URL: https://deletescape.ch/posts/how-to-leak-all-user-data/
Submission: On July 28 via manual from US — Scanned from US

Summary

This website contacted 4 IPs in 2 countries across 4 domains to perform 8 HTTP transactions. The main IP is 104.198.14.52, located in The Dalles, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is deletescape.ch.
TLS certificate: Issued by R3 on June 7th 2023. Valid for: 3 months.
This is the only time deletescape.ch was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.198.14.52 396982 (GOOGLE-CL...)
5 108.139.46.97 16509 (AMAZON-02)
1 2a02:6ea0:c45... 60068 (CDN77 ^_^)
1 185.165.243.110 49981 (WORLDSTREAM)
8 4
Apex Domain
Subdomains
Transfer
5 cloudfront.net
d33wubrfki0l68.cloudfront.net
2 MB
1 simpleanalyticscdn.com
queue.simpleanalyticscdn.com — Cisco Umbrella Rank: 54371
429 B
1 simpleanalytics.io
cdn.simpleanalytics.io — Cisco Umbrella Rank: 939340
5 KB
1 deletescape.ch
deletescape.ch
9 KB
8 4
Domain Requested by
5 d33wubrfki0l68.cloudfront.net deletescape.ch
1 queue.simpleanalyticscdn.com deletescape.ch
1 cdn.simpleanalytics.io deletescape.ch
1 deletescape.ch
8 4

This site contains links to these domains. Also see Links.

Domain
github.com
shodan.io
play.google.com
risk.lexisnexis.com
notbird.site
t.me
www.linkedin.com
Subject Issuer Validity Valid
deletescape.ch
R3
2023-06-07 -
2023-09-05
3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01
2022-12-08 -
2023-12-07
a year crt.sh
cdn.simpleanalytics.io
R3
2023-07-17 -
2023-10-15
3 months crt.sh
api.simpleanalytics.io
R3
2023-07-27 -
2023-10-25
3 months crt.sh

This page contains 1 frames:

Primary Page: https://deletescape.ch/posts/how-to-leak-all-user-data/
Frame ID: 9572F0040209CA5A27A22AF21334C1B3
Requests: 8 HTTP requests in this frame

Screenshot

Page Title

Debugging in prod: Maximizing user attack surface - deletescape

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel="amphtml"

Page Statistics

8
Requests

100 %
HTTPS

25 %
IPv6

4
Domains

4
Subdomains

4
IPs

2
Countries

2315 kB
Transfer

2332 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
deletescape.ch/posts/how-to-leak-all-user-data/
26 KB
9 KB
Document
General
Full URL
https://deletescape.ch/posts/how-to-leak-all-user-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.198.14.52 The Dalles, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
52.14.198.104.bc.googleusercontent.com
Software
Netlify /
Resource Hash
86e82a784df2c2b82167c14da8ccf7feba8a1c3a68d8e2569fb45e22ff3cf72b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=UTF-8
date
Fri, 28 Jul 2023 14:14:55 GMT
etag
"9b83e64e06dcbf555dc3de1e144268d5-ssl-df"
server
Netlify
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-nf-request-id
01H6EDMFDWCP6ZGXN34G3PS9KV
data-better-idea.jpg
d33wubrfki0l68.cloudfront.net/5734e78dd0b6801afabd1303dcfcfb1f58e6d3db/612b2/assets/images/
2 MB
2 MB
Image
General
Full URL
https://d33wubrfki0l68.cloudfront.net/5734e78dd0b6801afabd1303dcfcfb1f58e6d3db/612b2/assets/images/data-better-idea.jpg
Requested by
Host: deletescape.ch
URL: https://deletescape.ch/posts/how-to-leak-all-user-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.46.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-46-97.jfk50.r.cloudfront.net
Software
Netlify /
Resource Hash
aff89141c18e4b203667b5d5869fd5aecc960ea313c3799f4c7723643467a474
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deletescape.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H6EDM0VZKM2ZG6ZBMR2K7Z1T
date
Fri, 28 Jul 2023 14:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
JFK50-P1
age
15
etag
eadbf59d9198adaad44628ad5b43dc62045905cc
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
content-length
1605824
x-amz-cf-id
gX33vwYE8uEesXBjGoSe6SC84IRnbTdpZe6B-FIV2i8Y1qOj4gjz-Q==
debugdb.png
d33wubrfki0l68.cloudfront.net/35da27e0118c958fddef1bced8e32b0f5bb241b2/af47d/assets/images/
399 KB
400 KB
Image
General
Full URL
https://d33wubrfki0l68.cloudfront.net/35da27e0118c958fddef1bced8e32b0f5bb241b2/af47d/assets/images/debugdb.png
Requested by
Host: deletescape.ch
URL: https://deletescape.ch/posts/how-to-leak-all-user-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.46.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-46-97.jfk50.r.cloudfront.net
Software
Netlify /
Resource Hash
1bc0c2366004d9f6af2173783accceb4e44a5a7867bfe50804bfe46069f936bc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deletescape.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H6EDM0TR6069RYDZGCQMJW4H
date
Fri, 28 Jul 2023 14:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
JFK50-P1
age
15
etag
88a05d0cc57504784274b82bb661dd777681c6dd
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
content-length
408436
x-amz-cf-id
6KWP9hQSp0PkxqQXftXt-6WCzv7q8beup_fv1ONWZR4oCBPJhe6Vmw==
debug-db-shodan.jpg
d33wubrfki0l68.cloudfront.net/bcf704d92865d4fc1e45a48d9c7d5087617d3dbd/d4260/assets/images/
185 KB
185 KB
Image
General
Full URL
https://d33wubrfki0l68.cloudfront.net/bcf704d92865d4fc1e45a48d9c7d5087617d3dbd/d4260/assets/images/debug-db-shodan.jpg
Requested by
Host: deletescape.ch
URL: https://deletescape.ch/posts/how-to-leak-all-user-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.46.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-46-97.jfk50.r.cloudfront.net
Software
Netlify /
Resource Hash
9f95eec072f362a15505d086c3de4a8e8feb9dbbe24a77eaf6628e18416a34da
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deletescape.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H6EDM0W12N98N0B9ZTSR2GKE
date
Fri, 28 Jul 2023 14:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
JFK50-P1
age
15
etag
c68182b61f9992101335bc1d98079276f3b2044a
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
content-length
188988
x-amz-cf-id
z627sgsewUgXQN7zKkTb32fvdsNufxc4t1cFikKnEKiEq0kNgNSPew==
debugdb-sensitive-example.png
d33wubrfki0l68.cloudfront.net/35ca9711c01fef307f22001bf605f5202b568e02/3b63e/assets/images/
144 KB
144 KB
Image
General
Full URL
https://d33wubrfki0l68.cloudfront.net/35ca9711c01fef307f22001bf605f5202b568e02/3b63e/assets/images/debugdb-sensitive-example.png
Requested by
Host: deletescape.ch
URL: https://deletescape.ch/posts/how-to-leak-all-user-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.46.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-46-97.jfk50.r.cloudfront.net
Software
Netlify /
Resource Hash
e66fa5a2a2bcfaeaab9e1186961164df74ff17da791239eba4339eee18624d82
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deletescape.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H6EDM0W7D7G4YWKBX44PJVA1
date
Fri, 28 Jul 2023 14:14:40 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
via
1.1 1d2861d9b6c0fd303c8b7539b394c190.cloudfront.net (CloudFront)
server
Netlify
x-amz-cf-pop
JFK50-P1
age
15
etag
896951cd7dc9da7c222e1d7d56352683649652ba
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
content-length
147164
x-amz-cf-id
2WE0O0-ciji4RiExqGCSEDMO4VDjDz6RnhDto5M5bJg6MjnNGcYIuQ==
instant.page.js
d33wubrfki0l68.cloudfront.net/js/c78e50ba19388e0cb9b8057726d040930cbe0791/assets/js/
3 KB
1 KB
Script
General
Full URL
https://d33wubrfki0l68.cloudfront.net/js/c78e50ba19388e0cb9b8057726d040930cbe0791/assets/js/instant.page.js
Requested by
Host: deletescape.ch
URL: https://deletescape.ch/posts/how-to-leak-all-user-data/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.139.46.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-139-46-97.jfk50.r.cloudfront.net
Software
Netlify /
Resource Hash
82c6b801576aa9ee7c309bcc43943f6ae97845478117d9e931a762a3a1d3b530
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://deletescape.ch/
Origin
https://deletescape.ch
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

x-nf-request-id
01H5FY0T4PYGXZNEDZB3AG2R3D
date
Sun, 16 Jul 2023 18:04:49 GMT
content-encoding
gzip
via
1.1 dedf8f82a63be28fe4cc799f6c4bfc08.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-amz-cf-pop
JFK50-P1
age
1023006
x-cache
Hit from cloudfront
content-length
899
server
Netlify
etag
1058d4c3a8bda6d85f070febe8189365cc67f25f-df
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=31556926
accept-ranges
bytes
x-amz-cf-id
-tjcGOCJyltHqKDqvgKm0LUwJ8hlaaWUGMzFaxxVQWCoY8-4E9DFLA==
hello.js
cdn.simpleanalytics.io/
7 KB
5 KB
Script
General
Full URL
https://cdn.simpleanalytics.io/hello.js
Requested by
Host: deletescape.ch
URL: https://deletescape.ch/posts/how-to-leak-all-user-data/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c454::1 New York, United States, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
BunnyCDN-NY1-885 /
Resource Hash
5fe6e91dd5ff9f0f8e23bde2097f4ab38abf330a41c5748cd2be245bcbb740fc

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deletescape.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

date
Fri, 28 Jul 2023 14:14:55 GMT
content-encoding
br
cdn-edgestorageid
885
cdn-storageserver
LA-457
cdn-cachedat
05/03/2023 16:16:27
cdn-pullzone
103822
last-modified
Wed, 03 May 2023 16:16:26 GMT
server
BunnyCDN-NY1-885
cdn-fileserver
579
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"645288da-1d54"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
621ef7c8-45de-46e4-8237-2eca0c3a2d75
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=604800
simple-analytics
true
cdn-requestid
e875cba2ad010d3bdb85af78aac952e1
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
simple.gif
queue.simpleanalyticscdn.com/
43 B
429 B
Image
General
Full URL
https://queue.simpleanalyticscdn.com/simple.gif?version=cdn_hello_11&hostname=deletescape.ch&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.110%20Safari%2F537.36&https=true&timezone=Etc%2FUnknown&page_id=5bd3b89c-af6e-4b7c-84c9-8ec7b808d511&session_id=5b5c4926-3430-4f93-8c94-d689efe6dfa0&sri=false&mobile=false&brands=%5B%5D&os_name=&os_version=&path=%2Fposts%2Fhow-to-leak-all-user-data%2F&viewport_width=1600&viewport_height=1200&language=en-US&screen_width=1600&screen_height=1200&unique=true&id=5bd3b89c-af6e-4b7c-84c9-8ec7b808d511&type=pageview&time=1690553695922
Requested by
Host: deletescape.ch
URL: https://deletescape.ch/posts/how-to-leak-all-user-data/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.165.243.110 Naaldwijk, Netherlands, ASN49981 (WORLDSTREAM, NL),
Reverse DNS
185-165-243-110.hosted-by-worldstream.net
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-US,en;q=0.9
Referer
https://deletescape.ch/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.110 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 28 Jul 2023 14:14:56 GMT
Simple-Analytics-Feedback
Thanks for sending this page view!
Simple-Analytics-Location
"Amsterdam Worldstream 01"
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
43
Expires
0

Verdicts & Comments Add Verdict or Comment

3 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| sa_event_loaded boolean| sa_loaded function| sa_event

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000