Report - launcherleaks.net/file/12769-mustang-gt-wafflez/

Report Overview

Submitted URL
launcherleaks.net/file/12769-mustang-gt-wafflez/
IP
104.21.10.110
ASN
#13335 CLOUDFLARENET
Submitted
2024-05-09 02:26:30
Access
public
Website Title
Mustang GT - Wafflez - Vehicles - LauncherLeaks.net
Final URL
launcherleaks.net/file/12769-mustang-gt-wafflez/
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
102

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
launcherleaks.net	unknown	2024-03-08	2021-05-27	2024-04-18	30 kB	13 MB	104.21.10.110
code.jquery.com	634	2005-12-10	2012-05-21	2024-05-08	411 B	32 kB	151.101.2.137
i.gyazo.com	72426	2007-08-31	2014-03-14	2024-05-08	445 B	158 kB	104.18.24.163
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2024-05-08	411 B	22 kB	151.101.65.229
use.fontawesome.com	942	2012-10-18	2017-01-30	2024-05-07	3.0 kB	616 kB	172.67.142.245
fonts.gstatic.com	unknown	2008-02-11	2014-09-09	2024-05-08	2.1 kB	190 kB	216.58.207.227
i.imgur.com	5110	2009-01-09	2012-05-21	2024-05-08	844 B	1.8 MB	151.101.236.193
i.gifer.com	37112	2003-04-27	2018-03-26	2024-04-21	420 B	366 B	0.0.0.0
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2024-05-07	468 B	13 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed
2024-05-09	medium	launcherleaks.net	Sinkholed

ThreatFox

No alerts detected

JavaScript (27)

	URL	Size	First Seen	Last Seen
	unknown	164 B	2023-04-14	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 06:36:23 Last Seen2024-05-20 01:04:14 Times Seen300 Hash b750e6c6113e9f8c308d46e706440977 d594ae97a1ff12e12846a8fc62dc153d45223b7f 1f833e4732eb802ef961cf2b0dc34fc95839c03054c4a5bec0a541b4f062a487 Loading...

	unknown	877 B	2024-05-07	2024-05-09
Pretty Introduced by domTimer Embedded in HTML false Observations First Seen2024-05-07 21:34:47 Last Seen2024-05-09 06:53:37 Times Seen4 Hash 0fbd16355d3227742ca5c735403273ab dd24e9345c5c41f209aa447cd389864e127b2417 ebe1a48ff7d03181a2b6b9f6b75b761188b74a4648c7ce04227648b48ed678a5 Loading...

	launcherleaks.net/uploads/javascript_global/root_front.js?v=f71abd72281715218813	105 kB	2024-05-07	2024-05-20
Pretty URL launcherleaks.net/uploads/javascript_global/root_front.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:34:36 Last Seen2024-05-20 01:04:14 Times Seen31 Hash 6e01bd7e0c52534ffbac351178db9e8e fe8fab060ac244b1d09bb18e621d72646e59f55e bfc743c8d846e46e5ed124a9e25eee9a63bbf98cd332650fb1eb13ae6e7220cd Loading...

	unknown	17 kB	2024-04-26	2024-05-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 00:57:30 Last Seen2024-05-20 01:04:14 Times Seen39 Hash 9e272c457e8ec0e369564c580ef9f882 007f62cf572d4c263b245ce6174989675fb5a9fc a4156775c0f3a08ac4489f72566dd73853c7566c3e75e083d2d0acbf72acdbae Loading...

	launcherleaks.net/file/12769-mustang-gt-wafflez/	754 B	2023-09-29	2024-05-20
Pretty URL launcherleaks.net/file/12769-mustang-gt-wafflez/ IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-29 12:27:51 Last Seen2024-05-20 01:04:13 Times Seen33 Hash d90699ff0cbec337c87a1ddb61a2dd87 d9fd9e8f7648949adfbeef3e287f5379f53223f6 62411a27a2991326bcd74c93512d5f2d2690f6fbe0950fb8c693eaa525b4c67d Loading...

	launcherleaks.net/uploads/set_resources_27/d3c5465b682b402f2e7fe6b8c4409085_swiper-bundle.min.js	135 kB	2023-05-21	2024-05-20
Pretty URL launcherleaks.net/uploads/set_resources_27/d3c5465b682b402f2e7fe6b8c4409085_swiper-bundle.min.js IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-21 21:52:57 Last Seen2024-05-20 01:04:15 Times Seen67 Hash d76dc704cfe2bb6f6a5fb1528c395c67 b58e50e0c92c404c26673305a2e4a259937c6a16 776e433644a3f8258ae65109332b33eaf7f9d98de6d9dff61624a84db0ca0988 Loading...

	launcherleaks.net/file/12769-mustang-gt-wafflez/	57 B	2023-03-07	2024-05-20
Pretty URL launcherleaks.net/file/12769-mustang-gt-wafflez/ IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 01:06:59 Last Seen2024-05-20 03:41:43 Times Seen11215 Hash 2a2781f9bb6302c2f96df0d1e96ef524 796bb90146495848c0c479533c367edadb94f1a9 1b60af0ce49d65e8b1006457c16883d60e53a0054bb157c57c3b03a82ee9964d Loading...

	launcherleaks.net/cdn-cgi/challenge-platform/scripts/jsd/main.js	7.9 kB	2024-05-09	2024-05-09
Pretty URL launcherleaks.net/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 04:26:32 Last Seen2024-05-09 04:26:33 Times Seen2 Hash 17fb3c8eea7c6639268d36b67cb947c5 4fbdcb321b6a2b14caf4b38d5f8e7ad6d5b4f6a9 488c8245b7cef7f4d16a1727a7716641fa1f3876561bededbc8739ebc9346875 Loading...

	launcherleaks.net/uploads/javascript_core/front_front_core.js?v=f71abd72281715218813	38 kB	2024-05-07	2024-05-20
Pretty URL launcherleaks.net/uploads/javascript_core/front_front_core.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:34:35 Last Seen2024-05-20 01:04:13 Times Seen39 Hash 1612610c00673b890b0f26e0d269ebcf cda49bb78ebb69eb3adc6ca326d1f4cc407fdec0 5006e6adadffb976db882bfcde9fe4baca631b4ba497ad4c4988118f793319fa Loading...

	launcherleaks.net/uploads/javascript_global/root_library.js?v=f71abd72281715218813	354 kB	2024-04-06	2024-05-20
Pretty URL launcherleaks.net/uploads/javascript_global/root_library.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-06 18:45:54 Last Seen2024-05-20 01:04:14 Times Seen40 Hash 7cbb9aaf57dbc57cb1f08313a6a1958f c51bdede7f247aff1303f30bc04542d47ba1ca72 a422773a794729cf98ce172eec6df5c82174cef1021174af4fd71dddb65d86a4 Loading...

	launcherleaks.net/uploads/javascript_core/plugins_plugins.js?v=f71abd72281715218813	1.1 kB	2024-04-26	2024-05-20
Pretty URL launcherleaks.net/uploads/javascript_core/plugins_plugins.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 00:57:31 Last Seen2024-05-20 01:04:14 Times Seen33 Hash f47067a41e54253a29308eb2e67c5257 3b81b436be06acfb8bc9819fab27e42c4b4af8b0 bdf77d658c86b10a9a85b4349845dc373d1f8bb3cd4e9dfb9d1103101172b9db Loading...

	launcherleaks.net/file/12769-mustang-gt-wafflez/	1.4 kB	2024-05-09	2024-05-09
Pretty URL launcherleaks.net/file/12769-mustang-gt-wafflez/ IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 04:26:32 Last Seen2024-05-09 04:26:32 Times Seen1 Hash 19e69582858a3ce85064fc6111751f40 34441ef7224ddf2ea362c11a3b11df422e08fe95 0e19c5599fd6fc18766df02e0c82a2d66050179e89ac9b93fe847d4265320c2f Loading...

	code.jquery.com/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-05-20
Pretty URL code.jquery.com/jquery-3.5.1.min.js IP 151.101.2.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-05-20 05:23:43 Times Seen145698 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdn.jsdelivr.net/npm/sweetalert2@11	76 kB	2024-04-17	2024-05-11
Pretty URL cdn.jsdelivr.net/npm/sweetalert2@11 IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-17 18:06:27 Last Seen2024-05-11 08:44:08 Times Seen91 Hash 230c939d3b3fc96a5cf7fec7d22891c0 5c664950c68e5630583db458390152ad0e1c64d9 ef7aceda0ec9484ac6f22b195c2b1edfd29fe721ae78f823cafa2dffc71108d4 Loading...

	launcherleaks.net/file/12769-mustang-gt-wafflez/	934 B	2024-05-07	2024-05-20
Pretty URL launcherleaks.net/file/12769-mustang-gt-wafflez/ IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-07 19:34:35 Last Seen2024-05-20 01:04:14 Times Seen31 Hash 20a64d799591c9b87f6637cbd6d82b3d 17ddc2b3fac5b4171e9850450845031747e9b17e 64ba70c3b4405945ce4c0c56d7cc2f3295311f76effc2f952e86c7530bac808f Loading...

	launcherleaks.net/uploads/javascript_downloads/front_front_view.js?v=f71abd72281715218813	4.4 kB	2024-04-26	2024-05-19
Pretty URL launcherleaks.net/uploads/javascript_downloads/front_front_view.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-26 00:57:31 Last Seen2024-05-19 06:47:46 Times Seen13 Hash cd424df2e19001957d9b617ad663584b cf85856e313b8eadb65e0df144f50b3d5f8acaab 2b7f2a204704ff4eff6d146ccd3ae575e85450e3e7b7ca1bd8bfee59a2535544 Loading...

	launcherleaks.net/file/12769-mustang-gt-wafflez/	152 B	2023-03-13	2024-05-20
Pretty URL launcherleaks.net/file/12769-mustang-gt-wafflez/ IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-13 20:48:10 Last Seen2024-05-20 01:04:14 Times Seen146 Hash 32ee5f1e31e3be36abdcd7f154a65c74 08739291134455f7e553ec3185d6ba923b7a658c 50e20db0de17fdccd7711d55b90c78559824b9457ab3aa9712fe4183af906a1f Loading...

	launcherleaks.net/uploads/javascript_core/global_global_core.js?v=f71abd72281715218813	39 kB	2024-05-07	2024-05-20
Pretty URL launcherleaks.net/uploads/javascript_core/global_global_core.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:34:35 Last Seen2024-05-20 01:04:15 Times Seen47 Hash 5ff684590fec461dcdd6b828227c33fa e744b611415ea7633f726fc192bcc329ac9098cc a51566d963014d0e21f963bf48131950fd463ff1e234c31ebc9b346a775db42d Loading...

	launcherleaks.net/file/12769-mustang-gt-wafflez/	437 B	2024-04-26	2024-05-20
Pretty URL launcherleaks.net/file/12769-mustang-gt-wafflez/ IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 00:57:31 Last Seen2024-05-20 01:04:14 Times Seen32 Hash 7301321027f6dcc230eccabd2cf858ab 178e26972661057ac35c24325f5105cdea367a7d a3bfff7b98413607f8284bf6a35b860e5d3c35be9f4cffcdfe9844a7cf7667c1 Loading...

	unknown	163 B	2023-04-14	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 06:36:23 Last Seen2024-05-20 01:04:14 Times Seen301 Hash 411867b319241d427a5b90e512a1e738 77c9861729f51f36501e4aaa7a4f8bda898b40b1 c1c19f5ec30646ad750d86fc0dd2fdc2b6e08f3939a3f7cbfd94ec8c1c379f81 Loading...

	launcherleaks.net/uploads/javascript_global/root_framework.js?v=f71abd72281715218813	447 kB	2024-05-07	2024-05-20
Pretty URL launcherleaks.net/uploads/javascript_global/root_framework.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:34:36 Last Seen2024-05-20 01:04:14 Times Seen34 Hash 50791ee1f0d3b2adf2d6c69e6ba39bf7 89ac8af38c365405139f63ce0b865f93f5668bcd 60253d41c720b041f9f16425c069a52a4649cc15df0e0d19a31739446ea16b8a Loading...

	launcherleaks.net/uploads/javascript_global/root_js_lang_1.js?v=f71abd72281715218813	108 kB	2024-05-07	2024-05-20
Pretty URL launcherleaks.net/uploads/javascript_global/root_js_lang_1.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-07 19:34:35 Last Seen2024-05-20 01:04:15 Times Seen48 Hash dfb4f4a37cacac558a02e348876805dc a3c9316578d617bd8869a2a234b2216586b27a45 8a21a5cc24b20509a317b3fb30c4a0feabc3eed7d754d402ccdb07e07341e8af Loading...

	launcherleaks.net/file/12769-mustang-gt-wafflez/	749 B	2024-04-26	2024-05-20
Pretty URL launcherleaks.net/file/12769-mustang-gt-wafflez/ IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-26 00:57:31 Last Seen2024-05-20 01:04:14 Times Seen32 Hash 9682254ff6eac77cb2baf06c8ae9a356 8e68982bc6e6f847d5acaf95a326aff4296f28b9 44f659bdf4df037e0c5e4bd81f8fd7ecaa434d55f3e5608c9fe28362fd0a6816 Loading...

	launcherleaks.net/uploads/javascript_global/root_map.js?v=f71abd72281715218813	2.5 kB	2024-05-09	2024-05-09
Pretty URL launcherleaks.net/uploads/javascript_global/root_map.js?v=f71abd72281715218813 IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 04:26:32 Last Seen2024-05-09 04:28:26 Times Seen2 Hash 64ebb1ffaaaeceb45fc0bccab02c940d cc808e5f794217b6920a6e166cce35e42edf0616 f51114dda9bd456133690eb82a64b97ae87c20b76b51252cf1508ca18743f76e Loading...

	unknown	166 B	2023-04-14	2024-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-04-14 06:36:23 Last Seen2024-05-20 01:04:14 Times Seen299 Hash b3e842a6c0f384dd341556f48a584fa1 ae83201c7d3a8c7f08b46557c85a214329b31872 ebf5058ae600c9966d2c3ef0835639c0d0702743c378ffb1c7b5e47c0b5176bb Loading...

	unknown	247 B	2024-05-09	2024-05-09
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-09 04:26:32 Last Seen2024-05-09 04:26:32 Times Seen1 Hash ed188668c7dfa77572d1c5db4a7b05f6 cae1bd0c7833c54e60a7cbb6e5ea8b2cb9ac2eb4 512593be125c634e069bc896ae1c710ae3f23aeec0b683cd1a33fb3b86ba80db Loading...

	launcherleaks.net/file/12769-mustang-gt-wafflez/	1.1 kB	2024-05-09	2024-05-09
Pretty URL launcherleaks.net/file/12769-mustang-gt-wafflez/ IP 104.21.10.110 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-05-09 04:26:32 Last Seen2024-05-09 04:26:32 Times Seen1 Hash 6cf96d4c5a3c5986c0422349811cb15f 52aa6376f7d5fc3281d585cb2ac9c3a73616299d 4e99f927341396914ba843022fd9c56c151038f9272a6ff5b5258eef2d4dd2f7 Loading...

HTTP Transactions (68)

URL IP Response Size

launcherleaks.net/uploads/monthly_2024_04/cq9aTZx.png.c8fa2de155b3501a586e838cc5e8168d.png

104.21.10.110

200 OK

6.6 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_04/cq9aTZx.png.c8fa2de155b3501a586e838cc5e8168d.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 214 x 200, 8-bit/color RGBA, non-interlaced
Size
6.6 kB (6596 bytes)
Hash
2fc19a8bacd5d0e4d73a306fab8166e0
0f2fce7d0bf503da891f81231fd00aebe7a1d970
49b78f2f11c1bac3763b0131923b05101f20693a46765374d1b193ef86132b25

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_04/cq9aTZx.png.c8fa2de155b3501a586e838cc5e8168d.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: image/png
content-length: 6596
last-modified: Thu, 11 Apr 2024 12:53:45 GMT
etag: "6617dd59-19c4"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t9SgRS%2FqPHrZVKRTVcQ1Ftuf8RMf2cEnA1zP8fz0kWwJDlZX%2BRcubjVshDNPZvMULwJ%2Bqdbavlt1EJiUNm2bILfDDoZ8KSBVpP9cOp%2BiYHAvzmw%2FtjO89zAOoIQatRLX6LhTvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaabb6b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_04/whats_good.png.7a69ecec6247d8d13d02c05581db0b6b.png

104.21.10.110

200 OK

551 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_04/whats_good.png.7a69ecec6247d8d13d02c05581db0b6b.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 1920 x 1080, 8-bit/color RGBA, non-interlaced
Size
551 kB (551370 bytes)
Hash
bd6e64a379de435c2abc2d7946bbfad1
4b24ed6d44f368df35c1d5829579346ae242a770
150df326b0b235af1a0a736475a8809ec47d7a04165180f30519e9ffa2e295e5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_04/whats_good.png.7a69ecec6247d8d13d02c05581db0b6b.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: image/png
content-length: 551370
last-modified: Thu, 11 Apr 2024 06:32:35 GMT
etag: "66178403-869ca"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CKBHxNWHShXFdwK%2BQH8IpI80NHjwQoRDVAswF%2FfFyG728ggVix9dGCP1Z3Ojo2SU8K%2FabI3nib28XOlh%2F31DJ8CiDi6oqjJfqmdnlmdNCmNBJv8mPbB2sxTp0fekLZll17pa1A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaabb8b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_04/adad.png.e52979bb8e22af2923bdefb76ba81178.png

104.21.10.110

200 OK

295 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_04/adad.png.e52979bb8e22af2923bdefb76ba81178.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 1920 x 1080, 8-bit/color RGB, non-interlaced
Size
295 kB (295333 bytes)
Hash
18ef5cd95531bb3dd64d9e06e29e8626
5b94f1bdfa2b1f235349d37ff7cb386671cb8a83
0b827376ee9a9be1006489f2900bf7f67edab2f0e2ea939a8bf5615af9620c33

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_04/adad.png.e52979bb8e22af2923bdefb76ba81178.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: image/png
content-length: 295333
last-modified: Thu, 11 Apr 2024 06:34:25 GMT
etag: "66178471-481a5"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPRBgKxSFPJrnZzBfsmKYFmRpR1r6V5p3p7pujbzINh8an6K32VGG2BPN7hrzw1deESZWKbq1dZqpzJ6DMCO%2FhD5JC7DCHDACo8tc7lThVOuZN%2B1IejHGZE9JZCpn3P0%2Bq5v%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaabb9b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_04/image(19).png.2aa78230b74798e345b60e3f00462916.png.4e336bf7c14fbdc1f4db64c294c8c35e.png

104.21.10.110

200 OK

2.1 MB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_04/image(19).png.2aa78230b74798e345b60e3f00462916.png.4e336bf7c14fbdc1f4db64c294c8c35e.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 1607 x 1080, 8-bit/color RGBA, non-interlaced
Size
2.1 MB (2100356 bytes)
Hash
f8f3bbfe615b3811bc862cc33fd85dba
45c1dad753241f8ff93afb7f5215175a880624c5
2be690f365c2de1f783be2d1d635d1684d9f7ee0c20e4cfaadfb6fbd92c1a64d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_04/image(19).png.2aa78230b74798e345b60e3f00462916.png.4e336bf7c14fbdc1f4db64c294c8c35e.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: image/png
content-length: 2100356
last-modified: Thu, 11 Apr 2024 06:36:43 GMT
etag: "661784fb-200c84"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=00UjKMzzXI5%2Fkus9Hcctg4oB9qi5dbG1nMSBUO5dU%2BGemHg0xspUy6HdMrq35T1FHJCFRWuiRy%2FZZNnN1q%2BbIFJfXe0QOrm7eOM3tQOV6jJUE1IsN0QzfjRbl%2By%2BUMbbUYh7mA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaabbab511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/applications/core/interface/js/spacer.png

104.21.10.110

200 OK

137 B

URL GET HTTP/3
launcherleaks.net/applications/core/interface/js/spacer.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 1 x 1, 8-bit colormap, non-interlaced
Size
137 B (137 bytes)
Hash
a41d6e3396dc05c78cc77b2d2466534d
0ed5c70f6c2012837adc192b1570cdc8551defbe
dc1b146a3d93548cfd8893783085c4d22a389d361f6b0816643b67f19233000d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /applications/core/interface/js/spacer.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: image/png
content-length: 137
last-modified: Thu, 04 Apr 2024 02:57:28 GMT
etag: "660e1718-89"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=pjnZ9eA31B8FGl7z0yYXruJWkdA6FGBTNd36%2F1N4JlhXzRn8qdD1FIOrZeHksNF9dggfGWEIpPsfzuSkdaajsVYwkaisR8v5YcptvJYudLkoYc0UYjCF4Oug3qFo9qXoqOARlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfadbc9b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/file/12769-mustang-gt-wafflez/main_script.js

104.21.10.110

301 Moved Permanently

0 B

URL GET HTTP/3
launcherleaks.net/file/12769-mustang-gt-wafflez/main_script.js
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /file/12769-mustang-gt-wafflez/main_script.js HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Thu, 09 May 2024 02:25:59 GMT
content-type: ;charset=UTF-8
content-length: 0
location: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
x-ips-loggedin: 0
vary: Cookie, Accept-Encoding
x-xss-protection: 0, 1; mode=block
x-frame-options: sameorigin, SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin-when-cross-origin
expires: 0
cache-control: no-cache, no-store, must-revalidate, max-age=0, s-maxage=0
strict-transport-security: max-age=15768000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: BYPASS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZcuTLlPE%2Fw1mz35ZNleU9SonLeC3S%2BX4yq1JKvc9cZDRjVUx23qgPj5p%2BW374FSanRMeBt%2BYjGTGCg1UerymLniaqpOAuEbCxKRmHqTa7gwPFJ8JhRvnRVhUM%2FnTnlgdNKpwkQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3dfaabb7b511-OSL
alt-svc: h3=":443"; ma=86400

cdn.jsdelivr.net/npm/sweetalert2@11

151.101.65.229

200 OK

21 kB

URL GET HTTP/2
cdn.jsdelivr.net/npm/sweetalert2@11
IP
151.101.65.229:443
ASN
#54113 FASTLY

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGlobalSign nv-sa
Subjectjsdelivr.net
Fingerprint05:87:2C:BA:73:14:21:54:82:00:8B:AD:85:8F:E9:C6:4D:C7:66:09
ValidityWed, 27 Sep 2023 18:13:13 GMT - Mon, 28 Oct 2024 18:13:12 GMT

File type
JavaScript source, ASCII text, with very long lines (52172)
Size
21 kB (21319 bytes)
Hash
230c939d3b3fc96a5cf7fec7d22891c0
5c664950c68e5630583db458390152ad0e1c64d9
ef7aceda0ec9484ac6f22b195c2b1edfd29fe721ae78f823cafa2dffc71108d4

HTTP Headers

GET /npm/sweetalert2@11 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 11.10.8
x-jsd-version-type: version
etag: W/"129b5-XGZJUMaOVjBYPbRYOQFSrQ4cZNk"
content-encoding: br
accept-ranges: bytes
date: Thu, 09 May 2024 02:25:59 GMT
age: 40573
x-served-by: cache-fra-eddf8230029-FRA, cache-hel1410023-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21319
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.5.1.min.js

151.101.2.137

200 OK

31 kB

URL GET HTTP/2
code.jquery.com/jquery-3.5.1.min.js
IP
151.101.2.137:443
ASN
#54113 FASTLY

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintD2:19:0A:AD:CE:BB:9C:61:17:5D:29:4B:A2:54:E8:C6:91:B8:F9:8D
ValidityTue, 11 Jul 2023 00:00:00 GMT - Sun, 14 Jul 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
31 kB (30879 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /jquery-3.5.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-15d84"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Thu, 09 May 2024 02:25:59 GMT
age: 1077731
x-served-by: cache-lga21981-LGA, cache-hel1410033-HEL
x-cache: HIT, HIT
x-cache-hits: 64, 56692
x-timer: S1715221560.695639,VS0,VE0
vary: Accept-Encoding
content-length: 30879
X-Firefox-Spdy: h2

launcherleaks.net/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0

104.21.10.110

200 OK

77 kB

URL GET HTTP/3
launcherleaks.net/applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /applications/core/interface/font/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: application/octet-stream
content-length: 77160
last-modified: Thu, 04 Apr 2024 02:57:28 GMT
etag: "660e1718-12d68"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ov%2FBncTnNQUthvlRWGK4SjlewdRVVDBO1964oodisYW4ya%2BSAfY%2FANSk7StKRolbTRcnAjk%2FGFMlP68hNLp0tL%2BAo2zA41DCGYfhj0Df7HX1n2n8UmtdWmYXD4%2BAvF046ND6ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa8b99b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/javascript_global/root_library.js?v=f71abd72281715218813

104.21.10.110

200 OK

118 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_global/root_library.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
118 kB (117572 bytes)
Hash
9c9b1c53736ee439d444ff6d4a01a29a
2849d296c7de488a6e729b502b110bedb942836e
17c9e92513fe1affe30eb6edf302b133663028f1d3acfc63d9aebeb7e0eae0e0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_global/root_library.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-567ce"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FDZicnCT6yN4Ywq9PkHlQA2nF7RoFsKcwZODVnzN%2F0RC6bmuVqOH7%2FNRa0pc09BhZerhYVN4sOOOZKdAefNyWLfRIuvPgwfrP%2BmDM0qrjoZSM8Fvdim1ypbY%2BcdtD0FmhkrJgw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfadbcab511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2

172.67.142.245

200 OK

110 kB

URL GET HTTP/2
use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 109808, version 772.1280
Size
110 kB (109808 bytes)
Hash
005c9aa92b564b73b7582cc4f1fa49cb
373361ed756b1fe68ce2f5968d467826b6973bb5
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

HTTP Headers

GET /releases/v6.4.2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: font/woff2
content-length: 109808
access-control-allow-origin: *
etag: "005c9aa92b564b73b7582cc4f1fa49cb"
last-modified: Fri, 22 Sep 2023 01:46:37 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 712771
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zP%2BIB%2Bbfd6CwKYU4QOs8ezs0V6XqUXZacw4LXqh0Az4pt%2B4htnr66prlvfiryeXIFau90TSePqIrJxxdD%2B7RaX7E7TR9lgtGfbTlxy5scKvDnu1ZVFHlzsSDInObT6UKYP1dk9S6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3e000fc056ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v6.4.2/webfonts/fa-solid-900.woff2

172.67.142.245

200 OK

150 kB

URL GET HTTP/2
use.fontawesome.com/releases/v6.4.2/webfonts/fa-solid-900.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 150020, version 772.1280
Size
150 kB (150020 bytes)
Hash
d5e647388e2415268b700d3df2e30a0d
97f0942c6627ddd89fb62170e5cac9a2cbd6c98c
886c86112a804ef1ddd1cb206af4c8c40e34b73c26652ca231404aa35a6b30d9

HTTP Headers

GET /releases/v6.4.2/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: font/woff2
content-length: 150020
access-control-allow-origin: *
etag: "d5e647388e2415268b700d3df2e30a0d"
last-modified: Fri, 22 Sep 2023 01:46:37 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 722748
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NsiSxugccokDsr26Iy0Nq5Ph7xBqGqFzo9cfIJ0lD5Emd%2FT%2BCdi7psFrBdSAxhpOOtq4v%2Fn9GpJwIrzxE14aZUdMb9JlCKoARRKR%2FVb932QJMrjmbKr3gVWGmlrB%2FSqrV59FfotI"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3e000fc656ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

launcherleaks.net/uploads/javascript_global/root_front.js?v=f71abd72281715218813

104.21.10.110

200 OK

173 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_global/root_front.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
173 kB (173052 bytes)
Hash
e2dfbb0c0d10fcf1a7585b24ca1e9710
9428d0fb6f74cb8147677d20fcb45e37abb4df22
7e6ef86b4fa71d8b1cb11a7362235aeeeb5712206d186bad52c3ebe46b837196

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_global/root_front.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-19bce"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h0YzwYhzUmRUHulI%2B%2Fgu%2BoPUCRNGFgaTXKJA65HQmaEJBiMAhd8%2BsQ%2BsiNbC3egYLTEavGBNGrp2bY%2FgTl4h00aViiBooDGuG3vGDfKOmTZF%2BpScjm8SyOChhROGGV%2Fcw%2B8gyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaebd2b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/javascript_core/global_global_core.js?v=f71abd72281715218813

104.21.10.110

200 OK

10 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_core/global_global_core.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
10 kB (10137 bytes)
Hash
f881f99df95dc86bc015ebca2cdc5830
a4acff6fdfd27f0aa1a9bc1f6c3a871833e99ac8
bcc7b42e0b72866de174f4256e2eb2d7d18d6b9aa8be76cce970d65b8188dfc2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_core/global_global_core.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-9734"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fBCHQn%2FEMhE6HxBgYThGp0XFpzPWBsS%2B6nMMfS1SAJHvbok4hz37do7UJMYAQ1hNUPaSqHqOdjjREMYAMjjEK12fAmhP%2FJ4pRjIB6pmeDOfWjN9LuRkVq5v4dTPCU0BokLY3tA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfadbcdb511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/javascript_core/front_front_core.js?v=f71abd72281715218813

104.21.10.110

200 OK

9.4 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_core/front_front_core.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
9.4 kB (9426 bytes)
Hash
a757ffd8e74b6a52a056a3891d90d28c
bf2b662913443a042fcab00ade026bcebe73017b
5321c7050a426b7b751a9b42414471dcd0d9b992ad47956c17f007cf751ddfd7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_core/front_front_core.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-952f"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=BWMg8ubQJLYQ%2FqZ%2FqGN%2FVB6W%2Be7qZg84Dl0UdxeiBgmp7J4yRMtHdGuY6jAxSS2%2BZ2UJFjz2ytOxNgBp0a3JQkFKzH5B3XxtzCagbhQx8ig8oqQpYKdhzhM827oXnw2ys3iqFg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaebd3b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 228703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 228703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 228703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

216.58.207.227

200 OK

47 kB

URL GET HTTP/2
fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
Fingerprint15:DD:05:B3:2F:D8:E3:54:C9:B4:FA:E4:AC:01:ED:C8:E1:EA:A7:AD
ValidityTue, 16 Apr 2024 04:17:07 GMT - Tue, 09 Jul 2024 04:17:06 GMT

File type
Web Open Font Format (Version 2), TrueType, length 46704, version 1.0
Size
47 kB (46704 bytes)
Hash
30a274cd01b6eeb0b082c918b0697f1e
393311bde26b99a4ad935fa55bad1dce7994388b
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

HTTP Headers

GET /s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 06 May 2024 10:54:17 GMT
expires: Tue, 06 May 2025 10:54:17 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
content-type: font/woff2
age: 228703
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

launcherleaks.net/uploads/javascript_global/root_framework.js?v=f71abd72281715218813

104.21.10.110

200 OK

113 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_global/root_framework.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
113 kB (112593 bytes)
Hash
14ae9ec70406dc39d6f5420647d85ba1
738f865dbf967e33e5e6fafd81f06ac2a11bef32
aa101c496f080fe7dd3cb06579ddcac6d53a0885d6292596ca4ff9dfe95c01df

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_global/root_framework.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-6d379"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NTfLJ3mi%2BR%2BpE9FSvSFti%2B2wvjF6qvNSuAFCFFtbdjgQIWJL57wM%2BfLoCet3AqdjqVP91SRnuf0mm7Ys20pqA%2FRmhe1bVhME8qQoqkDjNzZEIH11cs8Uw7pQjSXRd8tZSgnyuw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfadbccb511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/set_resources_27/d3c5465b682b402f2e7fe6b8c4409085_swiper-bundle.min.js

104.21.10.110

200 OK

212 kB

URL GET HTTP/3
launcherleaks.net/uploads/set_resources_27/d3c5465b682b402f2e7fe6b8c4409085_swiper-bundle.min.js
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
212 kB (211455 bytes)
Hash
8e112ca3605c56b1aff20435434c8139
b892fbbfaaedc21d3976bdce12582f88ab1a5c9c
1a86dc2a1db4bdf2fec83f492d7bf521f6e7e518dc7dd7bcd6705150cc616932

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/set_resources_27/d3c5465b682b402f2e7fe6b8c4409085_swiper-bundle.min.js HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-20e7b"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Q2b4etmy2wtpydhGd44h%2F45BkiRGjuKhQlBSp3OAKrNIy%2FOI641DoBTdrSZdJaSLOTjJ3kev9KqXppRAqI%2BI0%2FzcGzwwEN99G4eYmGCyM6vU%2Bb4qiFqKC8XK2h77xqikhhR6Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaebd7b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_05/Desktop_Screenshot_2023_11.09_-_20_05_56_61.thumb.png.137bae1e69f392a401f2b72204d30ef1.png

104.21.10.110

200 OK

172 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_05/Desktop_Screenshot_2023_11.09_-_20_05_56_61.thumb.png.137bae1e69f392a401f2b72204d30ef1.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 500 x 282, 8-bit/color RGBA, non-interlaced
Size
172 kB (172311 bytes)
Hash
f1afed96017903c38e0c7d626ebb97e8
5c484b964246cc8694290da55640c5e4db8d8d3b
0c83a790c6a275887b5edb9e2de7c9f0232bace471eecac419b72f80b62d2765

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_05/Desktop_Screenshot_2023_11.09_-_20_05_56_61.thumb.png.137bae1e69f392a401f2b72204d30ef1.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/png
content-length: 172311
last-modified: Sun, 05 May 2024 12:28:23 GMT
etag: "66377b67-2a117"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Cvj618Q7Y5uPqs9eCDyAyObh8gY1wehUBZQ21vDP%2BimSjFDGXGFa7PL0PxN8EH6nGUNf810MnSi1AZP8xWUchh1ph6pWixCcNJkdueOgKq1muqGHhp7mxXAHSHGANF%2FdQwNrjg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e033f0ab511-OSL
alt-svc: h3=":443"; ma=86400

use.fontawesome.com/releases/v6.4.2/css/v4-shims.css

172.67.142.245

200 OK

115 kB

URL GET HTTP/2
use.fontawesome.com/releases/v6.4.2/css/v4-shims.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (27374)
Size
115 kB (115387 bytes)
Hash
665de85010641f678f0178a9d330a7af
bf1ec2791cd06922f4a1b67480f75209d85e6deb
0e0a27c105caf20bd4cc76fe58f222d856ab8f626447846842dddca8ce7509ef

HTTP Headers

GET /releases/v6.4.2/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: text/css
etag: W/"665de85010641f678f0178a9d330a7af"
last-modified: Fri, 22 Sep 2023 01:46:32 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 727678
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0z%2Fvyyoq6iu4OUXG4XEZ4YiOKdzN7ndxOpR671pMm1rhFIjHRFHmDmLN48PvNnDNiDpfyfv16sMJu1TzZSdpNEEg7NvpjQk84rwSrY6zW87mNTFIkkbt%2F0PsNcCBV%2FUfmhi%2F%2B5lb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3dfe9f7356ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v6.4.2/webfonts/fa-regular-400.woff2

172.67.142.245

200 OK

24 kB

URL GET HTTP/2
use.fontawesome.com/releases/v6.4.2/webfonts/fa-regular-400.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 24488, version 772.1280
Size
24 kB (24488 bytes)
Hash
747442fa76f1d9a31f9a54a2e8a4b448
07fc0ae14bb3187839082aed3bca11dfb1e04524
9169d8be7a8177e5a92a4d04b6de7f6504b938573bf4da5889871c4f376d3849

HTTP Headers

GET /releases/v6.4.2/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: font/woff2
content-length: 24488
access-control-allow-origin: *
etag: "747442fa76f1d9a31f9a54a2e8a4b448"
last-modified: Fri, 22 Sep 2023 01:46:36 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 722748
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9zOo%2F4qQdA2fOiY8aTxrJT8eZKye46gPnO0ZzTe%2BzqEiruwA3FCciccBhdrZqLI%2BwTRmqYR5RN3fxzffEL30VF%2Firup1sIIz7TRWy4QGIYM7D%2BmUzKH2NrbPUI%2Fj8TUF%2BRAxeFQe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3e03c88856ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

launcherleaks.net/file/12769-mustang-gt-wafflez/

104.21.10.110

200 OK

1.6 MB

URL GET HTTP/3
launcherleaks.net/file/12769-mustang-gt-wafflez/
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
1.6 MB (1558038 bytes)
Hash
d1b0d7f82c8c5efc1aa5b759b42dc05f
d5f05a638e182d31691e4c7aa20a35f560f7307d
d375016b8a32494492b79d77f4b375b647d2d15ff7fb5973327fcd1dabb44d4c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /file/12769-mustang-gt-wafflez/ HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: text/html;charset=UTF-8
x-ips-loggedin: 0
vary: Cookie, Accept-Encoding
x-xss-protection: 0, 1; mode=block
x-frame-options: sameorigin, SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-content-security-policy: frame-ancestors 'self'
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 09 May 2024 02:26:00 GMT
expires: Thu, 09 May 2024 02:41:00 GMT
cache-control: no-cache="Set-Cookie", max-age=900, public, s-maxage=900, stale-while-revalidate, stale-if-error
strict-transport-security: max-age=15768000; includeSubDomains;
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=R9WPGHNFzRSdkjV5PfMhGaNHIbkO0mVmWn%2FClPVN0OGeOx647ShzWiXpoxZmygps62fV5cOoe%2BwgnJonKDyXiQl6kykXMVhev7ovDnbgBxvh%2FtJNqwfoEPuwl8hGwBARXTygIw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3dff8d85b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

i.imgur.com/gbpa60N.jpeg

151.101.236.193

200 OK

304 kB

URL GET HTTP/2
i.imgur.com/gbpa60N.jpeg
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3
Size
304 kB (303975 bytes)
Hash
6b3624509dd2b21b8bf528630202d2f3
c9b6b7e104447c635688ea35f6d6741a3f66a1ad
aa10e0dd5636ed336e58dfd065e3e5ccb5acddcae04b2489faee68dfe18101a0

HTTP Headers

GET /gbpa60N.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Thu, 25 Apr 2024 15:47:33 GMT
etag: "6b3624509dd2b21b8bf528630202d2f3"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: JFK50-P6
x-amz-cf-id: wKhO_yk60BpzX-zrtbJacWkksGcxEaOtlu9VPpPE3Y_IWnNxys-m_A==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 1161508
date: Thu, 09 May 2024 02:26:01 GMT
x-served-by: cache-iad-kjyo7100161-IAD, cache-osl6524-OSL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 33, 0
x-timer: S1715221561.039159,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 303975
X-Firefox-Spdy: h2

use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2

172.67.142.245

200 OK

110 kB

URL GET HTTP/2
use.fontawesome.com/releases/v6.4.2/webfonts/fa-brands-400.woff2
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 109808, version 772.1280
Size
110 kB (109808 bytes)
Hash
005c9aa92b564b73b7582cc4f1fa49cb
373361ed756b1fe68ce2f5968d467826b6973bb5
faae6fc0aa94cc5bde5076647c817a23206096a1cbeda10d1c6f3d89d6163ed1

HTTP Headers

GET /releases/v6.4.2/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Thu, 09 May 2024 02:26:01 GMT
content-type: font/woff2
content-length: 109808
access-control-allow-origin: *
etag: "005c9aa92b564b73b7582cc4f1fa49cb"
last-modified: Fri, 22 Sep 2023 01:46:37 GMT
vary: Origin, Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 712772
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JPSSxvkDX9R4zrz1X5xCjcxluQXeQByFRclOM3AZkjpvEXO6MjfaBEAya1DjZQXsWbZJ%2BaGuvrsK4Nf1uFTq5EmWyuiWdP2%2F7S5XDH8tQmVa271jE2jgQH70f%2F6%2FybizFoAPGgAn"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3e05f8ff56ca-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

i.gyazo.com/cf48240e1a5908853bf7c7444351a6de.png

104.18.24.163

200 OK

157 kB

URL GET HTTP/2
i.gyazo.com/cf48240e1a5908853bf7c7444351a6de.png
IP
104.18.24.163:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerLet's Encrypt
Subjectgyazo.com
FingerprintB1:88:95:2F:E3:8B:92:D7:5A:FA:0F:4B:8C:CB:22:9F:DF:EA:DB:F8
ValidityWed, 03 Apr 2024 02:09:12 GMT - Tue, 02 Jul 2024 02:09:11 GMT

File type
PNG image data, 1046 x 646, 8-bit/color RGBA, non-interlaced
Size
157 kB (157231 bytes)
Hash
cf48240e1a5908853bf7c7444351a6de
8ac4058e3f5c321e9201c344081a68a59cb79e32
7941c1300641e6d3729686a430e0c4248168d69fb4243214d128fbe6a936d8dd

HTTP Headers

GET /cf48240e1a5908853bf7c7444351a6de.png HTTP/1.1
Host: i.gyazo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 02:26:01 GMT
content-type: image/png
content-length: 157231
cf-ray: 880e3e060f8ab50b-OSL
cf-cache-status: HIT
accept-ranges: bytes
access-control-allow-origin: https://gyazo.com
age: 511615
cache-control: public, max-age=31536000
etag: "cf48"
expires: Fri, 09 May 2025 02:26:01 GMT
set-cookie: Gyazo_cfwoker=i; Secure; HttpOnly; SameSite=None; Expires=Tue, 01 Jan 2030 00:00:00 GMT
vary: Accept-Encoding
via: 1.1 google
access-control-allow-credentials: true
content-dpr: 1.000000
x-cache-level: ZS
server: cloudflare
X-Firefox-Spdy: h2

launcherleaks.net/uploads/monthly_2022_07/143702555_MaleVariant2Front.thumb.jpeg.b5982b752eea7439919b52fa2572a282.jpeg

104.21.10.110

200 OK

151 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2022_07/143702555_MaleVariant2Front.thumb.jpeg.b5982b752eea7439919b52fa2572a282.jpeg
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 500x282, components 3
Size
151 kB (150903 bytes)
Hash
bca70d083201c503e48a3a8e6bae1ce9
4b3b57ab166e81cc24e792267ce6bcf06ebcdb3c
737b339118181c22f8a500aa0eacf3599c0d8bc8c9b11b5bff7780d1cb54a508

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2022_07/143702555_MaleVariant2Front.thumb.jpeg.b5982b752eea7439919b52fa2572a282.jpeg HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/jpeg
content-length: 150903
last-modified: Mon, 05 Feb 2024 05:47:16 GMT
etag: "65c07664-24d77"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7%2FW8%2F%2FKgNxXPAB0o4whwW8JY3lhLPHr1eLVHxZjAZsT2rXpYqgFLpiqtmZUnNCy%2BkKLi9zMf3Oa1L99a6tdE7ChNpKbX4yM%2BmBfWWKKOwXyjQC0MjGsypb1oJfiT2KGctSxeIA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f2ab511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_04/GTA5_2024-03-05_16-50-53.thumb.png.4a46a79390de4789bbe47f99a5060a55.png

104.21.10.110

200 OK

262 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_04/GTA5_2024-03-05_16-50-53.thumb.png.4a46a79390de4789bbe47f99a5060a55.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 500 x 282, 8-bit/color RGBA, non-interlaced
Size
262 kB (262399 bytes)
Hash
1643bc44ff885f59509b80d480e1a22f
1cfef5386597cffd88dfae3c8f498eb4bac1c4f7
0c23461fa3052f24516a166dc5781412d793759aaaf27fd9b258acb8956e4115

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_04/GTA5_2024-03-05_16-50-53.thumb.png.4a46a79390de4789bbe47f99a5060a55.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/png
content-length: 262399
last-modified: Wed, 03 Apr 2024 03:05:36 GMT
etag: "660cc780-400ff"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M8ZjDZDhSgsGmsXRQfeCuo%2BT8CDnR2WCi9epXpG19DvtR186N2rNGnd%2BmMl6wigpj7pSlXFOr1DhJCWP4BFj2sJsS3EjNQcNRKFQ8VxKIRiCJLITf2c3AjVG5uU1FmeG69T4zA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f2bb511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2022_01/63024853_maxresdefault(7).thumb.jpg.7e9e3d00918758b08374931a8c9a123d.jpg

104.21.10.110

200 OK

45 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2022_01/63024853_maxresdefault(7).thumb.jpg.7e9e3d00918758b08374931a8c9a123d.jpg
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 500x282, components 3
Size
45 kB (44823 bytes)
Hash
bbe0ab7d965c381cbd07e190fc11edde
f75d098033aaeaac06da7bbff82d35f8a1358ef1
7888d217792f159b086f459180d7156e3e038f4300f11819896f4116f11f8e5e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2022_01/63024853_maxresdefault(7).thumb.jpg.7e9e3d00918758b08374931a8c9a123d.jpg HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/jpeg
content-length: 44823
last-modified: Mon, 05 Feb 2024 06:10:50 GMT
etag: "65c07bea-af17"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VkkcgAL%2F1EQa5yxTA2k0eu4O4UsCDanKGFDahxCdslBA6dG1XsY3VWdt3kjo4eU9cggqo%2BUH2j2INRF86yiYJBEJxK3Uff%2B3Eoyu7vE%2FdVPNGLMN4ZKYa52YAU35HjNLNvqGVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f2cb511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2021_11/feat-P7bpT5uwtA1DIajkJRqhNXK9F.thumb.png.8c51ee5b4146aaed194fc5971b0ad1d4.png

104.21.10.110

200 OK

208 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2021_11/feat-P7bpT5uwtA1DIajkJRqhNXK9F.thumb.png.8c51ee5b4146aaed194fc5971b0ad1d4.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 500 x 282, 8-bit/color RGBA, non-interlaced
Size
208 kB (208437 bytes)
Hash
54ba4b4d294ee1f75709a00b260e85f5
ecd2056322e27097f61e0b831a70a594c6dd1b19
7202ef1fc16f209eb888bd2073532f3506ebf50e83bb18fecf48bd3ac5a72c14

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2021_11/feat-P7bpT5uwtA1DIajkJRqhNXK9F.thumb.png.8c51ee5b4146aaed194fc5971b0ad1d4.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/png
content-length: 208437
last-modified: Mon, 05 Feb 2024 04:10:11 GMT
etag: "65c05fa3-32e35"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nhYnIvv%2F63KpL700I%2FpRMT%2FKw%2Fmv3ZRzpF%2B1oncSLhRxZjPF040yXYnhaFtXaD6BrsgH2jsem5MVUU5QqD9%2FRMW9vaw7V%2FFxmNH1jYIurJmVlrYBMo%2B6ejwHRcmIVIlflfmjWg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f2db511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2022_07/maxresdefault.thumb.jpg.42531b6a467eb06c2d99fb40de2e7a2b.jpg

104.21.10.110

200 OK

230 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2022_07/maxresdefault.thumb.jpg.42531b6a467eb06c2d99fb40de2e7a2b.jpg
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 500x282, components 3
Size
230 kB (229988 bytes)
Hash
9f29d7efa15fddffe81bdb3120e71e04
017da9d3a2d15be18f70d24236eabcabfb78fe50
faf62a491715142b89a693e5d081b33e9372254be674adcf7b858e189bcdc1ca

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2022_07/maxresdefault.thumb.jpg.42531b6a467eb06c2d99fb40de2e7a2b.jpg HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/jpeg
content-length: 229988
last-modified: Mon, 05 Feb 2024 05:47:17 GMT
etag: "65c07665-38264"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lu1jktEq72zl1rUpwA1pyuF74%2BphPU089aA3hOWTsyvpbJOI%2BOhuavmvNF99Pi8i2RGOUWP2a5H4X3ESZ074ilZ2lhovQoQ6hKyWIzN1aJscEUzxXtR11O9wYTCbT%2BlmM9SoBw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f2eb511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_04/86594cd2864fc6a0de7a78960d88c122fdd70094.thumb.gif.15b70b2fb4dcc87a452c80cc95ab93ff.gif

104.21.10.110

200 OK

3.9 MB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_04/86594cd2864fc6a0de7a78960d88c122fdd70094.thumb.gif.15b70b2fb4dcc87a452c80cc95ab93ff.gif
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
GIF image data, version 89a, 500 x 281
Size
3.9 MB (3945875 bytes)
Hash
bfa48b762cbdb39a1a8c8cf05455ed4e
86594cd2864fc6a0de7a78960d88c122fdd70094
ef4babc80e53446725ef0f4ea6db0546742fb1aa90a1890be972736aa71f1dd4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_04/86594cd2864fc6a0de7a78960d88c122fdd70094.thumb.gif.15b70b2fb4dcc87a452c80cc95ab93ff.gif HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/gif
content-length: 3945875
last-modified: Wed, 17 Apr 2024 18:24:23 GMT
etag: "662013d7-3c3593"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NB5zG%2FTpskPi1CBRtKSejZ9R0e5uwMxpRoaJ8jlJZxDd1tFj%2FoffoUUD430NJyEtBlNwZoOvCOTEgEDMfnDPXf5UaF2fSSQEgympgqercxYZu7E0Kvh%2Bd3LpFcRjLWB%2BvPN14w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f29b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2022_09/WinRAR-logo.thumb.png.712705727354baba71b104a792cefd63.png

104.21.10.110

200 OK

231 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2022_09/WinRAR-logo.thumb.png.712705727354baba71b104a792cefd63.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 500 x 424, 8-bit/color RGBA, non-interlaced
Size
231 kB (230689 bytes)
Hash
675d24d4429664d2b8933941e2035911
5e7826a9b7777ff7240d9824dca1c4d5751e3401
bedb27d2055906aa2dd8ea6ab9260fd67d66fe589a0f86a7f598d4bed22f3494

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2022_09/WinRAR-logo.thumb.png.712705727354baba71b104a792cefd63.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/png
content-length: 230689
last-modified: Mon, 05 Feb 2024 07:21:25 GMT
etag: "65c08c75-38521"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u7%2F18afUSaHlnYa03G1oLvcwYcGHZlG7noWpnKFJhl5qB2JND%2FeymxO95zAeEM1helbeqdoNtPQ6n688mBRDxZ3dm5n5ta8nXSWGVuoLAJfvoPamA5fVcm2hUyP4yJ%2B1yrkwNA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f2fb511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/javascript_global/root_js_lang_1.js?v=f71abd72281715218813

104.21.10.110

200 OK

202 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_global/root_js_lang_1.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
202 kB (201898 bytes)
Hash
494787c57d160e9649ca96843e0dcae1
23b98cbc22746716db8766800946d2a00244437c
a8248dff887525df51bd1bdf113a82c490fdcd21b4f99ac4030b14839fabd91c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_global/root_js_lang_1.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-1a6e3"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZdQDSzHx6J3bQf0Sdd1PkniQAnvkPkn0zUZEzWy%2F9TkZEvJaaR1UKNicHXdvW05DQxx0UtbsO7mvvXRS48WZUYUvNuaIg7hpzNIHtDUGm0U%2F6XyVUxtzOFjafUvMzX0b1%2F%2BVeg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfadbcbb511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/29bd99919d9bcfd58c5a255c6957b8a6_convert.css?v=f71abd72281715210371

104.21.10.110

200 OK

272 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/29bd99919d9bcfd58c5a255c6957b8a6_convert.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
gzip compressed data, from Unix
Size
272 kB (271671 bytes)
Hash
328d6f5c3f2507c259f6f57d64981868
69356038184adea31665f26edb666c0a3e57ef51
7948c7ea25bea01f324af50fa04c3486cb5345544a13ff54e8c1ff644fc380e9

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/29bd99919d9bcfd58c5a255c6957b8a6_convert.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-1755"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zvNSQPk5zSWgRWKKQdZjJsMg9MSGrH6N9G%2BW49iW8qlj4LI9ijISclHdZCuTalrTw439SW2xtsDcijblWsPEwQ%2FMljXdAi4qJuYNiE13xTsNs14vPzwC5Q9FDyq7JDbhxC3r8Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa9ba4b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2022_11/271590_20221123180635_1_1296x.thumb.webp.166a2c2dbac4e4c4f2268cea650e863b.webp

104.21.10.110

200 OK

69 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2022_11/271590_20221123180635_1_1296x.thumb.webp.166a2c2dbac4e4c4f2268cea650e863b.webp
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 500x282, Scaling: [none]x[none], YUV color, decoders should clamp
Size
69 kB (68628 bytes)
Hash
a5cafec497475164eaaa1cff49c62d0d
efdf9c2d9471d73826ef40789fa53629bea5ff37
f0ef030362846f7c6fb69ae372a67d149d91324668c43d5067de956eaf09a0ec

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2022_11/271590_20221123180635_1_1296x.thumb.webp.166a2c2dbac4e4c4f2268cea650e863b.webp HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/webp
content-length: 68628
last-modified: Mon, 05 Feb 2024 07:25:03 GMT
etag: "65c08d4f-10c14"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=10JR1XIaDypz1sp6fFH6HaaJJnVKav85P021kFk3MioHI%2FPT%2F310nNcR06rwf6zI8U6VBafjNV27AiZ7ONjJdwJDkxF%2FamOEqHt5scQZ8%2FZLpeEI2cXquLmZE54i1QtafqnYWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e03cf5bb511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2023_03/imported-photo-183738.thumb.jpeg.4105cc0ef605c828d8f952f7c1022fcd.jpeg

104.21.10.110

200 OK

7.0 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2023_03/imported-photo-183738.thumb.jpeg.4105cc0ef605c828d8f952f7c1022fcd.jpeg
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 100", baseline, precision 8, 96x96, components 3
Size
7.0 kB (6955 bytes)
Hash
b427a9a005ddf0646a1c7f760775734e
bfcb7858839f4d0d8aefc8e29afea4be993c11b4
e9a7b109ff7e8cfd661d96e2902644483d29cac7feff8de05da54310b71f6496

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2023_03/imported-photo-183738.thumb.jpeg.4105cc0ef605c828d8f952f7c1022fcd.jpeg HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:01 GMT
content-type: image/jpeg
content-length: 6955
last-modified: Mon, 05 Feb 2024 05:29:02 GMT
etag: "65c0721e-1b2b"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: REVALIDATED
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqXuU0D3ihwImDcMLOcPYl7QgYI58YhyCGsg0kW5FIvDgE0d8D44Qi1YnDByTqHaDdpvHMQiQXl10R7F7hzvWUsquazA27IZ056PPjM0XyRQFDrcSvrCMW671UJ3PEyR6UHzVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e0608e8b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.10.110

302 Found

0 B

URL GET HTTP/3
launcherleaks.net/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Thu, 09 May 2024 02:26:01 GMT
content-length: 0
access-control-allow-origin: *
cache-control: max-age=300, public
location: /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=V8hhL14C1KsGIH7mXgJxui%2F0aHsvv%2BMIaxWAMm7zNMxb5dBWheDDWc9dHJY5HW0wCgD3RQVuv3W0w0jYlNqJ1NiLvv4dyXfcEr6QjeyWsOxWn5AMm01PhGilGqDqA5YjAsmGCw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e0608eab511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_05/image_2024-05-08_165747356.thumb.png.258954aa9a02510639e6396fe51ebc07.png

104.21.10.110

200 OK

263 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_05/image_2024-05-08_165747356.thumb.png.258954aa9a02510639e6396fe51ebc07.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 500 x 282, 8-bit/color RGBA, non-interlaced
Size
263 kB (263099 bytes)
Hash
d33de9fa511023bc3de16abbf8ae90a6
7776caf661e273d66872633088afaee75bf10ce8
27dbb4b4a889ce1562f2ed105637a14ea3ddb34cca82ddc9a09694d8ef716332

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_05/image_2024-05-08_165747356.thumb.png.258954aa9a02510639e6396fe51ebc07.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:02 GMT
content-type: image/png
content-length: 263099
last-modified: Wed, 08 May 2024 20:58:08 GMT
etag: "663be760-403bb"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 557
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4wS6eBPCWX510xdbf5P4oDJ2zMOkl4psczN%2FvORtnyBmTNrScNXooyA3hIiZ65gBhogysQMLU%2FFEswkrmV5vvF%2Bjw6zN2s33qSgi7z21HA2d9FbQfPFBmWJBnZ%2B941JNwX1J7A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e0ccccbb511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_02/android-chrome-512x512.png?v=1712605004

104.21.10.110

200 OK

49 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_02/android-chrome-512x512.png?v=1712605004
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced
Size
49 kB (49186 bytes)
Hash
390058981d8c33cf7f7ac83df7289560
853f6dd48c10c41a4dc288b8fe6d8987ae14f136
ab56bf944922cd6347a06f5de4cb913f823cd8ba96f6d1b2ce31edf10d62e789

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_02/android-chrome-512x512.png?v=1712605004 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:02 GMT
content-type: image/png
content-length: 49186
last-modified: Tue, 06 Feb 2024 04:19:31 GMT
etag: "65c1b353-c022"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 536
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWdR%2FTnJVt%2Bozkaj8haD2wO%2FUVstdtDq7Kjbq04eZYm62RlZ1NUHOpaNxOtNBMbrjkyTHo02lig%2F5sixJ3MRS%2F3wgXbtSOeZTD9PTDH3gISWStbtD%2B6HpnGm409N4E53N35UqA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e0dcd22b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2024_02/android-chrome-36x36.png?v=1712605004

104.21.10.110

200 OK

1.3 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2024_02/android-chrome-36x36.png?v=1712605004
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 36 x 36, 8-bit/color RGBA, non-interlaced
Size
1.3 kB (1282 bytes)
Hash
6643840bd35c7cddf0811e8969b64875
886f7f812fda1694e4184083e178c8b8c6b08be3
ee3561daab5ce98f4859fc704e7584e53d0858ac073fd02569fb96b5cdc59209

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2024_02/android-chrome-36x36.png?v=1712605004 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:02 GMT
content-type: image/png
content-length: 1282
last-modified: Tue, 06 Feb 2024 04:19:31 GMT
etag: "65c1b353-502"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IP%2BYQMskVIP%2FayF7%2BGFBpUiGHvXIO2QoOEK%2BodBbnpxq3GhDsOdtxEcsWwMgdodZjivIzbQQR9TOj7he5QVfi6uBymfTAHwORg8fHLrB7Amc0AdrMFIcZ4%2FimjDYjkr%2F2jv3mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e0dcd23b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/cdn-cgi/challenge-platform/h/b/jsd/r/880e3df4bcf8b512

104.21.10.110

200 OK

0 B

URL POST HTTP/3
launcherleaks.net/cdn-cgi/challenge-platform/h/b/jsd/r/880e3df4bcf8b512
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/b/jsd/r/880e3df4bcf8b512 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12192
Origin: https://launcherleaks.net
DNT: 1
Connection: keep-alive
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:02 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=bITQqgfbAZK4M83iXF9xg0VOImdjO1GqvFn7G_Cjck0-1715221562-1.0.1.1-4T9erwBbmuPvKKaX7yIJGuqNNHpysMwhhh_xt7Fhj86Pcgq216GXMKmGFQxogqN7BFXI4YoJrtX9JApNSwpi4Q; Path=/; Expires=Fri, 09-May-25 02:26:02 GMT; Domain=.launcherleaks.net; HttpOnly; Secure; SameSite=None; Partitioned
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wUlLT%2FB8kSdpzm3fKis7MKKFHcib9b98addwaVUnFaPms5un3XKlUxTQtO%2Fz97VZ%2BD%2F9fyiIvp0DL1RAfE2Pbgk8c1IlqPT1BXOve2Q19TfQ1OoMFJqxyyNGRqxE4zLP5icSJg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3e0eed87b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/javascript_global/root_map.js?v=f71abd72281715218813

104.21.10.110

200 OK

2.5 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_global/root_map.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (2569), with no line terminators
Size
2.5 kB (2455 bytes)
Hash
e6d0aee7eb24ef7aac3cf4c9da1d8afa
6874b2f9de97ec3e2c78d5529bd2210d80d85c8c
c6469f0ea80a6d013b28135b13447cb77b3edf7d586fc2fd1400c74398086bcf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_global/root_map.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Thu, 09 May 2024 01:40:13 GMT
etag: W/"663c297d-997"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=118%2FPrtbRM8v%2FSU%2FJ%2Fy74RzjSrIJG12vbSULDsVurwf9CZEPTlOmeTsTx%2FpXQntPooD4JaedEcrhNPLQqBPz3AL5SWe%2BLRO0aMHFgubRQ3vWhN0VWoqPGelcdv30mRc%2BPoZOHA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaebd5b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2023_06/Screenshot2023-06-24231322.thumb.png.e46eca2b5a1540d9e47d4ac06f38b4ef.png

104.21.10.110

200 OK

174 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2023_06/Screenshot2023-06-24231322.thumb.png.e46eca2b5a1540d9e47d4ac06f38b4ef.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 500 x 430, 8-bit/color RGBA, non-interlaced
Size
174 kB (173939 bytes)
Hash
87dada0953eb59beaa79c774c06e08c6
bb81f511a6ceaa260bf36ae388e72e06c06239ba
3b04624e966826cb8fbb98f294b86d0c9cbcbf449d263b5815b5b4288b087420

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2023_06/Screenshot2023-06-24231322.thumb.png.e46eca2b5a1540d9e47d4ac06f38b4ef.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/png
content-length: 173939
last-modified: Mon, 05 Feb 2024 06:15:31 GMT
etag: "65c07d03-2a773"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wQ%2B0VtlMk6h6C%2BnqF2137jHJrGTtLE6dX73xzSO4a%2Bc9I2DgHptelqTts9NY3nZv5glnz3ZxcVmQ9royBGxjMHUPScJmSA3JApp6WV6w6%2FBbwiwHpfwF1%2FbDMhB06tAZVxsycg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e033f05b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/341e4a57816af3ba440d891ca87450ff_framework.css?v=f71abd72281715210371

104.21.10.110

200 OK

331 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/341e4a57816af3ba440d891ca87450ff_framework.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type

Size
331 kB (330976 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/341e4a57816af3ba440d891ca87450ff_framework.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:33 GMT
etag: W/"663c0885-50ce0"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3vQtIdq%2BuzztL8cdupB8hQMJhLikSmvyOkX2MS9DlBPf%2BNlW7jE3296P4LG6GlWxiGUAVdzQ7Y2TbJvpbvjDNai0fchYSG7llmwjtAGRSNDs8RATKzPa5JhWUpSradfyP3pRRA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa8b9fb511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/63225940445060c5a9f21d31e95bf58e_downloads.css?v=f71abd72281715210371

104.21.10.110

200 OK

2.8 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/63225940445060c5a9f21d31e95bf58e_downloads.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (2792), with no line terminators
Size
2.8 kB (2780 bytes)
Hash
fe0bd138756a85503456321e52e02699
fc9b793c3c1f3d6d5696d087c9903adbf17d790c
7b5f5a1d668712f681d05f1e19d93d4a46ba9c7dbee3f4e68121edbe5eb77ddc

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/63225940445060c5a9f21d31e95bf58e_downloads.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-adc"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9Whs6ZfRGslTgghN6Cf17kCG1EXCvLpAHQg9u1sY0QxZd9iP1uR9h3X6Hkz17o5jVr9UNIqR8urQYXecFBN1ZoRCVy16g2yB6Ain%2F6oHEst89fwb77TsFvgd%2ByDOLlqUfjNsZg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa9babb511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/javascript_core/front_front_widgets.js?v=f71abd72281715218813&csrfKey=&antiCache=f71abd72281715218813

104.21.10.110

200 OK

17 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_core/front_front_widgets.js?v=f71abd72281715218813&csrfKey=&antiCache=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
JavaScript source, ASCII text, with very long lines (1733)
Size
17 kB (16561 bytes)
Hash
9e272c457e8ec0e369564c580ef9f882
007f62cf572d4c263b245ce6174989675fb5a9fc
a4156775c0f3a08ac4489f72566dd73853c7566c3e75e083d2d0acbf72acdbae

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_core/front_front_widgets.js?v=f71abd72281715218813&csrfKey=&antiCache=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:02 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:22:22 GMT
etag: W/"663c092e-40b1"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 568
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eqQY2PO%2BXQ5lMGWJ9HnEubeNDSubUgfvM23B4rbNNZmdc1aYBl%2B7B7Wu5SaCFIWvMq6u4RIMdd4zcyTCSgITsywP8AKl773ihWrB74RALRZzsdBRigUBpPMVXsxf5wzapt0LtA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e0cccccb511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

use.fontawesome.com/releases/v6.4.2/css/all.css

172.67.142.245

200 OK

102 kB

URL GET HTTP/2
use.fontawesome.com/releases/v6.4.2/css/all.css
IP
172.67.142.245:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerCloudflare, Inc.
Subjectuse.fontawesome.com
FingerprintCB:BE:6B:C4:5F:DF:18:7A:C3:AD:BF:6C:40:36:18:9F:E2:99:7F:78
ValidityThu, 12 Oct 2023 00:00:00 GMT - Thu, 10 Oct 2024 23:59:59 GMT

File type
ASCII text, with very long lines (52276)
Size
102 kB (102217 bytes)
Hash
5222e06b77a1692fa2520a219840e6be
8b4236206a8b86af3761a244277663046d7ff7ee
0934b1fc0d3a766d41d3adf5e7a115875e66e98ebba408d965a41cf3d2cb4ab5

HTTP Headers

GET /releases/v6.4.2/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: text/css
etag: W/"5222e06b77a1692fa2520a219840e6be"
last-modified: Fri, 22 Sep 2023 01:46:33 GMT
vary: Accept-Encoding
cache-control: max-age=31536000
cf-cache-status: HIT
age: 723553
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VSp6H7YYua94Kfzd5qmBwDkKo4rRW3acwpcM3Bkz00fntArHDcw6MMzUFFVYCeRAYhcPpk9NuPq%2Ft1PN77x0zvxHRvSwkfGkOqvkM9Yk6eCOWBltDdt6FVAmD7MNrKVwgBuonB3x"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 880e3dfeef8556ca-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

launcherleaks.net/uploads/monthly_2023_07/GABZ.thumb.png.01040cd3d4e5949cbb6c11a35aef72ba.png

104.21.10.110

200 OK

111 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2023_07/GABZ.thumb.png.01040cd3d4e5949cbb6c11a35aef72ba.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 500 x 244, 8-bit/color RGBA, non-interlaced
Size
111 kB (111050 bytes)
Hash
0a353c2beadfe58fbca87e98d9440755
0f9a01cac0ff93981d44b1ce212688fd58bcbd8c
29156be7b5e145a22ca03e8fec0cc2ba5270ac8d7452b4e4482eb2e0740b5f2b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2023_07/GABZ.thumb.png.01040cd3d4e5949cbb6c11a35aef72ba.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/png
content-length: 111050
last-modified: Mon, 05 Feb 2024 07:07:54 GMT
etag: "65c0894a-1b1ca"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fVs%2B0RWF0M1RqdfIQEhilID5c0nNSU8jb2yW9l9QYPfwr8Gk6n9hm7VLs5SjO6vw4JCpnT0VrWl9QU%2B2zgG9s4wuK4sBVtq6vhETLixwzEHfE4LgTLIMlEFBrBtncmHoa6z0fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f27b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/05e81b71abe4f22d6eb8d1a929494829_responsive.css?v=f71abd72281715210371

104.21.10.110

200 OK

36 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/05e81b71abe4f22d6eb8d1a929494829_responsive.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (36086), with no line terminators
Size
36 kB (36086 bytes)
Hash
6a6abd6eb83fe08b498b0fdcd470b9e6
cc38a66f61f7cb0c0bf4bcfb2067c34d0410b5d0
5008d5e9bd10eea3c48217fc3a797895a56aadb808b04dda8381dd35e6544f22

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/05e81b71abe4f22d6eb8d1a929494829_responsive.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-8cf6"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BIsaEQhGWkPqZ5IDSOMOX74u20GBHxYra6bUi7sE0Az0V%2BQF%2FRgLhQzM1AxNn0vT2XN97lCPcH0qm2twyE7RB1%2BbKD8PdEnoY1dmFcMOfKg54zkLVSWnrUz73dgx0yxHEDVXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa8ba2b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css?v=f71abd72281715210371

104.21.10.110

200 OK

5.1 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (5154), with no line terminators
Size
5.1 kB (5064 bytes)
Hash
13e9ca6da01b78cd4c466c067987386d
30f8913376f38cae8f022acdb5fa59cb1e01c350
a0574e732d420fe0518d65f9b289403deababc7fe421793cb8e68fc81e5e169c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/5a0da001ccc2200dc5625c3f3934497d_core_responsive.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-13c8"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LOJsHo7Cs8pn5R8ix87vWjGEQfkkCiRxqZnpd2zDoa4nU9ddKmRyAK3pBq8IH%2FZS%2B0x4u17P068RNPosBt9wQZDtVTqtoGq2ZkJWp3mSrf5LGveU8qjL5HCLVTvdAY2fzyqEWA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa9baab511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/ecf8cbf597c675f333fa61d7fe877660_widgets.css?v=f71abd72281715210371

104.21.10.110

200 OK

277 B

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/ecf8cbf597c675f333fa61d7fe877660_widgets.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with no line terminators
Size
277 B (277 bytes)
Hash
a375b3f0fae08440f22bcf1bfc025cba
a18d88403675ec7a8dd71a48eee37f4e245dbdff
cf35a9b2bbe2737ba157dd24de9e11e7a4e2216ed2c2f4542f2d3f83d0bee7d0

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/ecf8cbf597c675f333fa61d7fe877660_widgets.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:33 GMT
etag: W/"663c0885-115"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kKVvDIuc66DTAY6tuQ%2F4pUuQKYrab8I1KKjZEqeeewQmHSR7sfP%2FhbTwbOTms8bDVD6AvV0Oeq681bKyLFOj7eMTXquXuo2kn%2FR5%2Bi1QeOLWI5WaTTgl%2FhYBIJbS96BQoTW2KA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaabb3b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/set_resources_27/d3c5465b682b402f2e7fe6b8c4409085_swiper-bundle.min.css

104.21.10.110

200 OK

15 kB

URL GET HTTP/3
launcherleaks.net/uploads/set_resources_27/d3c5465b682b402f2e7fe6b8c4409085_swiper-bundle.min.css
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (14925)
Size
15 kB (15180 bytes)
Hash
a695c6b6c6a2d0e245136a61110d64ce
2b3d7aa150054e72098c83f6fe6dcad72944defb
172381b5313c5d1c2c9972f45e7e4c12f1a59c2f185cca365a8750dcea48acf6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/set_resources_27/d3c5465b682b402f2e7fe6b8c4409085_swiper-bundle.min.css HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:33 GMT
etag: W/"663c0885-3b4c"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6071
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fRHXo8TUSPPDHpwW0MEahh4TOiw5ktfv0D1YjNW163nWpKklq7Ekz5fzstWLVcVeJTbv47Q4v6g37DEG8VHWPIWvDgY3G4qLHE3E3Ei%2FDGd4kBUvDwYx3oNKV9AvyhS4kQ7v6A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaabb5b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/javascript_downloads/front_front_view.js?v=f71abd72281715218813

104.21.10.110

200 OK

4.4 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_downloads/front_front_view.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
JavaScript source, ASCII text, with very long lines (4427), with no line terminators
Size
4.4 kB (4382 bytes)
Hash
b21f7fe12f63c3f9e923ddf4b50318f6
fa6bbcc23164efc154682bdb588f51d711c0dcdd
3be7ba667b5c819266511385294c565527c129a904cee55a7128915211b2212c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_downloads/front_front_view.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:32 GMT
etag: W/"663c0884-111e"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 512
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qnI0kYHALHmFWtc9I11EvHk6aIz%2FUoHgdOGBuOCkea9dwZt0u8SqaN4RRMFAe6LnQILOCLzVSxUgtTzDfZS2Ua9LYVO6kxM7Pw0XZqnWh8OYfINSqaV77d%2BSajjr%2BAlz9QQ30w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaebd4b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

i.gifer.com/4bXG.webp

0.0.0.0

0 B

URL GET
i.gifer.com/4bXG.webp
IP
0.0.0.0:0
ASN
#0

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerLet's Encrypt
Subjectgifer.com
Fingerprint97:0F:D7:9D:0C:22:57:27:95:17:B5:9B:EF:86:BD:14:D6:D8:8E:57
ValidityFri, 26 Apr 2024 20:03:56 GMT - Thu, 25 Jul 2024 20:03:55 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /4bXG.webp HTTP/1.1
Host: i.gifer.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Thu, 09 May 2024 02:26:01 GMT
content-type: text/plain; charset=utf-8
last-modified: Mon, 06 Sep 2021 09:36:14 GMT
vary: Accept-Encoding
etag: W/"6135e10e-19566"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=604800
content-encoding: gzip
X-Firefox-Spdy: h2

launcherleaks.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js

104.21.10.110

200 OK

7.9 kB

URL GET HTTP/3
launcherleaks.net/cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
JavaScript source, ASCII text, with very long lines (7857), with no line terminators
Size
7.9 kB (7857 bytes)
Hash
17fb3c8eea7c6639268d36b67cb947c5
4fbdcb321b6a2b14caf4b38d5f8e7ad6d5b4f6a9
488c8245b7cef7f4d16a1727a7716641fa1f3876561bededbc8739ebc9346875

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/b/scripts/jsd/ce7818f50e39/main.js HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06; ips4_ipsTimezone=UTC; ips4_hasJS=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:02 GMT
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=l0hh%2BdctxoPKawhK9fD5zt65Za3fOnQkvnVANSmnJp0UYrFfH8pa0DSj3OiS95rWY2zvuTXjwgYgnyCv6JB3BPXPGIzi%2B3Pb5gt2YMeeySy%2BmN9LLchTvxKw97HaCq%2BfokUHOQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e0dfd37b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/49037c9bdbc019a877c9a3ae069caf24_v4-font-face.min.css?v=f71abd72281715210371

104.21.10.110

200 OK

2.1 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/49037c9bdbc019a877c9a3ae069caf24_v4-font-face.min.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (2118), with no line terminators
Size
2.1 kB (2094 bytes)
Hash
576d53e0821a4e4ca4ba6d10b34b39b1
37e395bc57aec465aab5d090b299566729cfc5b8
98b84137f060eebba72caea7bcec7a1e3b8e2b27fe712114200056fc2aed0fe6

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/49037c9bdbc019a877c9a3ae069caf24_v4-font-face.min.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-82e"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=x1LtlmjvOUi5Wf1kgkcjvptqnlGj0HmDkeLrJdOfuujv8sE39cyl2SHTHYnca8OVGukx7Zoy6jbvyqf%2Bfgq1e8eKVCCTIU7hUqvxdNFHEz4PwOTb8OYCpVqFEW8odHxTVtozvg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa9ba6b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

i.imgur.com/G9K4tiK.jpeg

151.101.236.193

200 OK

1.5 MB

URL GET HTTP/2
i.imgur.com/G9K4tiK.jpeg
IP
151.101.236.193:443
ASN
#54113 FASTLY

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerSectigo Limited
Subject*.imgur.com
Fingerprint39:5B:E1:0D:4A:FC:A4:C7:F3:71:DE:C4:5C:12:69:F9:5F:58:9F:42
ValidityThu, 15 Feb 2024 00:00:00 GMT - Fri, 14 Feb 2025 23:59:59 GMT

File type

Size
1.5 MB (1538268 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /G9K4tiK.jpeg HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/jpeg
last-modified: Fri, 03 May 2024 17:39:51 GMT
etag: "802b9c8b0ffb98bc3e0581d5d82cd10e"
x-amz-server-side-encryption: AES256
x-amz-cf-pop: JFK52-P4
x-amz-cf-id: Ca1MeoQ412LDupaS_om-dLT5rLuDQZ1aOQBeIzhu6Cb8AL8w2jUmtg==
cache-control: public, max-age=31536000
accept-ranges: bytes
age: 463569
date: Thu, 09 May 2024 02:26:00 GMT
x-served-by: cache-iad-kjyo7100048-IAD, cache-osl6524-OSL
x-cache: Miss from cloudfront, HIT, HIT
x-cache-hits: 43, 0
x-timer: S1715221561.933127,VS0,VE1
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 1538268
X-Firefox-Spdy: h2

launcherleaks.net/uploads/css_built_27/90eb5adf50a8c640f633d47fd7eb1778_core.css?v=f71abd72281715210371

104.21.10.110

200 OK

24 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/90eb5adf50a8c640f633d47fd7eb1778_core.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (24436), with no line terminators
Size
24 kB (24436 bytes)
Hash
b4a8b5b1d6079fd5b2bdb2a11e2ef329
1f4c5ad63df6a7b3dadfd6801e87d43356055e9e
52847b98c3ef06e9ea71a5f4e713bc5ca92ec1d59233c37663d00d9f16b21194

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/90eb5adf50a8c640f633d47fd7eb1778_core.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-5f74"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GLE5Jalks4DkrsMU3C9Irve7sP8c9YqzqP0OPJA1S9G7MiOMHwnuWu%2BvdVDQm248WzvJmEJJbGDUci4RJIxzkfIC73X9igL2rHC1wwa2%2F2P606BKnGUTxhcRl%2F911pnQYETlyg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa9ba9b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/javascript_core/plugins_plugins.js?v=f71abd72281715218813

104.21.10.110

200 OK

1.1 kB

URL GET HTTP/3
launcherleaks.net/uploads/javascript_core/plugins_plugins.js?v=f71abd72281715218813
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
JavaScript source, ASCII text, with very long lines (1085), with no line terminators
Size
1.1 kB (1070 bytes)
Hash
a3a3b439d522bbb2006fcebe7b4258dc
e6afd992d4ffeba64c6ce056d394c130014856eb
ca1aecb3a408053150bdbfa325c0c8c19b7a9f2fac2e51a88c82748de03e0989

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/javascript_core/plugins_plugins.js?v=f71abd72281715218813 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: application/javascript
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-42e"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4mKbqbTQaYDgysoCtlc3bvN0p7uHMMw71DNKtB%2Bi%2FvOiqPSh9g%2FvNPgFGbRzybrsUU3Rd2PcQV43yg2tE0blKA9xqMX8NCHwdkQBi8qWNxqVIZ5c7mQxkTIO9Y6RSrH4iWH2pQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfadbceb511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap

142.250.74.106

200 OK

12 kB

URL GET HTTP/2
fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint36:49:20:36:0C:4D:DA:55:65:64:23:0F:49:3E:FA:78:87:35:A3:79
ValidityTue, 16 Apr 2024 04:17:12 GMT - Tue, 09 Jul 2024 04:17:11 GMT

File type
ASCII text
Size
12 kB (12070 bytes)
Hash
fa399c57b8f59144c0b18302c33dfea5
6d420f186305a23da0e971a03d14d76d988bb56c
00008d2a6bb44551ff155148e5fedbcc0fdf8d710d908581fdf04dd96dfb31ca

HTTP Headers

GET /css2?family=Inter:wght@300;400;500;600;700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 09 May 2024 02:26:00 GMT
date: Thu, 09 May 2024 02:26:00 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

launcherleaks.net/uploads/monthly_2022_07/4b830b-JPC2.thumb.png.c36755574da3a12a95dd13d061728c79.png

104.21.10.110

200 OK

270 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2022_07/4b830b-JPC2.thumb.png.c36755574da3a12a95dd13d061728c79.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 500 x 282, 8-bit/color RGBA, non-interlaced
Size
270 kB (270042 bytes)
Hash
a84983e7de83ac79a074337d38f30315
d073b42584d4d7605ff292de9603796654d2d3e8
3554e1bf917ec7d6cd136f8f7cca4614a0082ae9dae39045dac38f36aae93e21

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2022_07/4b830b-JPC2.thumb.png.c36755574da3a12a95dd13d061728c79.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/png
content-length: 270042
last-modified: Mon, 05 Feb 2024 05:48:32 GMT
etag: "65c076b0-41eda"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 6072
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hl1DkQs0aZy4rkVoaeIt7zP6Sz4OFzwB%2FRnCzQ5H%2BD8yoRD8LcxtLYI6xUs4BcantlmSc8Jgj4PBKV3lnmPuxxLHDxtxYz4%2Fn0YkUS4GS7AWfUgHRLcVuO%2BiFV67dRLclRT0Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f34b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/20e9fb241d987e07d4fc702c601c3ed8_downloads_responsive.css?v=f71abd72281715210371

104.21.10.110

200 OK

934 B

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/20e9fb241d987e07d4fc702c601c3ed8_downloads_responsive.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (944), with no line terminators
Size
934 B (934 bytes)
Hash
fe5ac1a4ab4caea663a65254c9c964cf
f47bb77e21cc6cc7f5ac57f69ea00f1d3a59fcfc
d306fddb662c56c73a09b45ffd3abaea135ed7312932c422817ce3aeb36706b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/20e9fb241d987e07d4fc702c601c3ed8_downloads_responsive.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:31 GMT
etag: W/"663c0883-3a6"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bXt2bzizIGURTkBe6ec%2BeQ5ATc81oNyfQfgb1DLie012sAImK7oXYK1MfpKU9mXJugOlbBNi0NZqzRYvZW9fld0qkTFgSEsIthpPWYIXKqfQAjiXhuDqHh8WUPdgGISgRfZD3g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaabb2b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/monthly_2023_03/Glock_Quad_a323ec42-66cc-45c8-ae6f-52fcd45f2f0a_1800x1800_result.thumb.png.997f58c133dcb299d8fe1b18de6b4e19.png

104.21.10.110

200 OK

168 kB

URL GET HTTP/3
launcherleaks.net/uploads/monthly_2023_03/Glock_Quad_a323ec42-66cc-45c8-ae6f-52fcd45f2f0a_1800x1800_result.thumb.png.997f58c133dcb299d8fe1b18de6b4e19.png
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
PNG image data, 475 x 500, 8-bit/color RGBA, non-interlaced
Size
168 kB (168461 bytes)
Hash
7a5d9be31cd29be40a6c3b8430e7c444
41e3170594dd57b4d171d51742d76c55045d1006
d154114095070f4b1b5e1c9ae923b18842302262977ddcfb9db7c895564734e2

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/monthly_2023_03/Glock_Quad_a323ec42-66cc-45c8-ae6f-52fcd45f2f0a_1800x1800_result.thumb.png.997f58c133dcb299d8fe1b18de6b4e19.png HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:26:00 GMT
content-type: image/png
content-length: 168461
last-modified: Mon, 05 Feb 2024 05:39:34 GMT
etag: "65c07496-2920d"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QVCvcYRUz54Rbeoabm2Vc8GKtSOVz1QOKAgMzmfH6fr%2FdZqYCXYyuiHRblxJ77OJd%2FSpVIvWtYT2mf2lsj7NBkWZ3uOKWA%2BhgdVkC%2FvnQtksZoJ5bDf3P1hBZw9gCdLOktq0yg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3e038f31b511-OSL
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/223ae211f0236ea36ac9f7bf920a797a_all.min.css?v=f71abd72281715210371

104.21.10.110

200 OK

104 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/223ae211f0236ea36ac9f7bf920a797a_all.min.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
104 kB (104228 bytes)
Hash
8f831a00b4c0f816068ef1775065eab2
87e4fae3b70ecc397b6470db7058d8b9eb44f5eb
12b099a71039ac4e7c5dec4d9cb9f715649e1eecfd5131f11a7a8d91e170de81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/223ae211f0236ea36ac9f7bf920a797a_all.min.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:33 GMT
etag: W/"663c0885-19724"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 3635
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YnRy8ucHEm2eXusqPA1dXMdrx5Ld7V5hvPRILSzgcJFrlaEDXgqY0K%2FuOcnYM0K%2BFBjtfHLn9y83zYcUu9vVdr%2FU27GFEs3kq2X%2FRuBSv0e3gklu4pLaUh4BsOeomZM3A30%2FWw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfa8ba3b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

launcherleaks.net/uploads/css_built_27/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=f71abd72281715210371

104.21.10.110

200 OK

24 kB

URL GET HTTP/3
launcherleaks.net/uploads/css_built_27/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=f71abd72281715210371
IP
104.21.10.110:443
ASN
#13335 CLOUDFLARENET

Requested by
https://launcherleaks.net/file/12769-mustang-gt-wafflez/
Certificate
IssuerGoogle Trust Services LLC
Subjectlauncherleaks.net
FingerprintC8:F4:AA:45:F3:C7:2D:87:DA:73:E8:DD:0F:EF:6E:D9:A4:31:C3:5E
ValidityMon, 06 May 2024 19:16:17 GMT - Sun, 04 Aug 2024 19:16:16 GMT

File type
ASCII text, with very long lines (23709), with no line terminators
Size
24 kB (23709 bytes)
Hash
bf28efbd565f583f0153cdfa20ccfcb6
a722574c1dcc18700be4f17289a4cd5c206ef63d
0629f57c0d3c375834b1828df484e0853afd113c4863d62cd5ab34b2f2e0e116

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/css_built_27/258adbb6e4f3e83cd3b355f84e3fa002_custom.css?v=f71abd72281715210371 HTTP/1.1
Host: launcherleaks.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://launcherleaks.net/file/12769-mustang-gt-wafflez/
DNT: 1
Connection: keep-alive
Cookie: ips4_IPSSessionFront=tq1i2c8ev2ao8sp1ccutqjua06
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Thu, 09 May 2024 02:25:59 GMT
content-type: text/css
last-modified: Wed, 08 May 2024 23:19:33 GMT
etag: W/"663c0885-5c9d"
strict-transport-security: max-age=15768000; includeSubDomains;
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
cache-control: max-age=14400
cf-cache-status: HIT
age: 569
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QZsa9IQWkYPhm0%2FyfMdfMftcRWN7Ff3RLSDKVUTtbBOSzkrVJPWvTjhVjWmIv1Ix%2BDYIwahsJnTnK%2BJ1ythty5Ay7agyqC0kcNiVJ%2B8A9BFENqt1zc3GGIWoeprUGqnrz%2FeZog%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 880e3dfaabb4b511-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (27)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash