incognitusvpn.ninja Open in urlscan Pro
2606:4700:3030::6812:3e35  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response incognitusvpn.ninja/	36 KB 8 KB	100ms 72ms	Document text/html	2606:4700:3030::6812:3e35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://incognitusvpn.ninja/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:3e35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ed66fd1280dd6a45ed504a173c9917ef229e2f531d420e7587e3684cc0a9482a Request headers :method GET :authority incognitusvpn.ninja :scheme https :path / pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers status 200 date Sat, 29 Aug 2020 02:39:14 GMT content-type text/html; charset=UTF-8 set-cookie __cfduid=df6253f504aefa54f4af5eb21c36eacd71598668754; expires=Mon, 28-Sep-20 02:39:14 GMT; path=/; domain=.incognitusvpn.ninja; HttpOnly; SameSite=Lax cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 expires Mon, 26 Jul 1997 05:00:00 GMT last-modified Sat, 29 Aug 2020 02:39:14 GMT pragma no-cache vary Accept-Encoding x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_BJEYzs9IN4QjD4Jn42ggHe1GlfeWQx/hym2lOiA+6oQAfx2Sz0Av5RQ4Z+W8OknjwYbSYB702uaj0ecGFGkQNw== x-cache-miss-from parking-5d594b578b-xv6qx cf-cache-status DYNAMIC cf-request-id 04d9ae661800001f21f99ba200000001 expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" server cloudflare cf-ray 5ca2e6835c5b1f21-FRA content-encoding br
GET H2	200	jquery-1.4.2.min.js Show response img.sedoparking.com/js/	52 KB 27 KB	150ms 49ms	Script application/x-javascript	205.234.175.175 SERVERCENTRAL
General Check archive.org Show headers Download Go to Full URL https://img.sedoparking.com/js/jquery-1.4.2.min.js Requested by Host: incognitusvpn.ninja URL: https://incognitusvpn.ninja/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS vip1.G-anycast1.cachefly.net Software CFS 0215 / Resource Hash e186f74c971a978c1daf20bb51a1b71bcb075d8d09d678ee1d12665c136b1487 Request headers Referer https://incognitusvpn.ninja/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:14 GMT content-encoding gzip x-cf3 H cf4ttl 31536000.000 x-cfhash "0d658c3f0a7efaa05a6fcee9758231b3" x-cf1 11696:fC.fra2:cf:cacheN.fra2-01:H status 200 content-length 26742 x-cf-tsc 1575156882 x-cf2 H last-modified Thu, 28 Jun 2018 13:09:28 GMT server CFS 0215 x-cff B vary Accept-Encoding content-type application/x-javascript access-control-allow-origin * cache-control max-age=86400 cf4age 389 accept-ranges bytes expires Sun, 30 Aug 2020 02:39:14 GMT
GET H2	200	caf.js Show response www.google.com/adsense/domains/	170 KB 60 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:81b::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/adsense/domains/caf.js Requested by Host: incognitusvpn.ninja URL: https://incognitusvpn.ninja/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e29049383033d41e3383fa42078c33687f9de7d751c8a58bb990f3c532155326 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://incognitusvpn.ninja/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:14 GMT content-encoding gzip x-content-type-options nosniff server sffe etag "13255193173581158392" vary Accept-Encoding content-type text/javascript; charset=UTF-8 status 200 cache-control private, max-age=3600 accept-ranges bytes alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 expires Sat, 29 Aug 2020 02:39:14 GMT
GET H2	200	logo_white.png img.sedoparking.com/templates/brick_gfx/common/	2 KB 3 KB	116ms 49ms	Image image/png	205.234.175.175 SERVERCENTRAL
General Check archive.org Show headers Download Go to Show image Full URL https://img.sedoparking.com/templates/brick_gfx/common/logo_white.png Requested by Host: incognitusvpn.ninja URL: https://incognitusvpn.ninja/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US), Reverse DNS vip1.G-anycast1.cachefly.net Software CFS 0215 / Resource Hash c2bf172feef4965b1e8251052062b1f26dd97a240399b3c51ff0f5160127760d Request headers Referer https://incognitusvpn.ninja/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:14 GMT x-cf3 M cf4ttl 31536000.000 x-cfhash "39b0a05252eea66e96c606ee3a957756" xkey-type image/png x-cf1 11696:fC.fra2:cf:cacheN.fra2-01:H status 200 content-length 2237 x-cf-tsc 1571312429 x-cf2 H last-modified Thu, 28 Jun 2018 13:09:28 GMT server CFS 0215 x-cff B content-type image/png access-control-allow-origin * cache-control max-age=604800 cf4age 0 accept-ranges bytes expires Sat, 05 Sep 2020 02:39:14 GMT
GET H3-Q050	200	iframe.html www.google.com/afs/ads/i/ Frame A60E	0 0	14ms 14ms	Document text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/afs/ads/i/iframe.html Requested by Host: www.google.com URL: https://www.google.com/adsense/domains/caf.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'nonce-DAVOQ90mTg8xq5la_c7SZw' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.google.com :scheme https :path /afs/ads/i/iframe.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://incognitusvpn.ninja/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://incognitusvpn.ninja/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-type text/html content-security-policy script-src 'nonce-DAVOQ90mTg8xq5la_c7SZw' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none' content-length 642 date Sat, 29 Aug 2020 02:39:14 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate last-modified Mon, 25 May 2020 08:30:00 GMT x-content-type-options nosniff content-encoding gzip server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET		ads www.google.com/dp/ Frame 5E32	0 0
GET H2	200	tsc.php Show response incognitusvpn.ninja/search/	36 KB 7 KB	57ms 57ms	XHR text/html	2606:4700:3030::6812:3e35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://incognitusvpn.ninja/search/tsc.php?200=MzYyMjAwOTEy&21=MTYyLjE1OC45NC44Mw==&681=MTU5ODY2ODc1NDVkNjE1NDAzMGE0MjVmY2QxMmJlNTAzZDA4MzVlYjQ2&crc=600712122bc182171c5d146042560346a8444b5a&cv=1 Requested by Host: incognitusvpn.ninja URL: https://incognitusvpn.ninja/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:3e35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acebda0378ddd4271e17adc2ba3b0061cc1e2c9390171a248fe38b8114dff1c3 Request headers Accept */* Referer https://incognitusvpn.ninja/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:14 GMT content-encoding br cf-cache-status DYNAMIC x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_BJEYzs9IN4QjD4Jn42ggHe1GlfeWQx/hym2lOiA+6oQAfx2Sz0Av5RQ4Z+W8OknjwYbSYB702uaj0ecGFGkQNw== status 200 cf-request-id 04d9ae676700001f21f99c5200000001 x-cache-miss-from parking-5d594b578b-jbd8p pragma no-cache last-modified Sat, 29 Aug 2020 02:39:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5ca2e6857eff1f21-FRA expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3-Q050	200	iframe.html www.google.com/afs/ads/i/ Frame 4F30	0 0	15ms 14ms	Document text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/afs/ads/i/iframe.html Requested by Host: www.google.com URL: https://www.google.com/adsense/domains/caf.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'nonce-gtEL8xOl9AyIyt2_Qbdx7A' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers :method GET :authority www.google.com :scheme https :path /afs/ads/i/iframe.html pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://incognitusvpn.ninja/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://incognitusvpn.ninja/ Response headers status 200 accept-ranges bytes vary Accept-Encoding content-type text/html content-security-policy script-src 'nonce-gtEL8xOl9AyIyt2_Qbdx7A' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui; base-uri 'none' content-length 639 date Sat, 29 Aug 2020 02:39:14 GMT pragma no-cache expires Fri, 01 Jan 1990 00:00:00 GMT cache-control no-cache, must-revalidate last-modified Mon, 25 May 2020 08:30:00 GMT x-content-type-options nosniff content-encoding gzip server sffe x-xss-protection 0 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H3-Q050	200	ads www.google.com/dp/ Frame 6CBC	0 0	78ms 78ms	Document text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/dp/ads?r=m&cpp=0&client=dp-sedo81_3ph&channel=exp-0051%2Cauxa-control-1%2C3632559&hl=de&adtest=off&adsafe=low&type=3&swp=as-drid-2362604596027056&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300169%2C17300171%2C17300242%2C17300251%2C17300253&format=r10%7Cs&num=0&output=afd_ads&domain_name=incognitusvpn.ninja&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1598668754809&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=566&frm=0&uio=sl1sr1-st24sa18lt45-&cont=rlblock_center&csize=w1410h52&inames=master-2&jsv=13892&rurl=https%3A%2F%2Fincognitusvpn.ninja%2F Requested by Host: www.google.com URL: https://www.google.com/adsense/domains/caf.js Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash Security Headers Name Value X-Xss-Protection 0 Request headers :method GET :authority www.google.com :scheme https :path /dp/ads?r=m&cpp=0&client=dp-sedo81_3ph&channel=exp-0051%2Cauxa-control-1%2C3632559&hl=de&adtest=off&adsafe=low&type=3&swp=as-drid-2362604596027056&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300169%2C17300171%2C17300242%2C17300251%2C17300253&format=r10%7Cs&num=0&output=afd_ads&domain_name=incognitusvpn.ninja&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1598668754809&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=566&frm=0&uio=sl1sr1-st24sa18lt45-&cont=rlblock_center&csize=w1410h52&inames=master-2&jsv=13892&rurl=https%3A%2F%2Fincognitusvpn.ninja%2F pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://incognitusvpn.ninja/ accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Referer https://incognitusvpn.ninja/ Response headers status 200 content-type text/html; charset=UTF-8 content-disposition inline date Sat, 29 Aug 2020 02:39:14 GMT expires Sat, 29 Aug 2020 02:39:14 GMT cache-control private, max-age=3600 p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." content-encoding br server gws content-length 6930 x-xss-protection 0 set-cookie 1P_JAR=2020-08-29-02; expires=Mon, 28-Sep-2020 02:39:14 GMT; path=/; domain=.google.com; Secure; SameSite=none NID=204=H2FDb5TvcoYOk_s7-TzLxBxB2dfwZfNPGs5Ejdj6nSl7F2j6l5Sl31v7rW8vvpCJsb6019yNHu-MIknDpSEHx2bztg7penbs_lVYrijAUQeMzQLAAk6-7efIZZwnMQSn8Z_rRIUvZWquC2hLvABxfpXwIfQ_1hmc0oFkA9eF4dA; expires=Sun, 28-Feb-2021 02:39:14 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none CONSENT=WP.28a7ff; expires=Fri, 01-Jan-2038 00:00:00 GMT; path=/; domain=.google.com alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
GET H2	200	tsc.php Show response incognitusvpn.ninja/search/	36 KB 7 KB	61ms 60ms	XHR text/html	2606:4700:3030::6812:3e35 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://incognitusvpn.ninja/search/tsc.php?200=MzYyMjAwOTEy&21=MTYyLjE1OC45NC44Mw==&681=MTU5ODY2ODc1NDlhZTEzMmU4NTNhNDEyZjk0ZTNkZGJkMzUxYzc4MzBm&crc=a55c5e34bc76ac484f9f90a97427026fd8d08a97&cv=1 Requested by Host: incognitusvpn.ninja URL: https://incognitusvpn.ninja/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3030::6812:3e35 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 102956fc64e7bd2fb4418e3895d517ca05478d104ca4234e65f3af25b1207757 Request headers Accept */* Referer https://incognitusvpn.ninja/ X-Requested-With XMLHttpRequest User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:14 GMT content-encoding br cf-cache-status DYNAMIC x-adblock-key MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANnylWw2vLY4hUn9w06zQKbhKBfvjFUCsdFlb6TdQhxb9RXWXuI4t31c+o8fYOv/s8q1LGPga3DE1L/tHU4LENMCAwEAAQ==_BJEYzs9IN4QjD4Jn42ggHe1GlfeWQx/hym2lOiA+6oQAfx2Sz0Av5RQ4Z+W8OknjwYbSYB702uaj0ecGFGkQNw== status 200 cf-request-id 04d9ae677f00001f21f99c6200000001 x-cache-miss-from parking-5d594b578b-xv6qx pragma no-cache last-modified Sat, 29 Aug 2020 02:39:14 GMT server cloudflare expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate, post-check=0, pre-check=0 cf-ray 5ca2e6859f251f21-FRA expires Mon, 26 Jul 1997 05:00:00 GMT
GET H3-Q050	204	gen_204 www.google.com/afs/	0 172 B	25ms 24ms	Image text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/afs/gen_204?client=dp-sedo81_3ph&output=uds_ads_only&zx=dovqed1idopa&aqid=0r9JX5HxM9DE3wPdyYDQBw&pbt=bs&adbx=320&adby=120&adbh=291&adbw=1120&adbn=master-2&eawp=partner-dp-sedo81_3ph&errv=13892568775606634356&csadii=6&csadr=225&pblt=1&lle=0&llm=2000&ifv=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://incognitusvpn.ninja/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:16 GMT server gws x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." status 204 content-type text/html; charset=ISO-8859-1 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-Q050	204	gen_204 www.google.com/afs/	0 20 B	25ms 25ms	Image text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/afs/gen_204?client=dp-sedo81_3ph&output=uds_ads_only&zx=ydvu27195tjd&pbt=bs&adbx=1290&adby=518&adbh=20&adbw=300&adbn=slave-1-2&eawp=partner-dp-sedo81_3ph&errv=13892568775606634356&csadii=2&csadr=230&pblt=1&lle=0&llm=2000&ifv=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://incognitusvpn.ninja/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:16 GMT server gws x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." status 204 content-type text/html; charset=ISO-8859-1 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-Q050	204	gen_204 www.google.com/afs/	0 125 B	26ms 25ms	Image text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/afs/gen_204?client=dp-sedo81_3ph&output=uds_ads_only&zx=m0k00gash2i3&aqid=0r9JX5HxM9DE3wPdyYDQBw&pbt=bv&adbx=320&adby=120&adbh=291&adbw=1120&adbn=master-2&eawp=partner-dp-sedo81_3ph&errv=13892568775606634356&csadii=6&csadr=225&pblt=1&lle=0&llm=2000&ifv=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://incognitusvpn.ninja/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:17 GMT server gws x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." status 204 content-type text/html; charset=ISO-8859-1 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0
GET H3-Q050	204	gen_204 www.google.com/afs/	0 20 B	26ms 26ms	Image text/html	2a00:1450:4001:824::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/afs/gen_204?client=dp-sedo81_3ph&output=uds_ads_only&zx=t6ldgxl3p646&pbt=bv&adbx=1290&adby=518&adbh=20&adbw=300&adbn=slave-1-2&eawp=partner-dp-sedo81_3ph&errv=13892568775606634356&csadii=2&csadr=230&pblt=1&lle=0&llm=2000&ifv=1 Protocol H3-Q050 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:824::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software gws / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers Referer https://incognitusvpn.ninja/ User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 Response headers date Sat, 29 Aug 2020 02:39:17 GMT server gws x-frame-options SAMEORIGIN p3p CP="This is not a P3P policy! See g.co/p3phelp for more info." status 204 content-type text/html; charset=ISO-8859-1 alt-svc h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 0 x-xss-protection 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

www.google.com

URL

https://www.google.com/dp/ads?r=m&cpp=0&client=dp-sedo81_3ph&channel=exp-0051%2Cauxa-control-1%2C3632559&hl=de&adtest=off&adsafe=low&type=3&swp=as-drid-2362604596027056&uiopt=true&oe=UTF-8&ie=UTF-8&fexp=21404%2C17300169%2C17300171%2C17300242%2C17300251%2C17300253&format=r10%7Cs&num=0&output=afd_ads&domain_name=incognitusvpn.ninja&v=3&adext=as1%2Csr1&bsl=8&u_his=2&u_tz=120&dt=1598668754773&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=294&frm=0&uio=sl1sr1-st24sa18lt45-&cont=rlblock_center&csize=w1410h74&inames=master-1&jsv=13892&rurl=https%3A%2F%2Fincognitusvpn.ninja%2F

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes function| $ function| jQuery string| ads_label string| onclick_param_l string| onclick_value_l string| onclick_value_al string| onclick_param_v string| onclick_value_v string| onclick_param_p string| onclick_param_r string| fb string| fb_csa string| fb_csb string| fb_ec string| ds string| did string| pu string| pus string| phl string| ut number| tlt number| prs string| warl string| wapi string| waac boolean| wabc boolean| dsb string| alternatePubId object| pdto number| googleNDT_ string| _googCsaExpIds number| _googCsaAlwaysHttps number| _googEnableCcpa number| _googEnableTcf number| _enableLazyLoading number| _googEnableQup number| _googLazyLoadingRootMargin number| _googTcfApiTimeout number| _googUspApiTimeout number| googleAltLoader object| google object| cafEl function| createCaf number| start function| buildBlocks

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-19 16:27:59	Name: NID Value: 204=H2FDb5TvcoYOk_s7-TzLxBxB2dfwZfNPGs5Ejdj6nSl7F2j6l5Sl31v7rW8vvpCJsb6019yNHu-MIknDpSEHx2bztg7penbs_lVYrijAUQeMzQLAAk6-7efIZZwnMQSn8Z_rRIUvZWquC2hLvABxfpXwIfQ_1hmc0oFkA9eF4dA
			.google.com/	1970-01-19 12:47:40	Name: 1P_JAR Value: 2020-08-29-02
			.incognitusvpn.ninja/	1970-01-19 12:47:40	Name: __cfduid Value: df6253f504aefa54f4af5eb21c36eacd71598668754

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

img.sedoparking.com
incognitusvpn.ninja
www.google.com
www.google.com
205.234.175.175
2606:4700:3030::6812:3e35
2a00:1450:4001:81b::2004
2a00:1450:4001:824::2004
102956fc64e7bd2fb4418e3895d517ca05478d104ca4234e65f3af25b1207757
acebda0378ddd4271e17adc2ba3b0061cc1e2c9390171a248fe38b8114dff1c3
c2bf172feef4965b1e8251052062b1f26dd97a240399b3c51ff0f5160127760d
e186f74c971a978c1daf20bb51a1b71bcb075d8d09d678ee1d12665c136b1487
e29049383033d41e3383fa42078c33687f9de7d751c8a58bb990f3c532155326
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ed66fd1280dd6a45ed504a173c9917ef229e2f531d420e7587e3684cc0a9482a