhLz3cCJF-DpYXqiMp9ZtBNKyqcZbG7fgETei1vHtl6ryLg_OgClmb1NpJA
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A877
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEK2-mMNKAJEhV5alJUaHv6k&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEK2-mMNKAJEhV5alJUaHv6k&google_push=Aa...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK2-mMNKAJEhV5alJUaHv6k&google_hm=ZA16U6N3xA-QdaFI7BT0YwAACFQAAAIB&google_nid=index&google_push=Aa02lx8pDwTuCj3nDum1nHdRjZ-5rIjkBLuup...

170 B
188 B

23ms
22ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK2-mMNKAJEhV5alJUaHv6k&google_hm=ZA16U6N3xA-QdaFI7BT0YwAACFQAAAIB&google_nid=index&google_push=Aa02lx8pDwTuCj3nDum1nHdRjZ-5rIjkBLuupZtgt4Ff3nKuEsKG-z-TPWejaY9h059c8s-y2sEOpfckefZMfLxt9RMBsmD9X4hblg

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 12 Mar 2023 07:08:03 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEK2-mMNKAJEhV5alJUaHv6k&google_hm=ZA16U6N3xA-QdaFI7BT0YwAACFQAAAIB&google_nid=index&google_push=Aa02lx8pDwTuCj3nDum1nHdRjZ-5rIjkBLuupZtgt4Ff3nKuEsKG-z-TPWejaY9h059c8s-y2sEOpfckefZMfLxt9RMBsmD9X4hblg
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A877
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIFBizmESwqC6h3JYj-q74s&google_cver=1&google_push=Aa02lx_HlpH2jg55oVWpZey7kK2lATdRojKcyxW66IBnDLzJjIL43cdxj31CyV1buAivak0it9sQHx0uPLf4_KEn7...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEIFBizmESwqC6h3JYj-q74s&google_cver=1&google_push=Aa02lx_HlpH2jg55oVWpZey7kK2lATdRojKcyxW66IBnDLzJjIL43cdxj31CyV1buAivak0it9sQHx0uPLf4_KEn7...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_HlpH2jg55oVWpZey7kK2lATdRojKcyxW66IBnDLzJjIL43cdxj31CyV1buAivak0it9sQHx0uPLf4_KEn7-V38xyf51cXcvQ&google_hm=GS_srGZH6Vqw4RcVS76...

170 B
232 B

23ms
23ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_HlpH2jg55oVWpZey7kK2lATdRojKcyxW66IBnDLzJjIL43cdxj31CyV1buAivak0it9sQHx0uPLf4_KEn7-V38xyf51cXcvQ&google_hm=GS_srGZH6Vqw4RcVS76uMchm

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sun, 12 Mar 2023 07:08:02 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=Aa02lx_HlpH2jg55oVWpZey7kK2lATdRojKcyxW66IBnDLzJjIL43cdxj31CyV1buAivak0it9sQHx0uPLf4_KEn7-V38xyf51cXcvQ&google_hm=GS_srGZH6Vqw4RcVS76uMchm
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap3ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A877
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEKeJRAu6wNjwiR3lw1vbDjI&google_cver=1&google_push=Aa02lx-s7VEYHPkCnStc5rmLyz9nqgP9HJk1wDmLhwgrZLdZ07vxuIbI6eQU1JHDAdQTdPOlsvz6ZE3Qj_Tx_ksRm1p4hw-y-6...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx-s7VEYHPkCnStc5rmLyz9nqgP9HJk1wDmLhwgrZLdZ07vxuIbI6eQU1JHDAdQTdPOlsvz6ZE3Qj_Tx_ksRm1p4hw-y-62...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc5Njc1MDE2OTExNzQ0MzEwMTA5OA%3D%3D&google_push=Aa02lx-s7VEYHPkCnStc5rmLyz9nqgP9HJk1wDmLhwgrZLdZ07vxuIbI...

170 B
243 B

23ms
22ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc5Njc1MDE2OTExNzQ0MzEwMTA5OA%3D%3D&google_push=Aa02lx-s7VEYHPkCnStc5rmLyz9nqgP9HJk1wDmLhwgrZLdZ07vxuIbI6eQU1JHDAdQTdPOlsvz6ZE3Qj_Tx_ksRm1p4hw-y-62m-w

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:02 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTc5Njc1MDE2OTExNzQ0MzEwMTA5OA%3D%3D&google_push=Aa02lx-s7VEYHPkCnStc5rmLyz9nqgP9HJk1wDmLhwgrZLdZ07vxuIbI6eQU1JHDAdQTdPOlsvz6ZE3Qj_Tx_ksRm1p4hw-y-62m-w
date: Sun, 12 Mar 2023 07:08:02 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A877
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEK5DlN11l...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEK5...
https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b309ed08-5c0d-473d-9504-309cfdbc1d5f&%%GOOGLE_PUSH_PAIR%%

170 B
188 B

24ms
24ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b309ed08-5c0d-473d-9504-309cfdbc1d5f&%%GOOGLE_PUSH_PAIR%%

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:03 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=the_mediagrid_eb&google_hm=b309ed08-5c0d-473d-9504-309cfdbc1d5f&%%GOOGLE_PUSH_PAIR%%
date: Sun, 12 Mar 2023 07:08:03 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A877 0
139 B 74ms
21ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KsaRjea-_t4l34lbdozDmSiOLYMZlgptC6UlNT27stVcvFWdL7jAvpCAyBxqN_tSOLwH-3NQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 6C1A 14 KB
11 KB 28ms
28ms XHR
application/json 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230308&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4d5bf95e371c78da9d86511bf14c5a6efa789c968441db0f1a3dce574bfdaa5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11050
x-xss-protection: 0

GET
H3 200 vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js Show response
pagead2.googlesyndication.com/bg/ Frame B4A9 36 KB
14 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2980408569545194&output=html&h=125&slotname=2679686752&adk=690873189&adf=3279755399&pi=t.ma~as.2679686752&w=125&lmt=1515816592&format=125x125&url=http%3A%2F%2Fleaksville.com%2Fleaksville3.htm&wgl=1&dt=1678604881929&bpp=3&bdt=805&idt=82&shv=r20230308&mjsv=m202302280101&ptt=9&saldr=aa&cookie=ID%3Df1b5abe0942d445d-2254cfb94add0064%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog&gpic=UID%3D00000bc3b46e0b68%3AT%3D1678604881%3ART%3D1678604881%3AS%3DALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA&correlator=6568028331237&frm=21&ife=1&pv=1&ga_vid=1408185938.1678604881&ga_sid=1678604882&ga_hid=1788981541&ga_fc=1&nhd=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=216&ady=1521&biw=1600&bih=1200&isw=1396&ish=1139&ifk=2435831153&scr_x=0&scr_y=0&eid=44777877%2C44759876%2C44759927%2C44759842%2C44782466%2C31072787%2C44772269&oid=2&pvsid=338036817710251&tmod=910567003&uas=0&nvt=1&top=http%3A%2F%2Fleaksville.com%2F&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1396%2C1139&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=4&bc=23&ifi=1&uci=1.6j50pgtx23tg&btvi=1&fsb=1&xpc=UDaNkF7ol9&p=http%3A//leaksville.com&dtd=97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 20:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14374
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 20:11:50 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 6C1A 17 KB
6 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 12 Mar 2023 07:08:02 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A35D 13 KB
5 KB 14ms
13ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 30019
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 11 Mar 2023 22:47:43 GMT
expires: Sun, 10 Mar 2024 22:47:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6D1D 783 B
535 B 24ms
24ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0183343bbffe210081d0d47b09df056e5cd2c8e17f9fb6ceb81389925a9c3bb7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MMyUjj133jmS0vtvAR_kbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://leaksville.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-MMyUjj133jmS0vtvAR_kbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 12 Mar 2023 07:08:02 GMT
expires: Sun, 12 Mar 2023 07:08:02 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js Show response
pagead2.googlesyndication.com/bg/ Frame A35D 36 KB
14 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vXNxKHOfM0woUYPMlVUM_skHL1Nu-ue6r5dLQlK5kuA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sat, 11 Mar 2023 20:11:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 39372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14374
x-xss-protection: 0
last-modified: Mon, 06 Mar 2023 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 10 Mar 2024 20:11:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6D1D 0
0 46ms
46ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230308&jk=338036817710251&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 071B 42 B
64 B 49ms
49ms Fetch
image/gif 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswwjbiHlORXWRgVMV9auhVfLhbQIqeRpm9tohBUIQVcifUKOmfTAjed0Sp4or2Y2StUIVJfXMAkgis53Ul0hsL_xFX_iD8KVYh9PgPrboadRCHb8bk5UKFkkPCTIZJMpb-z-l3tg&sai=AMfl-YRKyTjiLk9FkokT_0gOaBI3F_mD5mokBjPb72BNPObttC-GkBFfaTVPdy6bPZGlZyyJclmUZqchJxUm&sig=Cg0ArKJSzP86YvO6TiPaEAE&cid=CAQSGwDUE5ymUH3aBXV2XHIsLFO1YTDLcQdoX1qYLxgB&id=lidar2&mcvt=1005&p=0,0,125,125&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20230308&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1383425135&rs=2&la=0&cr=0&vs=4&r=v&rst=1678604881367&rpt=625&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 12 Mar 2023 07:08:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A35D 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?KWmzwg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Sun, 12 Mar 2023 07:08:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6C1A 0
0 50ms
50ms Image
text/html 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230308&jk=338036817710251&bg=!vL-lv-vNAAZKh9k7aoc7ADkAdvg8WoXq9Bm_E63n_RNd5EP7qFPdd4pVAZwszNwcouRA40iGGBo8YOalVbGxo3J1hfqNGLZ0_1cCAAAAS1IAAAADaAEHmQLn1fHgS0kKkCMZHRAzSfvJygqjuzbDghOH9ChQONR7P9dKck57lYi6D3jZZkTOisyazScBxTsGD8Rab6lkzwyBOurP7kD5TQgNWC0VNmE57hhReTeXbMVgMFMkxUXO5l3L_eiXsRUP_AopNGj-UHgHHB4KUhlp3fPlPOwNxwgeLwA_LDhNNcDbCP8I27cgRZFIiDfez_qu4IXiAr-dOPO9kZ6riRLRnbI1s2n4UoXmKESUX4l1wN5GAO2mEtW_2lTEF4Pq6_bdUpUn6hR3VAMKPRJSHtUGWnBpgKGkq1Z6j4nBw74wYLhoJ0U2zpnjwJU3hZSPIwfEGQnclcZ_sEJtXkVl9PPnrEZoPH_VT6kbVRnTt9JurBl-7LZGfOOZLPPC24DqmSFyJAxGjKi0RKstOX-ScB3GUJolqCYgGpC8nickGwtGK4_t6Qr385qshZpC-FJGJVB1o7Ka7UCI3NKC6dK17O4f6XxOWBTaOD5ZLdzI6DQW577NHzWAzdtmzS2Yo9pO1MYD-jlnn9sb3tTqgtexJhV55smv6L5Y4TKBbnGlra-PmDc-lrpTMiNeUT7dnYZTEekSMW4F44xWQxiKMzGaUcigxwGDVQi8Pv_eGTb5R3V5QGBRh7-MdmBVrgRYNwOXGY129CYVTq7d3I39WIdIRd4EaDdrwcJUsbWAJu14fUxLZhR_KwhUQtrjwnrjtvvSL_y7cEN0ByfQYSVgbrCvwJ0NEgZcLSdIud18QirKO_8f1-YSHOzfp6h2AcasUnPEAz0VDz3TP91X5LTDFoUFojXtUtPLhY2QNS-bum8btTpW6y06mrEpOfZSXRgk3XDjFKefPfIH4GE9rh_5URQMBpefTeBOo8lV56GlGWsGUPtQCbOhqcfF7wMRRNKPBZbPQvcbSSZW6hJ-VSNABoeDlqfGgUaLQLF_YyJZ2VMoPJsS6ArcRA4MxllyUQ3PZZoVt0bxL25gGKEkgGl9qCj6sdsVwYI
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://leaksville.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s27.sitemeter.com
URL: http://s27.sitemeter.com/js/counter.js?site=s27leaksville

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.leaksville.com/	1970-01-20 19:52:44	Name: _ga Value: GA1.2.1408185938.1678604881
.leaksville.com/	1970-01-20 10:18:11	Name: _gid Value: GA1.2.1389750848.1678604881
.leaksville.com/	1970-01-20 10:16:44	Name: _gat_gtag_UA_112361094_1 Value: 1
.leaksville.com/	1970-01-20 19:38:20	Name: __gads Value: ID=f1b5abe0942d445d-2254cfb94add0064:T=1678604881:RT=1678604881:S=ALNI_MY4md3hJKhQxnYdaoiVYZzdSQlMog
.leaksville.com/	1970-01-20 19:38:20	Name: __gpi Value: UID=00000bc3b46e0b68:T=1678604881:RT=1678604881:S=ALNI_MY_B-Gue9U5y2IBtGXST6C4kCYdLA
.doubleclick.net/	1970-01-20 19:38:20	Name: IDE Value: AHWqTUkclgmu4n4mgFrdjxA6IP4BzA03BrzKrien3qTOrCRzJoQ69zYSVwJtHhlicO8
.3lift.com/	1970-01-20 12:26:20	Name: tluid Value: 1796750169117443101098
.lijit.com/	1970-01-20 19:02:20	Name: ljt_reader Value: GS_srGZH6Vqw4RcVS76uMchm
.turn.com/	1970-01-20 14:35:56	Name: uid Value: 4215960456231372404
.everesttech.net/	1970-01-20 19:02:20	Name: everest_g_v2 Value: g_surferid~ZA16UgAAAqykiQAZ
.bidswitch.net/	1970-01-20 19:02:20	Name: tuuid Value: b309ed08-5c0d-473d-9504-309cfdbc1d5f
.bidswitch.net/	1970-01-20 19:02:20	Name: c Value: 1678604883
.bidswitch.net/	1970-01-20 19:02:20	Name: tuuid_lu Value: 1678604883
.casalemedia.com/	1970-01-20 19:02:20	Name: CMID Value: ZA16U6N3xA.QdaFI7BT0YwAA
.casalemedia.com/	1970-01-20 12:26:20	Name: CMPS Value: 2132
.casalemedia.com/	1970-01-20 12:26:20	Name: CMPRO Value: 2132
.tribalfusion.com/	1970-01-20 12:26:20	Name: ANON_ID Value: aKnsIHxNeTgBeZdwQMhEM7f8WfTPr6XrGWdkbv8oqNDVAb2P6E3UHHOHLta1If2gaVgDZbD4NtFbZadbjVVjrtgZbumy

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://s27.sitemeter.com/js/counter.js?site=s27leaksville Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: http://leaksville.com/_vti_bin/fpcount.exe/?Page=leaksville2.htm\|Image=0 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://www.tapatalk.com/groups/network54/Hide/Votelet/12098?javascript=on Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.turn.com
adservice.google.com
adservice.google.de
ap.lijit.com
cm.g.doubleclick.net
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
leaksville.com
network54.com
pagead2.googlesyndication.com
partner.googleadservices.com
r.turn.com
s.tribalfusion.com
s27.sitemeter.com
ssum-sec.casalemedia.com
static.doubleclick.net
stats.g.doubleclick.net
sync-tm.everesttech.net
tpc.googlesyndication.com
www.addfreestats.com
www.afsanalytics.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.tapatalk.com
x.bidswitch.net
s27.sitemeter.com
13.248.245.213
151.101.130.49
172.217.16.194
185.80.39.216
198.50.213.200
2001:4860:4802:34::178
2001:678:cb4:bbbb::11
216.52.2.16
2606:4700::6812:19ad
2606:4700::6812:400b
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2003
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::9b
3.123.72.57
34.231.80.95
64.138.196.132
0183343bbffe210081d0d47b09df056e5cd2c8e17f9fb6ceb81389925a9c3bb7
01e24191aa47b90c3ed7c7500a3c017b1979e98b10ed4f24171a633b1a1a9973
06d8b1b0182cf90218df80b8c3f6705b1298edcaf9285b7e393ba3dc9c4f0002
0927620e10d5756326ba1e8aef5133342a49d1a3df6d6b9dec0e2e3c6e75a4a8
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
137d538a567e629997e6fa231717360e92046b1197ee812c092a7b950653074c
1e2a507d4d20148cf13ba43ccc31015d33d2199c1052a10e7bd1977c43826bbf
1ee502aab815b05c16314aa25dd1734649d71871243283eb3b7b996bba7647e7
2bc1679d7d5178fe331d3f0e54d967bf9e03f26cad89a8e8596f95e0a1a67542
2d78ecf4cbb331f3a777cee8ecd1a4477164787b07e3aa9a3590dab594c696c9
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
4126ffde4b9e571b1c3e55b45a7e9596e139ad2de1bdbfe851a2e2b2c7da7f38
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
51f0cd79098242438105cf6fc8751040708a6a975432423ec77059706c3a91fe
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b308a83c6a6454dd08a5401c12e8b02a014cc03a2d5c1334b7b1cafad4bb9f
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59781bfd842c07107a1e18b66504a24b98225e6d74517db1780480f6d226e1e2
5eff639be375fedecad40979f41d69f292335721fcc20ea1b65260a3a797ef8d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67efa092b7a5d5f4a53a42902e0f5d9bfe62e806c39938c584e53908ac160374
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c95fae81c74bcffbf17e425b12ade6b9a510178a5fc66ddfaeee0d0db76c5c5
6d73702438b0b1623b204df6074450107a7fa6cf05490fb9c2118e3b1da9bf10
6de65287f801364eee90cdc4f20360a56c22b90cfd1df7c3c3e815694034de73
73204fb3ea10a235495da7716e88a8a4790e0aa8ae70541b795438a98b97e220
74dba6d490057f7d7368576922b913e21e5377dd951af3970155f45aadd6daef
77a5a7acf9b5ec1424d85fa410ca60504d7cd7030ee9c859bb9b94a183dc31e4
7eaad02977db7fb49d7605dc47112223121088d2e5985650c6b62825883e6249
80c3fe2ae1062abf56456f52518bd670f9ec3917b7f85e152b347ac6b6faf880
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
885ca4e8ddfd019f10c0b318989590cff2b7b4e20acb128c2388dd13586431a2
94f2d65c29680e0e94f04aa9a2a9e1877786edaf8013029bf260217a0a5ee2ca
9942386a5dedcb3c5b4f31377c41cf45d3bc913fc94d2d2b3f8bb7866e030f80
9a64134fb287b3e21b6b6d7910da0c2190473e20fb5d0e09fbc3d3de7becdd96
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ad43eec03d76e5428c54dcc5d2f253d4b6d75e978b7faff3c5d1846a7dabc59
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aac252443f770c78ae8acf0e8c9af91efc98a13d8e39ab0eb5ccea4299598506
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
b42ec632fc462befd9c5cfceac1f89a360b36519b47c554828d5f7cb6afceaac
b4d5bf95e371c78da9d86511bf14c5a6efa789c968441db0f1a3dce574bfdaa5
ba44198fac9bb869a6a16f255b69ec97cbdcb0acf1080f1f2395da7fc00f9e36
bd737128739f334c285183cc95550cfec9072f536efae7baaf974b4252b992e0
c34233f89867febd3e986af128a0f680973f63f27b1ae32f347f90b60d93ab7f
c40e47b987fd150d74973122bc64cd4121df544f21984ac0b6ef94b801cdf45e
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
d9a37718d738b979bc2192e1175c419db8160ddd4f8490c0d2fdc8bd3b755924
daa795332e5dbcf893adf2d5f3349f02b8c1cb957ff3b5f4c11b742e33c3376f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41caae174108db2b9d3947eb5cbc348c5e431a00f272917ea10cf2830ffb3c0
e45fd1bfd4e9faa44d111f64bef4ccea9e66b10fb0a957d91019ac033b7c22c0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e5e5b556211ac8c15281f4237962498c6c75386a3ce3d38fa8cac50eb00c3ad9
e8fdbf65595c0437ff7e5d3f3d13c4967623e1bdbd9148d7efef65f504fd63df
ec6cd135849ea937b3f62793fe3b583f8a1ca7e1989e82eba6f5e91556abdac4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

leaksville.com Open in urlscan Pro 64.138.196.132 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

89 Requests

64 %HTTPS

67 %IPv6

23 Domains

31 Subdomains

22 IPs

5 Countries

989 kBTransfer

2433 kBSize

17 Cookies

0 Outgoing links

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

leaksville.com Open in urlscan Pro
64.138.196.132 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

64 %
HTTPS

67 %
IPv6

23
Domains

31
Subdomains

22
IPs

5
Countries

989 kB
Transfer

2433 kB
Size

17
Cookies

89 HTTP transactions
2 data transactions