Report - leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/

Report Overview

Submitted URL
leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
IP
198.54.114.173
ASN
#22612 NAMECHEAP-NET
Submitted
2023-01-28 20:26:31
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.blogger.com	8975	2012-05-22T09:35:03Z	2023-03-13T05:09:21Z	1.2 kB	16 kB	142.250.74.41
cdn.creative-bars1.com	unknown	2022-11-15T17:46:22Z	2023-03-13T05:15:48Z	1.8 kB	76 kB	172.64.167.9
simplewebanalysis.com	unknown	2022-02-25T05:06:25Z	2023-03-13T08:33:39Z	774 B	812 B	35.156.167.37
cdn.barscreative1.com	25648	2021-09-16T13:14:42Z	2023-03-13T08:33:41Z	445 B	1.4 kB	45.133.44.4
i9.ytimg.com	2370	2017-01-30T06:14:04Z	2023-03-10T13:33:10Z	470 B	8.7 kB	142.250.74.174
pl17835293.highcpmrevenuenetwork.com	unknown			414 B	14 kB	173.233.137.52
e1.o.lencr.org	6159	2021-08-20T09:36:30Z	2023-03-13T05:21:46Z	1.7 kB	3.6 kB	23.36.76.226
cdn.cloudimagesb.com	23099	2021-02-12T17:15:41Z	2023-03-13T05:15:48Z	401 B	12 kB	45.133.44.10
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-13T08:28:24Z	383 B	45 kB	142.250.74.72
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	429 B	913 B	142.250.74.35
banquetunarmedgrater.com	unknown	2022-08-04T17:12:50Z	2023-03-13T05:26:56Z	372 B	327 B	173.233.137.60
unseenreport.com	unknown	2022-03-30T16:33:17Z	2023-03-13T05:15:47Z	1.4 kB	846 B	192.243.59.20
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	501 B	46 kB	216.58.207.227
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
learningsmag.site	unknown	2022-04-08T17:03:25Z	2023-01-26T09:09:24Z	441 B	13 kB	63.250.38.14
tragicbeyond.com	unknown	2023-01-23T03:43:11Z	2023-03-03T05:58:06Z	4.7 kB	7.5 kB	192.243.61.225
leakedtv.wiki	unknown	2023-01-21T14:52:38Z	2023-01-28T21:26:12Z	8.3 kB	401 kB	198.54.114.173
ocsp.sectigo.com	487	2019-11-29T12:50:24Z	2023-03-13T08:22:43Z	680 B	1.9 kB	172.64.155.188
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-13T07:36:03Z	370 B	21 kB	142.250.74.110
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.7 kB	9.7 kB	23.36.76.226
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.42.157.160
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	410 B	1.9 kB	142.250.74.106
friendshipmale.com	unknown	2022-10-21T14:15:25Z	2023-03-13T08:33:43Z	358 B	29 kB	172.64.140.24
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	64 kB	34.120.237.76
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	3.8 kB	7.7 kB	142.250.74.131
pl17835292.highcpmrevenuenetwork.com	unknown			414 B	21 kB	192.243.59.13
ocsp.sca1b.amazontrust.com	1015	2017-03-03T16:20:51Z	2019-03-27T05:05:54Z	700 B	1.9 kB	54.230.245.100
nudgeworry.com	unknown	2023-01-18T05:43:41Z	2023-03-12T01:04:15Z	439 B	467 B	192.243.61.227
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	friendshipmale.com/sfp.js	Malware
2023-01-28	medium	cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	highcpmrevenuenetwork.com	Sinkholed
2023-01-28	medium	highcpmrevenuenetwork.com	Sinkholed
2023-01-28	medium	nudgeworry.com	Sinkholed
2023-01-28	medium	banquetunarmedgrater.com	Sinkholed
2023-01-28	medium	tragicbeyond.com	Sinkholed
2023-01-28	medium	tragicbeyond.com	Sinkholed
2023-01-28	medium	unseenreport.com	Sinkholed
2023-01-28	medium	unseenreport.com	Sinkholed
2023-01-28	medium	tragicbeyond.com	Sinkholed
2023-01-28	medium	tragicbeyond.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/	2.1 kB	2023-03-13	2023-03-13
Pretty URL leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/ IP 198.54.114.173 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:13:52 Last Seen2023-03-13 10:13:52 Times Seen1 Hash 1605e3e8ffa0fe316a0a3a381eda29e1 cc0b87abe7ceaa6259ebf2e65ed4987033a05b5e b759a062d55fef0a11f7d3643d4711833d0a8e0d3411f01e81ae746f843c3999 Loading...

	leakedtv.wiki/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2	37 kB	2023-03-07	2024-05-05
Pretty URL leakedtv.wiki/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2 IP 198.54.114.173 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:25:46 Last Seen2024-05-05 20:30:08 Times Seen378 Hash e6dc1776b411890b7c8d91a0f64573df 9a62d6beef54462c393b94140a9320858121508e 07a442bcbe2faa41bf1f585c7c772be2a8918f9afd0f5526eb4956562d5e6f8c Loading...

	leakedtv.wiki/wp-includes/js/comment-reply.min.js?ver=6.1.1	3.0 kB	2023-03-07	2024-05-11
Pretty URL leakedtv.wiki/wp-includes/js/comment-reply.min.js?ver=6.1.1 IP 198.54.114.173 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-11 00:45:15 Times Seen30007 Hash 492f2c1a7ea7eb83fe42e0ff7cb51aa2 db36a77f6aaa2063bfbec02c2c0e967438c5a245 e174a58a503ab84b3d1b9de12fd3895788204485170f1289e445f7b5b98ec789 Loading...

	www.blogger.com/video.g?token=AD6v5dwq9AIf86_YMAJSmW-5fWpR21LCADsGr7FyhOamQhyU-IShU1RGZ6p-zYgT1-oiWVj6T22VQtMFfhM0dF5-MDAPJs2jFy-beVqrCdGENG13gVcpuo43Sjj4yAcO1g_w4Ff6IwJm	918 B	2023-03-13	2023-03-13
Pretty URL www.blogger.com/video.g?token=AD6v5dwq9AIf86_YMAJSmW-5fWpR21LCADsGr7FyhOamQhyU-IShU1RGZ6p-zYgT1-oiWVj6T22VQtMFfhM0dF5-MDAPJs2jFy-beVqrCdGENG13gVcpuo43Sjj4yAcO1g_w4Ff6IwJm IP 142.250.74.41 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:13:52 Last Seen2023-03-13 10:13:52 Times Seen1 Hash aa6bd363ffe07503e0a9e5e7f6546a9d 1a95d1607c0952dee558154d0ec937fbabf454f9 61f7e7ffa02035df21f2e9ff2fe482bd3658284392c951cf64191d39ae6906ca Loading...

	leakedtv.wiki/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-05-10
Pretty URL leakedtv.wiki/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 198.54.114.173 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-05-10 20:32:53 Times Seen38257 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	http:blank	602 B	2023-03-13	2023-03-13
Pretty URL http:blank IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:13:52 Last Seen2023-03-13 10:13:52 Times Seen1 Hash c579cf7a8cca4dd1d3fdd0246d47a5d4 c06a2e4ae497b43c1f2baaef8190034fa51e49ad 923bfb9cd22e464206ba1d17dd31b33652387841e3945193f9e6718014a0bc74 Loading...

	pl17835293.highcpmrevenuenetwork.com/24/fd/e6/24fde6f8708170a25aa5d95ee5819700.js	37 kB	2023-03-13	2023-03-13
Pretty URL pl17835293.highcpmrevenuenetwork.com/24/fd/e6/24fde6f8708170a25aa5d95ee5819700.js IP 173.233.137.52 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:13:52 Last Seen2023-03-13 10:13:52 Times Seen1 Hash 2a914d32935c34f9e6d17967170caf62 6a30a141f59e52662bbf021d508d780c70d857cb 591dbd39c3197297b8ac0cc94179dba94a8aef8d512335a9c52696d4aec6aa40 Loading...

	pl17835292.highcpmrevenuenetwork.com/5c/f5/74/5cf5749cd6d7a180a9ba37606a803c70.js	60 kB	2023-03-13	2023-03-13
Pretty URL pl17835292.highcpmrevenuenetwork.com/5c/f5/74/5cf5749cd6d7a180a9ba37606a803c70.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:13:52 Last Seen2023-03-13 10:13:52 Times Seen1 Hash 53d4b239907d76b2655f2450699a46a2 907440e8ab61dba5e3df8eca20b2bcc7be1de63c e6004871b435c36aeca8e444902792d030ec496efc0d331b4cc41aeb6f90bb82 Loading...

	leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/	155 B	2023-03-13	2023-03-13
Pretty URL leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/ IP 198.54.114.173 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:13:52 Last Seen2023-03-13 10:13:52 Times Seen1 Hash 8d283762e8f46dd13c37a7aa41ce6967 3084bb0ec24d7b5c8ae9a7e0f2f2d6ed7e119bde 8ba8854210999d1261b4134bb5807b13848a523b9c741321285119b12b082b3f Loading...

	www.googletagmanager.com/gtag/js?id=UA-139147405-2	113 kB	2023-03-13	2023-03-13
Pretty URL www.googletagmanager.com/gtag/js?id=UA-139147405-2 IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:13:52 Last Seen2023-03-13 10:13:52 Times Seen1 Hash ebe975193ec8fc97752bc0b54673942c 6ecbb343357f19fe5fd74b1b7d00919293a969a2 6d285c3777a7ba3a1f7b5085999259d4e15274cd30c6b6f5f04df72c82301cce Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.110 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	banquetunarmedgrater.com/advertisers.js	0 B	2023-03-07	2024-05-11
Pretty URL banquetunarmedgrater.com/advertisers.js IP 173.233.137.60 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 00:48:17 Times Seen37532177 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	leakedtv.wiki/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-05-10
Pretty URL leakedtv.wiki/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 198.54.114.173 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-05-10 23:44:41 Times Seen32026 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	leakedtv.wiki/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-05-10
Pretty URL leakedtv.wiki/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 198.54.114.173 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-05-10 21:46:47 Times Seen69211 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	www.blogger.com/static/v1/jsbin/159429368-video_compiled.js	36 kB	2023-03-09	2023-03-14
Pretty URL www.blogger.com/static/v1/jsbin/159429368-video_compiled.js IP 142.250.74.41 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 14:31:39 Last Seen2023-03-14 05:17:32 Times Seen1 Hash d42af69a447282bea6dbdcc30a8b9cd9 a8e2a054d89717e6e3c33a53476d4865c445d0c3 a2b19f0b1c5e36b825c925b3b99225473c6908b95b1295f767efe58cb75ccc73 Loading...

HTTP Transactions (85)

URL IP Response Size

leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/

198.54.114.173

301 Moved Permanently

707 B

URL HTTP/1.1
leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size
707 B (707 bytes)
Hash
1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

HTTP Headers

GET /2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/ HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sat, 28 Jan 2023 20:26:20 GMT
server: LiteSpeed
location: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8861
Expires: Sat, 28 Jan 2023 22:54:01 GMT
Date: Sat, 28 Jan 2023 20:26:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8077
Expires: Sat, 28 Jan 2023 22:40:57 GMT
Date: Sat, 28 Jan 2023 20:26:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3196
Expires: Sat, 28 Jan 2023 21:19:36 GMT
Date: Sat, 28 Jan 2023 20:26:20 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 28 Jan 2023 19:35:31 GMT
content-type: application/json
age: 3049
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: RChlqzyUFHDYdWggqLQhVRMun5LJux9PIOvGk+a7hxje5ypdRwTTYkaY3gDYVOWolrzVVBod45I=
x-amz-request-id: VPV01BA8DEM7NJ2K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 28 Jan 2023 20:21:06 GMT
age: 314
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 28 Jan 2023 20:26:20 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
54489f6be55b8fc81c039de2e07dd330
69010326a2497b09d8510734915e92b91008082d
331e0be460da2d5a351a610860694041bcbac3fd5ea25ddf4032115d5571f729

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:26:20 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Fri, 27 Jan 2023 00:42:06 GMT
Expires: Fri, 03 Feb 2023 00:42:05 GMT
Etag: "69010326a2497b09d8510734915e92b91008082d"
Cache-Control: max-age=446744,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790c7667ecf40b39-OSL

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 28 Jan 2023 19:49:03 GMT
age: 2237
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7561
Expires: Sat, 28 Jan 2023 22:32:22 GMT
Date: Sat, 28 Jan 2023 20:26:21 GMT
Connection: keep-alive

leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/

198.54.114.173

200 OK

9.8 kB

URL HTTP/2
leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381), with CRLF, LF line terminators
Size
9.8 kB (9801 bytes)
Hash
8b83c045d79383c3203eccd7a185b5ab
7284e176938fe614a7f1ffd1113ea9bed660e12d
83af2060e663141ea79f2ff85946e63c15c559c737913758ea420a7201531aab

HTTP Headers

GET /2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/ HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
x-pingback: https://leakedtv.wiki/xmlrpc.php
link: <https://leakedtv.wiki/wp-json/>; rel="https://api.w.org/", <https://leakedtv.wiki/wp-json/wp/v2/posts/111>; rel="alternate"; type="application/json", <https://leakedtv.wiki/?p=111>; rel=shortlink
etag: "2039-1674912234;br"
x-litespeed-cache: hit
content-encoding: br
vary: Accept-Encoding
content-length: 9801
date: Sat, 28 Jan 2023 20:26:20 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bab8a4c1e6bb2e6c9cc00222eef1235d
1a5dd108e9f9aaf33bc048b0097a9f510d295cad
fd182297a143655a9142e3ee5bbafefd76ca974094f43fb695611f6876f3ab63

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-139147405-2

142.250.74.72

200 OK

44 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-139147405-2
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1759)
Size
44 kB (44022 bytes)
Hash
4a15f959b9770445a0cb0b4db3cd02a0
849474ff3bf5b8b8a3bacd87b9fb4bdcb460a1ac
b03a5148590449ec3650ab82265eae6b7b988615e36db7a7eb06d63962096ad8

HTTP Headers

GET /gtag/js?id=UA-139147405-2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 28 Jan 2023 20:26:21 GMT
expires: Sat, 28 Jan 2023 20:26:21 GMT
cache-control: private, max-age=900
last-modified: Sat, 28 Jan 2023 18:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44022
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

leakedtv.wiki/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

198.54.114.173

200 OK

12 kB

URL HTTP/2
leakedtv.wiki/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (47826)
Size
12 kB (11616 bytes)
Hash
c4d7cc056b49b00e05cc29cc59aa3d5a
48c426bec60099d2a8628df430ed682c72aab42a
8009c12f2674a8d38401f4b5faad1fef2cfcd18a8c927ed2561ae9d7de9b57b5

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: text/css
last-modified: Sat, 12 Nov 2022 01:26:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11616
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

leakedtv.wiki/wp-includes/css/classic-themes.min.css?ver=1

198.54.114.173

200 OK

217 B

URL HTTP/2
leakedtv.wiki/wp-includes/css/classic-themes.min.css?ver=1
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
217 B (217 bytes)
Hash
95e891f28e44a9b314c09545d86be2b7
f9b13a8bd47273b086a0a07df15f314e0af0bc3e
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: text/css
last-modified: Tue, 25 Oct 2022 23:15:16 GMT
accept-ranges: bytes
content-length: 217
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

push.services.mozilla.com/

52.42.157.160

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.42.157.160:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5OoWF77CBR2qRDnQu4IeaA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +lRVzFDjGUbFIdGg1I8u48L04sU=

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
36147c185553851c38547798733a9fb2
912ec40237eae2ed558d09103c86c41f87896eca
a4fd9090983c75e1b7faf5ea9439532f51d747faf1853138ac13bdaafa490246

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:21 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

leakedtv.wiki/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2

198.54.114.173

200 OK

8.8 kB

URL HTTP/2
leakedtv.wiki/wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (739)
Size
8.8 kB (8842 bytes)
Hash
b4588be584fdfc6f3c8997ce49940a0f
f1b50682d29aa349889fea0469a12ed31deb25cb
c609f96251492512f62d975430d7d977a812b78031dad2797d12dbdf34d562db

HTTP Headers

GET /wp-content/themes/mh-magazine-lite/style.css?ver=2.9.2 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: text/css
last-modified: Sat, 21 Jan 2023 15:05:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 8842
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600

142.250.74.106

200 OK

1.3 kB

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,400italic,700,600
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.3 kB (1306 bytes)
Hash
2cfd7431b97bc4a85704670c439c7067
60303a51b3759652211520fac27cf84dcdafe212
7235343fdccac3fa67b6f8c49005e2c5a6bd774e4f7c9d0dcc1a7498f238d385

HTTP Headers

GET /css?family=Open+Sans:400,400italic,700,600 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 28 Jan 2023 20:26:21 GMT
date: Sat, 28 Jan 2023 20:26:21 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.sectigo.com/

172.64.155.188

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
008a013488846c9ff5abc7057a0ff849
49a7ca492df400c0c28d1f17416f241d1d0ee328
7d22a164eb47e604a7209b6a2057cecd824c8d8a26c759bae692afebfd8e3fe3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 28 Jan 2023 20:26:21 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 07:46:21 GMT
Expires: Thu, 02 Feb 2023 07:46:20 GMT
Etag: "49a7ca492df400c0c28d1f17416f241d1d0ee328"
Cache-Control: max-age=385798,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 790c766daaac0b39-OSL

leakedtv.wiki/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css

198.54.114.173

200 OK

6.7 kB

URL HTTP/2
leakedtv.wiki/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (30837)
Size
6.7 kB (6658 bytes)
Hash
97c6ce9b4936f66aa388ad33c39aba2d
3f14a7e78fbb4935cf35c20779dc2035531849a9
1eea453c424793fc56ef14093c10b373e3ca8388a70e847394e8084048c5ce38

HTTP Headers

GET /wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: text/css
last-modified: Sat, 21 Jan 2023 15:05:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 6658
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

leakedtv.wiki/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

198.54.114.173

200 OK

30 kB

URL HTTP/2
leakedtv.wiki/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65447)
Size
30 kB (30324 bytes)
Hash
3a1740685bd5c0bbd5f2b812e1eb7fb4
488e07695da787fed18361c50292aef35abb5e81
4a07aed2d8cf88afdec0b56b365b951c76d387db3459166b5a0d25e2e6cc95ef

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: application/javascript
last-modified: Mon, 19 Sep 2022 23:46:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 30324
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

leakedtv.wiki/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

198.54.114.173

200 OK

4.0 kB

URL HTTP/2
leakedtv.wiki/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (11126)
Size
4.0 kB (3995 bytes)
Hash
7e058b51f939eacfa31cdface14dded5
9d732e5afdeb42edef9e1b9631b7e95e054787cc
4ece5b00423755d8f4121ce382c8ea4dc44c241f28f150abe19caa85d0b0acc1

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: application/javascript
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 3995
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

leakedtv.wiki/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2

198.54.114.173

200 OK

11 kB

URL HTTP/2
leakedtv.wiki/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (21960)
Size
11 kB (11268 bytes)
Hash
2eadad08e686f6256300f68abbc9e781
79d828e10925973c9d60cc8465971233e0abdbba
11bc9f9824f106fcd705a41ffad0ec8ab8d6515ee403b9b0e4de85545acbcea7

HTTP Headers

GET /wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.9.2 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: application/javascript
last-modified: Sat, 21 Jan 2023 15:05:38 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 11268
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

pl17835293.highcpmrevenuenetwork.com/24/fd/e6/24fde6f8708170a25aa5d95ee5819700.js

173.233.137.52

200 OK

13 kB

URL HTTP/1.1
pl17835293.highcpmrevenuenetwork.com/24/fd/e6/24fde6f8708170a25aa5d95ee5819700.js
IP
173.233.137.52:0
ASN
#7979 SERVERS-COM

File type
ASCII text, with very long lines (37119), with no line terminators
Size
13 kB (13401 bytes)
Hash
490182df56cc59df6e5008b054a3c5f7
399eef67366544f405e019d9143ba8879b4acf21
3b9e4289508f55699d9abf0b43ec6d489ad5222c13c7ee4fc9435427188eabe6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /24/fd/e6/24fde6f8708170a25aa5d95ee5819700.js HTTP/1.1
Host: pl17835293.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Jan 2023 20:26:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 9d70e712f051c1e8a49e473025224ec4
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

pl17835292.highcpmrevenuenetwork.com/5c/f5/74/5cf5749cd6d7a180a9ba37606a803c70.js

192.243.59.13

200 OK

21 kB

URL HTTP/1.1
pl17835292.highcpmrevenuenetwork.com/5c/f5/74/5cf5749cd6d7a180a9ba37606a803c70.js
IP
192.243.59.13:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document, ASCII text, with very long lines (60127), with no line terminators
Size
21 kB (20699 bytes)
Hash
971950dbe2283c320c1eea0aa72541c6
110fbfa95149fc6de13c317f5c5ff0fb877476b9
85a187dbc9a801b7dcf300a225e4313a95563359ec9f845f07ff2ed079ef64d8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /5c/f5/74/5cf5749cd6d7a180a9ba37606a803c70.js HTTP/1.1
Host: pl17835292.highcpmrevenuenetwork.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.6
Date: Sat, 28 Jan 2023 20:26:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 82fb82b73c045c787905a1b83dd62d28
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

learningsmag.site/wp-content/uploads/2023/01/learningsamg.site-50-min.jpg

63.250.38.14

200 OK

12 kB

URL HTTP/2
learningsmag.site/wp-content/uploads/2023/01/learningsamg.site-50-min.jpg
IP
63.250.38.14:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x281, components 3\012- data
Size
12 kB (12498 bytes)
Hash
1eb44f9cd060e49d9dc88c01c842ef2d
055c75435d2a1c75455230d84a7a2abdcc81d8aa
6670a453d85478d925ffda09f03448b2b37a3b26e26b9ed10c30b26f52f22f84

HTTP Headers

GET /wp-content/uploads/2023/01/learningsamg.site-50-min.jpg HTTP/1.1
Host: learningsmag.site
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: image/jpeg
last-modified: Wed, 25 Jan 2023 19:13:16 GMT
accept-ranges: bytes
content-length: 12498
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2

leakedtv.wiki/wp-includes/js/comment-reply.min.js?ver=6.1.1

198.54.114.173

200 OK

1.2 kB

URL HTTP/2
leakedtv.wiki/wp-includes/js/comment-reply.min.js?ver=6.1.1
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (2946)
Size
1.2 kB (1228 bytes)
Hash
7d8acf37582bf5212cbf4e31105de2ac
19581f31ceed66b11804eb6a2b3d00d43f73f071
d48d28cdb9d3dd8b812129663e5cc8b373b67629e2e65988d2b274960f7b847f

HTTP Headers

GET /wp-includes/js/comment-reply.min.js?ver=6.1.1 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: application/javascript
last-modified: Sat, 09 Apr 2022 05:37:18 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 1228
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

leakedtv.wiki/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

198.54.114.173

200 OK

4.6 kB

URL HTTP/2
leakedtv.wiki/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (15660)
Size
4.6 kB (4619 bytes)
Hash
0232689bd203f330529b36a437f41a68
9046583f7469ad38297969f10a9513eb895d5316
feea9f30a6e454579bbeabf236b7abdb0c7de84dd2852422555ad67348c5e886

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: application/javascript
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 4619
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
446d71a92d12e6dcfc6f54397182f838
fefa6767a1e9afae573295a29982e4bc16729d56
aa26efff443b4e82e95c672d619c0ae11c8dac839ab9452a7cc033907f9fcbbc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
9529cb693cf315558319c1184da0abfe
4a487d37fbe9a6dfa0c4f37762092a2eaf009de8
f8553cb6a69d53d3317428d7e79e2670d235ac15444b297a95a3a46057f2363d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F8553CB6A69D53D3317428D7E79E2670D235AC15444B297A95A3A46057F2363D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2495
Expires: Sat, 28 Jan 2023 21:07:57 GMT
Date: Sat, 28 Jan 2023 20:26:22 GMT
Connection: keep-alive

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.227

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.227:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leakedtv.wiki
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 437621
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

leakedtv.wiki/wp-content/uploads/2023/01/1-29-678x381.png

198.54.114.173

200 OK

214 kB

URL HTTP/2
leakedtv.wiki/wp-content/uploads/2023/01/1-29-678x381.png
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 678 x 381, 8-bit/color RGBA, non-interlaced\012- data
Size
214 kB (214332 bytes)
Hash
83bcdeacdd2e656858983b02d7b53583
557f18a049b86b9da73fc5da606e2c30ed10134f
513d0f956bee8a0d3517f58c76e8f19adac07b817b31c62e4f0647c76375f606

HTTP Headers

GET /wp-content/uploads/2023/01/1-29-678x381.png HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:21 GMT
content-type: image/png
last-modified: Wed, 25 Jan 2023 23:05:36 GMT
accept-ranges: bytes
content-length: 214332
date: Sat, 28 Jan 2023 20:26:21 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c2d37fd4f1678643fc9f53dd026cd7e3
1dd8510cd853835d82892664350acccfc6715f16
6506e317135169829b64f503a456bdd7d1a28dab8985bf20c2c5534d033779af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sat, 28 Jan 2023 20:26:22 GMT
Last-Modified: Sat, 28 Jan 2023 19:19:56 GMT
Server: ECS (bsa/EB23)
X-Cache: Miss from cloudfront
Via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: JWH2Op2_hCUTEbrusHvF7cWPHLezuOYCaMqTjTqEPFq2Obcr9hQNQQ==
Age: 3986

ocsp.sca1b.amazontrust.com/

54.230.245.100

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.100:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c2d37fd4f1678643fc9f53dd026cd7e3
1dd8510cd853835d82892664350acccfc6715f16
6506e317135169829b64f503a456bdd7d1a28dab8985bf20c2c5534d033779af

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=151142
Date: Sat, 28 Jan 2023 20:26:22 GMT
Etag: "63d5239a-1d7"
Expires: Mon, 30 Jan 2023 14:25:24 GMT
Last-Modified: Sat, 28 Jan 2023 13:31:06 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 09ae414c9d6c5323d5147457ada70ec6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: U9MyTkGa8sjOuqy46b0fcADRrlASDDv8J93qZpNlqBlIn6rDpks1Lg==
Age: 3258

simplewebanalysis.com/stats

35.156.167.37

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.156.167.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
169b3217a53aac31e11179ba683a087e
0c59e9cb5416b48abaed9fe0440caeef4b0df305
50ab36d5af6adc970583cb4cd4b4fb0ec7b6a25c66fa4e45bbd85f271c6c04d0

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakedtv.wiki
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://leakedtv.wiki
access-control-allow-credentials: true
set-cookie: uid_id2=b8e6e8a1-4bbf-479d-bcaf-820fc5a0f276:1:1; expires=Tue, 25 Jan 2033 20:26:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.blogger.com/video.g?token=AD6v5dwq9AIf86_YMAJSmW-5fWpR21LCADsGr7FyhOamQhyU-IShU1RGZ6p-zYgT1-oiWVj6T22VQtMFfhM0dF5-MDAPJs2jFy-beVqrCdGENG13gVcpuo43Sjj4yAcO1g_w4Ff6IwJm

142.250.74.41

200 OK

1.2 kB

URL HTTP/2
www.blogger.com/video.g?token=AD6v5dwq9AIf86_YMAJSmW-5fWpR21LCADsGr7FyhOamQhyU-IShU1RGZ6p-zYgT1-oiWVj6T22VQtMFfhM0dF5-MDAPJs2jFy-beVqrCdGENG13gVcpuo43Sjj4yAcO1g_w4Ff6IwJm
IP
142.250.74.41:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (910)
Size
1.2 kB (1235 bytes)
Hash
1ad2f157d087868ee97058d69b701b3f
e1aef289fc5c101f96f1e617aff8be9378959cdf
fac83e14e2d2cd2cf47319bcb9ad82e6088cdb49ca8094693fe6c4d7f1992167

HTTP Headers

GET /video.g?token=AD6v5dwq9AIf86_YMAJSmW-5fWpR21LCADsGr7FyhOamQhyU-IShU1RGZ6p-zYgT1-oiWVj6T22VQtMFfhM0dF5-MDAPJs2jFy-beVqrCdGENG13gVcpuo43Sjj4yAcO1g_w4Ff6IwJm HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-security-policy: script-src   'self' *.google.com *.google-analytics.com 'unsafe-inline'   'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com   *.googleapis.com uds.googleusercontent.com https://s.ytimg.com   https://i18n-cloud.appspot.com   https://www.youtube.com   www-onepick-opensocial.googleusercontent.com   www-bloggervideo-opensocial.googleusercontent.com   www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
cache-control: private, max-age=25200
pragma: no-cache
expires: Sat, 28 Jan 2023 20:26:22 GMT
date: Sat, 28 Jan 2023 20:26:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 1235
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

simplewebanalysis.com/stats

35.156.167.37

200 OK

40 B

URL HTTP/2
simplewebanalysis.com/stats
IP
35.156.167.37:0
ASN
#16509 AMAZON-02

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
38327088f9b3cf7e47a5f7e5eb926cf7
a3b9784d4120305cb405e1bd96b638a3a822eff0
8376992476b07d26324086c01443e4b81995b779e5ac735315395ca627d0f7a5

HTTP Headers

GET /stats HTTP/1.1
Host: simplewebanalysis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakedtv.wiki
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:22 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://leakedtv.wiki
access-control-allow-credentials: true
set-cookie: uid_id2=b5daa4e9-e622-4588-b8a8-f0b7a4162243:3:1; expires=Tue, 25 Jan 2033 20:26:22 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

www.blogger.com/static/v1/jsbin/159429368-video_compiled.js

142.250.74.41

200 OK

13 kB

URL HTTP/2
www.blogger.com/static/v1/jsbin/159429368-video_compiled.js
IP
142.250.74.41:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1674)
Size
13 kB (13148 bytes)
Hash
83907ffc652e810721b94354db6c290e
f45ac7924a2657af692c03dc6877685c93bdab30
015900d06a8c5890346a4bab7ff3c5eb71c06e6f9f868d170775cb0a1e4bad07

HTTP Headers

GET /static/v1/jsbin/159429368-video_compiled.js HTTP/1.1
Host: www.blogger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/video.g?token=AD6v5dwq9AIf86_YMAJSmW-5fWpR21LCADsGr7FyhOamQhyU-IShU1RGZ6p-zYgT1-oiWVj6T22VQtMFfhM0dF5-MDAPJs2jFy-beVqrCdGENG13gVcpuo43Sjj4yAcO1g_w4Ff6IwJm
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-length: 13148
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 05:58:06 GMT
expires: Fri, 26 Jan 2024 05:58:06 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 26 Jan 2023 03:51:42 GMT
content-type: text/javascript
age: 224896
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
24fb829cf6626607036d3aa12e254f2f
993cd8ca527ef8b5ac101471af4589f477bc9f42
54e2f3602c541ad1e17294295b78c571e84d62907e0797f6248c0ed73a5ba4b9

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

e1.o.lencr.org/

23.36.76.226

200 OK

346 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
9529cb693cf315558319c1184da0abfe
4a487d37fbe9a6dfa0c4f37762092a2eaf009de8
f8553cb6a69d53d3317428d7e79e2670d235ac15444b297a95a3a46057f2363d

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "F8553CB6A69D53D3317428D7E79E2670D235AC15444B297A95A3A46057F2363D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2495
Expires: Sat, 28 Jan 2023 21:07:57 GMT
Date: Sat, 28 Jan 2023 20:26:22 GMT
Connection: keep-alive

leakedtv.wiki/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0

198.54.114.173

200 OK

77 kB

URL HTTP/2
leakedtv.wiki/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Referer: https://leakedtv.wiki/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:22 GMT
content-type: font/woff2
last-modified: Sat, 21 Jan 2023 15:05:38 GMT
accept-ranges: bytes
content-length: 77160
date: Sat, 28 Jan 2023 20:26:22 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

www.gstatic.com/images/icons/material/system/1x/play_arrow_white_48dp.png

142.250.74.35

200 OK

220 B

URL HTTP/2
www.gstatic.com/images/icons/material/system/1x/play_arrow_white_48dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit gray+alpha, non-interlaced\012- data
Size
220 B (220 bytes)
Hash
bbea220e3d4187feca59742dd22e2b27
800f7aea14ae6bb26b4d178af19e2b5fb6700d8a
b0c543456be59cd54e3b13f2fbc2071c25c6f79a6bb45957bbc12e033b55cf06

HTTP Headers

GET /images/icons/material/system/1x/play_arrow_white_48dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 220
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 18:09:55 GMT
expires: Fri, 26 Jan 2024 18:09:55 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
content-type: image/png
age: 180987
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bb1e6c5692e583df480f1a84a53b7573
cda12127c0ea5b3bcb01bfc534404c0ca8e4b819
3ae36a64c1afb6a24c6678d69c2bc626bfa73466ed52b7fcb76d74a001e4220c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3AE36A64C1AFB6A24C6678D69C2BC626BFA73466ED52B7FCB76D74A001E4220C"
Last-Modified: Fri, 27 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11539
Expires: Sat, 28 Jan 2023 23:38:41 GMT
Date: Sat, 28 Jan 2023 20:26:22 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

i9.ytimg.com/vi_blogger/X6ugRU90NcY/1.jpg?sqp=CO6J1p4GGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3n9knM9Y9sLqEAgYrs74QBXxuYVMg

142.250.74.174

200 OK

8.1 kB

URL HTTP/2
i9.ytimg.com/vi_blogger/X6ugRU90NcY/1.jpg?sqp=CO6J1p4GGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3n9knM9Y9sLqEAgYrs74QBXxuYVMg
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 320x180, components 3\012- data
Size
8.1 kB (8084 bytes)
Hash
89ead590c1c4b10b135301f4145309be
789f43c0075d4aec245c580d55c364bce5977a2a
16b4a8a37a4ced9f87c512b783b340e2276c4fef6c0b1031528439a7d98aa01f

HTTP Headers

GET /vi_blogger/X6ugRU90NcY/1.jpg?sqp=CO6J1p4GGPDEAfqGspsBBgjAAhC0AQ&rs=AMzJL3n9knM9Y9sLqEAgYrs74QBXxuYVMg HTTP/1.1
Host: i9.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.blogger.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 8084
date: Sat, 28 Jan 2023 20:26:22 GMT
expires: Sat, 28 Jan 2023 20:26:22 GMT
cache-control: private, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 28 Jan 2023 20:26:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
03201e381b6ad1cd03f4805d1512987b
4383185a3b03d13e37fb0378fc1e74edfa688b29
6287bdb027538b227d0857f8f9122946aa6f05c64b61f452a0ef192d9c6316b6

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6287BDB027538B227D0857F8F9122946AA6F05C64B61F452A0EF192D9C6316B6"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9356
Expires: Sat, 28 Jan 2023 23:02:18 GMT
Date: Sat, 28 Jan 2023 20:26:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3275
Expires: Sat, 28 Jan 2023 21:20:57 GMT
Date: Sat, 28 Jan 2023 20:26:22 GMT
Connection: keep-alive

friendshipmale.com/sfp.js

172.64.140.24

200 OK

28 kB

URL HTTP/2
friendshipmale.com/sfp.js
IP
172.64.140.24:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
28 kB (27622 bytes)
Hash
6a8fd37fc5d6253b22f528f27933f54e
1c5fe8dfa485575c8a0ab19062225dd3c97bc323
876f24536fcd38a947d8d1ea854ce3f503bdbaf9b30feaca05218b6dbf16252c

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:22 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 00a9f65c1bf651a8ce9fe0a8a16e3863
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sat, 28 Jan 2023 20:26:22 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rU0tArmWY7brXSUMtWsvIDXe7gyUZdGkwGUZgRGaEiTdnZPx2TZYG184oeWt8v2f6cFesyqKVNBAlJQn35C4KV4TGF1KLstYg5vyADQ8Bme0RgDmFtbzt6Oi2MvJx%2FpnI6UTd%2Fs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c767129f106b6-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg

34.120.237.76

200 OK

4.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.5 kB (4475 bytes)
Hash
4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hAzO-IMqc1CFpiBAlRl8seIYL9UonyrBMATibovyFq5kEuaweY_VyA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:46 GMT
age: 80976
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8739 bytes)
Hash
d04b173ecc22c619998bda87a8f9ce70
9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5
c30fbd2807e36b637bd1382a955c34abb4fe88b99173692530d288fff0986896

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b9e50f-b1f6-4665-acd6-9532ce741c2f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8739
x-amzn-requestid: 591edd56-d422-459f-8934-532106be7e90
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_quGvkoAMFWQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44644-5bda946b19b8abc54d324bab;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:46:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: yAWADPixWRJsEV9OqvunQGhVHlobpluc-VwHlhq1psEwNh_ignw-dQ==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:03:05 GMT
etag: "9e3c3ac1b5a8a5fcee6d1b0db1a61b71948d5fe5"
content-type: image/jpeg
age: 80597
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12397 bytes)
Hash
0ed1a0bd725b2078b4cfe4ed83877901
62493ca03be9870aac2341e033611a6d56bd322a
706e84bc63fd98acaeb72789239af3210ae6e3910e6589d92a25899dc9059dfc

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdeb12df7-074b-4044-bdbe-0e07bccbc8e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12397
x-amzn-requestid: e8436997-696d-483a-b03a-a84e7ca614ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_T5HbzoAMFXsw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445b2-1c2ccd0a187d0a3e2f6a59cc;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lmLHc8fKQYUpq9B-GyOQ0FKzhxi0ToTEPA7cu6JnQftgDFDNV8USvw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:56:37 GMT
etag: "62493ca03be9870aac2341e033611a6d56bd322a"
content-type: image/jpeg
age: 80985
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

nudgeworry.com/pixel/purst?dl=0&th=0&sc=0&rs=2119&rd=2119&fd=871&bv=22.10.v.9&tmpl=70

192.243.61.227

200 OK

0 B

URL HTTP/1.1
nudgeworry.com/pixel/purst?dl=0&th=0&sc=0&rs=2119&rd=2119&fd=871&bv=22.10.v.9&tmpl=70
IP
192.243.61.227:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=2119&rd=2119&fd=871&bv=22.10.v.9&tmpl=70 HTTP/1.1
Host: nudgeworry.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Jan 2023 20:26:22 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (13375 bytes)
Hash
b4afa01d2ffe17f8378e4c0b5afd4608
f5c7e2137efa07a207427a6b6fe1df541f85ea25
84fc0c05d25d674b5594b54720017332b86d391f66c7136d76cfce3e884e8e12

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f884785-3b60-4d1a-b7b9-f58e73d6d819.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13375
x-amzn-requestid: 372fcbe8-85a1-4be2-a006-31fb9289c5e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa-CxF6BoAMFyGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d443ab-4b9860545c612cc416cbe599;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:35:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: otEuPlfCL7DeVwGZiGJuMjxjVyGdMwxPWeCz5T_mpXboi-oRujKhBw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 21:48:58 GMT
age: 81444
etag: "f5c7e2137efa07a207427a6b6fe1df541f85ea25"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 23:03:41 GMT
age: 76961
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7585 bytes)
Hash
ea24bcba583bd8bd139559448a343e68
b9d37c2b14f890d41983a59f352e8f7caa9c94bb
e5ef5975eec964ae1684deb424f00833f2d217bdc7e6c385320ed3adeb6bc1c4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22cc3f55-9811-4ec2-a57e-a3e71a3f0554.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7585
x-amzn-requestid: bfb52acb-e0d7-482d-8be9-be5db1c16cac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_vkE5roAMF0Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d44663-2d38d314177e0ac40d4c8240;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:47:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: K9YWM9eaEc1DQ6wtEEuADnG1U-ahRBXDaiHIAm20dkWMOxPWBlJidw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 22:46:13 GMT
age: 78009
etag: "b9d37c2b14f890d41983a59f352e8f7caa9c94bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

banquetunarmedgrater.com/advertisers.js

173.233.137.60

200 OK

0 B

URL HTTP/1.1
banquetunarmedgrater.com/advertisers.js
IP
173.233.137.60:0
ASN
#7979 SERVERS-COM

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Jan 2023 20:26:22 GMT
Content-Type: application/javascript
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 98d4214fd09dd2265ecef4d11c71cef4
Strict-Transport-Security: max-age=0; includeSubdomains

www.google-analytics.com/analytics.js

142.250.74.110

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.110:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 28 Jan 2023 19:46:59 GMT
expires: Sat, 28 Jan 2023 21:46:59 GMT
cache-control: public, max-age=7200
age: 2364
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
74e0e8d20dea674d7cfcbb22043bdcf1
aa4b686521e5bb546e9043306ffa8512a29e10dc
979cfec5a2ea5195df8410c5eb7c435233f45ec176e855921b7dccfd90a0005d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "979CFEC5A2EA5195DF8410C5EB7C435233F45EC176E855921B7DCCFD90A0005D"
Last-Modified: Thu, 26 Jan 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16298
Expires: Sun, 29 Jan 2023 00:58:01 GMT
Date: Sat, 28 Jan 2023 20:26:23 GMT
Connection: keep-alive

leakedtv.wiki/wp-content/uploads/2023/01/cropped-1-192x192.png

198.54.114.173

200 OK

11 kB

URL HTTP/2
leakedtv.wiki/wp-content/uploads/2023/01/cropped-1-192x192.png
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
11 kB (11082 bytes)
Hash
d6ff1bf81d3f102e90d6a5d4efe8fa8e
cc138669797f355b06d119febf3ec127d370b91c
fc4beb782ba3d1d4316fe9662ebbcfce508e5bece39dcd1d5151c66fb54e0881

HTTP Headers

GET /wp-content/uploads/2023/01/cropped-1-192x192.png HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=b5daa4e9-e622-4588-b8a8-f0b7a4162243%3A3%3A1; ppu_main_5cf5749cd6d7a180a9ba37606a803c70=1; sb_main_24fde6f8708170a25aa5d95ee5819700=1; sb_count_24fde6f8708170a25aa5d95ee5819700=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:23 GMT
content-type: image/png
last-modified: Sat, 21 Jan 2023 15:19:17 GMT
accept-ranges: bytes
content-length: 11082
date: Sat, 28 Jan 2023 20:26:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

leakedtv.wiki/wp-content/uploads/2023/01/cropped-1-32x32.png

198.54.114.173

200 OK

886 B

URL HTTP/2
leakedtv.wiki/wp-content/uploads/2023/01/cropped-1-32x32.png
IP
198.54.114.173:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
886 B (886 bytes)
Hash
8f92af8fec9bb00fdd4141140096037d
6a87ececd10895ceb13822e7f3f25067bace7cf1
24a47a90a57c5a55187dea55545d62c33e2fa57441a4282c522469024f2befdf

HTTP Headers

GET /wp-content/uploads/2023/01/cropped-1-32x32.png HTTP/1.1
Host: leakedtv.wiki
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://leakedtv.wiki/2023/01/25/girl-with-trout-video-twitter-trout-video-trout-girl-video-who-is-the-trout-girl-in-this-video/
Connection: keep-alive
Cookie: dom3ic8zudi28v8lr6fgphwffqoz0j6c=b5daa4e9-e622-4588-b8a8-f0b7a4162243%3A3%3A1; ppu_main_5cf5749cd6d7a180a9ba37606a803c70=1; sb_main_24fde6f8708170a25aa5d95ee5819700=1; sb_count_24fde6f8708170a25aa5d95ee5819700=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sat, 04 Feb 2023 20:26:23 GMT
content-type: image/png
last-modified: Sat, 21 Jan 2023 15:19:17 GMT
accept-ranges: bytes
content-length: 886
date: Sat, 28 Jan 2023 20:26:23 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload;
referrer-policy: no-referrer-when-downgrade
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
46eedcc98ff9d91f91cad728a0fd37ad
3db701a4b79c60f7de579e2a843b108ae699a5e8
fe6bb05dcc570c62b8597fcaae69e19f8e92568bfab2a82276d6d3694e6242d8

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE6BB05DCC570C62B8597FCAAE69E19F8E92568BFAB2A82276D6D3694E6242D8"
Last-Modified: Thu, 26 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11826
Expires: Sat, 28 Jan 2023 23:43:29 GMT
Date: Sat, 28 Jan 2023 20:26:23 GMT
Connection: keep-alive

tragicbeyond.com/sbar.json?key=24fde6f8708170a25aa5d95ee5819700&uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243%3A3%3A1

192.243.61.225

200 OK

4.3 kB

URL HTTP/1.1
tragicbeyond.com/sbar.json?key=24fde6f8708170a25aa5d95ee5819700&uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243%3A3%3A1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
JSON data\012- , Unicode text, UTF-8 text, with very long lines (6326), with no line terminators
Size
4.3 kB (4348 bytes)
Hash
c004ab9b9eeaf462481c2ed9f5d73595
32062583b3caa9c1c4548e9b0a5db2cafa00aa0b
254541fb361d2877f5f816ccf7b58bbd97e9b61db0011a7277c52cbc52371377

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /sbar.json?key=24fde6f8708170a25aa5d95ee5819700&uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243%3A3%3A1 HTTP/1.1
Host: tragicbeyond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakedtv.wiki
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Jan 2023 20:26:23 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://leakedtv.wiki
Access-Control-Allow-Origin: https://leakedtv.wiki
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=17734794; expires=Sun, 29 Jan 2023 20:26:23 GMT; secure; SameSite=None
uid_id2=b5daa4e9-e622-4588-b8a8-f0b7a4162243:3:1; expires=Sat, 04 Feb 2023 20:26:23 GMT; secure; SameSite=None
pdhtkv=true; expires=Sun, 29 Jan 2023 20:26:23 GMT; secure; SameSite=None
uncs=1; expires=Sun, 29 Jan 2023 20:26:23 GMT; secure; SameSite=None
pdhtkv29=true; expires=Sun, 29 Jan 2023 20:26:23 GMT; secure; SameSite=None
uncs29=1; expires=Sun, 29 Jan 2023 20:26:23 GMT; secure; SameSite=None
slec24fde6f8708170a25aa5d95ee5819700=[3952979]; expires=Sat, 28 Jan 2023 20:26:28 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 4260422f751dbae6a04a502e5d756b6a
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e34c204daf6f65e512d7168b01268c76
793aacf3316ca30d6bef3acaaf097e42e2013e49
a748e66ab50d8c910a381a0e653c9b3e95c15043c5c52e91fbaeb20282b9fd49

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A748E66AB50D8C910A381A0E653C9B3E95C15043C5C52E91FBAEB20282B9FD49"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6569
Expires: Sat, 28 Jan 2023 22:15:52 GMT
Date: Sat, 28 Jan 2023 20:26:23 GMT
Connection: keep-alive

cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html

45.133.44.4

200 OK

955 B

URL HTTP/2
cdn.barscreative1.com/sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html
IP
45.133.44.4:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document, ASCII text
Size
955 B (955 bytes)
Hash
3311b451b6e90781dab5ae61a1e4f65d
940e4700d9c5fbf74f8c15dcf10c28661e34cf2c
3def788280ca0f9ba09e050e3f3bfba82e5268fe2104f1c02a8f265c12774023

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /sb/au/5e/2f/d4/5e2fd4b3d4c51bdf7b2952c27a9795ef/1652872195.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakedtv.wiki
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:23 GMT
content-type: text/html; charset=utf-8
content-length: 955
server: nginx/1.17.6
last-modified: Wed, 18 May 2022 11:09:59 GMT
etag: "6284d407-3bb"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
expires: Sat, 28 Jan 2023 21:26:23 GMT
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

tragicbeyond.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuTvb%2FLwFBEURU6IOHCO5sdU%2F3zowRFmOMBGMSs5FcvFR3Vc9WtqarqeqeniweViMSvGS8iKCH3m92s6iLmLOIOpuLjBdbRBdxL95VCHqWmR1YfId6r973Hb73vffuVnFIKAp2cOVVvSGVYkthg7qnr8uU69K6l665Hm3QM%2B51mS4HZ9zB9DH95zwaNugz7ssiXtdLPvUo9ajnnpdGJHqwNEMhs72O1%2BjQRuA3vDDAwPz3bwsHljng%2FUPyCCSv%2F7f23T3IeIy098U5YddznT37Uq9QLNcGfb77erqe6jJF77hMjIMk3Z2zoW1NyIcnoNPd%2BQTQ%2Fe3pBIhkTZyfPUTp7lwmov7OkdJIQaSI%2BCmU%2FTGEGkOyMWJ9C5L%2FQICY49JlpL27l7Qp2c0jlE3Rmiz88wCyrMnCb48i7X1%2BVsmBu6pVkUudWgySCnIwhuyOkRX7yDccyHIfcf42JCdIexUkP3g6CjljgegsimXfXwzCdnsxarP2YkKjFgu8Zd8PmjNrpBxDJmMoMQSzJ1FYB4V0UCQOisxBjx%2B4LOwklLaSKGk220Ecx81mHIftZR7yZtBOKIp4qn2IPBsiVkPEZhOZ2cS6HMIU38CuVbDcgc0J%2BrxCKQhKS1AyglISlDlB2a92uLK%2Bre5yZYvIm2d%2FnpvVSOfdLbaj865IyVZ2SB6eGuY89PF7WBcHrh8kXCwn7RZtey3K%2FJCxkHdCIcK212lRCisrSHsCzDrYkDV54oMUmazJ%2F791ELF9WLWPWD4JVjwFVo5aPgVbGwVtio10r3ODKd0XphHrHriukOULyG86W%2BqQPD5b3POvrULEk5Vf3Psf7fx%2BDbGpkJkKN%2BR9gq66PbqqS7J9VZeW3Luc5bInN9h0qas5y8XCp6%2BIm6U2%2FMI5O%2FzkhXgKTMu9a8LmF1nKZdq15LOzknNhzmsTC%2FLVBXtdRFcKu3a2MGmRXbzy4vkLvcwIa6VOx2CyJuStNxHLmpxy0tnBuoNDSDOGKSr0igmZB6TeR5xtwmaTlfrOG6f%2FHt%2BB1QRGHXOizEFZVCPjR8dNJWviP3gMSkxWvuyufr%2F0x69gUQUrjo2IxOTrv474W%2FY2usYBy2%2FNTrVvKvRVBaaGsMXJUZ6ZycqPzVkgUs4oUsbZjpRR7x8ZbOWBK8KEJoL6Iko6UdJilHeSoBOxjidaUcg85LaOf3rnz38BAAD%2F%2FwEAAP%2F%2FOPu3mowEAAA%3D

192.243.61.225

200 OK

7 B

URL HTTP/1.1
tragicbeyond.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuTvb%2FLwFBEURU6IOHCO5sdU%2F3zowRFmOMBGMSs5FcvFR3Vc9WtqarqeqeniweViMSvGS8iKCH3m92s6iLmLOIOpuLjBdbRBdxL95VCHqWmR1YfId6r973Hb73vffuVnFIKAp2cOVVvSGVYkthg7qnr8uU69K6l665Hm3QM%2B51mS4HZ9zB9DH95zwaNugz7ssiXtdLPvUo9ajnnpdGJHqwNEMhs72O1%2BjQRuA3vDDAwPz3bwsHljng%2FUPyCCSv%2F7f23T3IeIy098U5YddznT37Uq9QLNcGfb77erqe6jJF77hMjIMk3Z2zoW1NyIcnoNPd%2BQTQ%2Fe3pBIhkTZyfPUTp7lwmov7OkdJIQaSI%2BCmU%2FTGEGkOyMWJ9C5L%2FQICY49JlpL27l7Qp2c0jlE3Rmiz88wCyrMnCb48i7X1%2BVsmBu6pVkUudWgySCnIwhuyOkRX7yDccyHIfcf42JCdIexUkP3g6CjljgegsimXfXwzCdnsxarP2YkKjFgu8Zd8PmjNrpBxDJmMoMQSzJ1FYB4V0UCQOisxBjx%2B4LOwklLaSKGk220Ecx81mHIftZR7yZtBOKIp4qn2IPBsiVkPEZhOZ2cS6HMIU38CuVbDcgc0J%2BrxCKQhKS1AyglISlDlB2a92uLK%2Bre5yZYvIm2d%2FnpvVSOfdLbaj865IyVZ2SB6eGuY89PF7WBcHrh8kXCwn7RZtey3K%2FJCxkHdCIcK212lRCisrSHsCzDrYkDV54oMUmazJ%2F791ELF9WLWPWD4JVjwFVo5aPgVbGwVtio10r3ODKd0XphHrHriukOULyG86W%2BqQPD5b3POvrULEk5Vf3Psf7fx%2BDbGpkJkKN%2BR9gq66PbqqS7J9VZeW3Luc5bInN9h0qas5y8XCp6%2BIm6U2%2FMI5O%2FzkhXgKTMu9a8LmF1nKZdq15LOzknNhzmsTC%2FLVBXtdRFcKu3a2MGmRXbzy4vkLvcwIa6VOx2CyJuStNxHLmpxy0tnBuoNDSDOGKSr0igmZB6TeR5xtwmaTlfrOG6f%2FHt%2BB1QRGHXOizEFZVCPjR8dNJWviP3gMSkxWvuyufr%2F0x69gUQUrjo2IxOTrv474W%2FY2usYBy2%2FNTrVvKvRVBaaGsMXJUZ6ZycqPzVkgUs4oUsbZjpRR7x8ZbOWBK8KEJoL6Iko6UdJilHeSoBOxjidaUcg85LaOf3rnz38BAAD%2F%2FwEAAP%2F%2FOPu3mowEAAA%3D
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuTvb%2FLwFBEURU6IOHCO5sdU%2F3zowRFmOMBGMSs5FcvFR3Vc9WtqarqeqeniweViMSvGS8iKCH3m92s6iLmLOIOpuLjBdbRBdxL95VCHqWmR1YfId6r973Hb73vffuVnFIKAp2cOVVvSGVYkthg7qnr8uU69K6l665Hm3QM%2B51mS4HZ9zB9DH95zwaNugz7ssiXtdLPvUo9ajnnpdGJHqwNEMhs72O1%2BjQRuA3vDDAwPz3bwsHljng%2FUPyCCSv%2F7f23T3IeIy098U5YddznT37Uq9QLNcGfb77erqe6jJF77hMjIMk3Z2zoW1NyIcnoNPd%2BQTQ%2Fe3pBIhkTZyfPUTp7lwmov7OkdJIQaSI%2BCmU%2FTGEGkOyMWJ9C5L%2FQICY49JlpL27l7Qp2c0jlE3Rmiz88wCyrMnCb48i7X1%2BVsmBu6pVkUudWgySCnIwhuyOkRX7yDccyHIfcf42JCdIexUkP3g6CjljgegsimXfXwzCdnsxarP2YkKjFgu8Zd8PmjNrpBxDJmMoMQSzJ1FYB4V0UCQOisxBjx%2B4LOwklLaSKGk220Ecx81mHIftZR7yZtBOKIp4qn2IPBsiVkPEZhOZ2cS6HMIU38CuVbDcgc0J%2BrxCKQhKS1AyglISlDlB2a92uLK%2Bre5yZYvIm2d%2FnpvVSOfdLbaj865IyVZ2SB6eGuY89PF7WBcHrh8kXCwn7RZtey3K%2FJCxkHdCIcK212lRCisrSHsCzDrYkDV54oMUmazJ%2F791ELF9WLWPWD4JVjwFVo5aPgVbGwVtio10r3ODKd0XphHrHriukOULyG86W%2BqQPD5b3POvrULEk5Vf3Psf7fx%2BDbGpkJkKN%2BR9gq66PbqqS7J9VZeW3Luc5bInN9h0qas5y8XCp6%2BIm6U2%2FMI5O%2FzkhXgKTMu9a8LmF1nKZdq15LOzknNhzmsTC%2FLVBXtdRFcKu3a2MGmRXbzy4vkLvcwIa6VOx2CyJuStNxHLmpxy0tnBuoNDSDOGKSr0igmZB6TeR5xtwmaTlfrOG6f%2FHt%2BB1QRGHXOizEFZVCPjR8dNJWviP3gMSkxWvuyufr%2F0x69gUQUrjo2IxOTrv474W%2FY2usYBy2%2FNTrVvKvRVBaaGsMXJUZ6ZycqPzVkgUs4oUsbZjpRR7x8ZbOWBK8KEJoL6Iko6UdJilHeSoBOxjidaUcg85LaOf3rnz38BAAD%2F%2FwEAAP%2F%2FOPu3mowEAAA%3D HTTP/1.1
Host: tragicbeyond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Cookie: u_pl=17734794; uid_id2=b5daa4e9-e622-4588-b8a8-f0b7a4162243:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec24fde6f8708170a25aa5d95ee5819700=[3952979]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Jan 2023 20:26:23 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 8b850485b96208e41a8beaf6f4e66da9
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5cf5749cd6d7a180a9ba37606a803c70&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20

192.243.59.20

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5cf5749cd6d7a180a9ba37606a803c70&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=5cf5749cd6d7a180a9ba37606a803c70&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 28 Jan 2023 20:26:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3458374358b1bcd1f247cf76a6a1c9bd
Strict-Transport-Security: max-age=0; includeSubdomains

unseenreport.com/pxf.gif?uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=24fde6f8708170a25aa5d95ee5819700&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20

192.243.59.20

200 OK

1 B

URL HTTP/1.1
unseenreport.com/pxf.gif?uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=24fde6f8708170a25aa5d95ee5819700&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20
IP
192.243.59.20:0
ASN
#39572 DataWeb Global Group B.V.

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=b5daa4e9-e622-4588-b8a8-f0b7a4162243&eb=afa55bd8bbaeee6cbf2f0b21fb513961&te=9e4947f35751465411fd1a4f5c358c78&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A105.0)%20Gecko%2F20100101%20Firefox%2F105.0&dev=e&res=14.1055&b_frame=0&pk=24fde6f8708170a25aa5d95ee5819700&bl=en-US&sr=1002x1280&sz=1024x1280&hjs=20 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.17.9
Date: Sat, 28 Jan 2023 20:26:23 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 7faf85a30aba621dc4df473904d3e4af
Strict-Transport-Security: max-age=0; includeSubdomains

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e3b8a8bc98172e8a530326f7d16570cd
4555b6600b5d18b4e5850a756fb47ead0e5c486e
12061f433c479a860c65363d2243aba95ad34ac6664e84c5c5ed9a2d8c343f8c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12061F433C479A860C65363D2243ABA95AD34AC6664E84C5C5ED9A2D8C343F8C"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7071
Expires: Sat, 28 Jan 2023 22:24:14 GMT
Date: Sat, 28 Jan 2023 20:26:23 GMT
Connection: keep-alive

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e3b8a8bc98172e8a530326f7d16570cd
4555b6600b5d18b4e5850a756fb47ead0e5c486e
12061f433c479a860c65363d2243aba95ad34ac6664e84c5c5ed9a2d8c343f8c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12061F433C479A860C65363D2243ABA95AD34AC6664E84C5C5ED9A2D8C343F8C"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7071
Expires: Sat, 28 Jan 2023 22:24:14 GMT
Date: Sat, 28 Jan 2023 20:26:23 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4675bd0dbda20e272b32eb9db03f35d8
aa655fd97778059913ab170765257aaef33e7119
a9bb5d439a01135af6d41e60455509b20fee27f7661ad81f6cb955ffdc9c1f12

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9BB5D439A01135AF6D41E60455509B20FEE27F7661AD81F6CB955FFDC9C1F12"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4902
Expires: Sat, 28 Jan 2023 21:48:05 GMT
Date: Sat, 28 Jan 2023 20:26:23 GMT
Connection: keep-alive

cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png

45.133.44.10

200 OK

12 kB

URL HTTP/2
cdn.cloudimagesb.com/si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png
IP
45.133.44.10:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12186 bytes)
Hash
c07f1baac701b672939b359081f813c7
d38ffbae259aae1e8ad3b38959339bb29da9b69f
85bc8e3de3651f6f03dc381ea4bbaff350d8973c37f598582838677817bf1826

HTTP Headers

GET /si/e3/38/1c/e3381c2969587380b30458753c6349d5/1674361501.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:23 GMT
content-type: image/png
content-length: 12186
server: nginx/1.17.6
last-modified: Sun, 22 Jan 2023 04:25:10 GMT
etag: "63ccbaa6-2f9a"
expires: Mon, 30 Jan 2023 20:26:23 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

e1.o.lencr.org/

23.36.76.226

200 OK

345 B

URL HTTP/1.1
e1.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
345 B (345 bytes)
Hash
e3b8a8bc98172e8a530326f7d16570cd
4555b6600b5d18b4e5850a756fb47ead0e5c486e
12061f433c479a860c65363d2243aba95ad34ac6664e84c5c5ed9a2d8c343f8c

HTTP Headers

POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "12061F433C479A860C65363D2243ABA95AD34AC6664E84C5C5ED9A2D8C343F8C"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7070
Expires: Sat, 28 Jan 2023 22:24:14 GMT
Date: Sat, 28 Jan 2023 20:26:24 GMT
Connection: keep-alive

tragicbeyond.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuTvb%2FLwFBEURU6IOHCO5sd0%2F3To8RFmOMBGMSs5FcvFRXVc9WtqarqeqeniweohEJXjJeRNBD7zfZLOoi5iyizuYi68UW0UXci3cVgp5lZgcW36Heq%2Fd9h%2B997727WR4QDyXdv%2FSq3pBK0aWo5bknr8qM68q6F664vtfyTrlXZbYcnnKH08cMnvO9qOU9474s2LpeCjzf83zPd89KI1I9XJqhkPlO1291vVYYtPwoxND8929LB5Y64IMD8ggkb%2F639t09SDZB1v%2FijLDrhc6ffalfKlpogwHffj1bz3SVoX9UpsZBmm3P2dC2IeTDY9DZ9nwC6MGd6QRIZEOcn30k2fZcJpLB1qHSREFkSPgJVIMJhJpA0gmYvgnJfyAA47hwEVn%2F7gVtKnr9EKVTtCEL%2FzyArBqy8NujyPqfn1Zy6K5qVRZSZxbDtIYcTiB7E%2BTlLooNB7LaBSvehuQEWb%2BG5PtPJxGnNBTdRbEcBIthFMeLSUzjxdRLOjT0l4MgbM%2BskXICmU6gxAjUHkdpHZTSQZk6KHMHfb7v0qibel4nTdJ2Ow4ZY%2B02Y1G8zCPeDuPUQ8mm2kco8hGYGoGZG8jNDazLEUz5DexaDcsd2IJgwGtUgqCyBBUlqCRBVRBUg3qLKxvY%2Bi5Xtkz8eQ7muV2PddHbpFu66ImMbOYH5OGpYc5DH7%2BHdbHvBmHKxXIad7zY73g0iCiNeDcSIor9bsfzYGUNaY%2BBWgcbsiFPfJAhlw35%2F7cOEroLq3bB5JOg5VOg1bgTeKBr4zD2sJHtdK9RpQfCtJjug%2BsaebGA4rqzqQ7I47PFPf%2FaKgTbW%2FnFvf%2FR1u9XwEyN3NS4Ju8T9NSt8WVdkTuXdWXJvYt5Iftyg06XulrQQix8%2Boq4XmnDz52xo09eYFNgWu5cEbY4TzMus54ln52WnAtzVhsmyFfn7FWRXCrt2unSZGV%2B%2FtKLZ8%2F1cyOslTqbgMqGkLfeBJMNOeFks4N1hweQZgJT1uiXe2QekHoXLL8Bm%2B%2BtNLffOPn35DasJjDqiJPkDqqyHpsgOWoq2ZDgwWNQYm%2Fly97q90t%2F%2FAqa1LDiyIhE7H391yF%2F095Czzigxc3ZqQ5MjYGqQdUItjw%2BLnKzt%2FJjexZIlDNOlHHuJMqo9w8NtnLfjfxQxEncYZwngnG%2FE7TjtucFnIedrvC7KGzDfnrnz38BAAD%2F%2FwEAAP%2F%2FLPM5fIwEAAA%3D

192.243.61.225

200 OK

7 B

URL HTTP/1.1
tragicbeyond.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuTvb%2FLwFBEURU6IOHCO5sd0%2F3To8RFmOMBGMSs5FcvFRXVc9WtqarqeqeniweohEJXjJeRNBD7zfZLOoi5iyizuYi68UW0UXci3cVgp5lZgcW36Heq%2Fd9h%2B997727WR4QDyXdv%2FSq3pBK0aWo5bknr8qM68q6F664vtfyTrlXZbYcnnKH08cMnvO9qOU9474s2LpeCjzf83zPd89KI1I9XJqhkPlO1291vVYYtPwoxND8929LB5Y64IMD8ggkb%2F639t09SDZB1v%2FijLDrhc6ffalfKlpogwHffj1bz3SVoX9UpsZBmm3P2dC2IeTDY9DZ9nwC6MGd6QRIZEOcn30k2fZcJpLB1qHSREFkSPgJVIMJhJpA0gmYvgnJfyAA47hwEVn%2F7gVtKnr9EKVTtCEL%2FzyArBqy8NujyPqfn1Zy6K5qVRZSZxbDtIYcTiB7E%2BTlLooNB7LaBSvehuQEWb%2BG5PtPJxGnNBTdRbEcBIthFMeLSUzjxdRLOjT0l4MgbM%2BskXICmU6gxAjUHkdpHZTSQZk6KHMHfb7v0qibel4nTdJ2Ow4ZY%2B02Y1G8zCPeDuPUQ8mm2kco8hGYGoGZG8jNDazLEUz5DexaDcsd2IJgwGtUgqCyBBUlqCRBVRBUg3qLKxvY%2Bi5Xtkz8eQ7muV2PddHbpFu66ImMbOYH5OGpYc5DH7%2BHdbHvBmHKxXIad7zY73g0iCiNeDcSIor9bsfzYGUNaY%2BBWgcbsiFPfJAhlw35%2F7cOEroLq3bB5JOg5VOg1bgTeKBr4zD2sJHtdK9RpQfCtJjug%2BsaebGA4rqzqQ7I47PFPf%2FaKgTbW%2FnFvf%2FR1u9XwEyN3NS4Ju8T9NSt8WVdkTuXdWXJvYt5Iftyg06XulrQQix8%2Boq4XmnDz52xo09eYFNgWu5cEbY4TzMus54ln52WnAtzVhsmyFfn7FWRXCrt2unSZGV%2B%2FtKLZ8%2F1cyOslTqbgMqGkLfeBJMNOeFks4N1hweQZgJT1uiXe2QekHoXLL8Bm%2B%2BtNLffOPn35DasJjDqiJPkDqqyHpsgOWoq2ZDgwWNQYm%2Fly97q90t%2F%2FAqa1LDiyIhE7H391yF%2F095Czzigxc3ZqQ5MjYGqQdUItjw%2BLnKzt%2FJjexZIlDNOlHHuJMqo9w8NtnLfjfxQxEncYZwngnG%2FE7TjtucFnIedrvC7KGzDfnrnz38BAAD%2F%2FwEAAP%2F%2FLPM5fIwEAAA%3D
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSQYgcRReuTvb%2FLwFBEURU6IOHCO5sd0%2F3To8RFmOMBGMSs5FcvFRXVc9WtqarqeqeniweohEJXjJeRNBD7zfZLOoi5iyizuYi68UW0UXci3cVgp5lZgcW36Heq%2Fd9h%2B997727WR4QDyXdv%2FSq3pBK0aWo5bknr8qM68q6F664vtfyTrlXZbYcnnKH08cMnvO9qOU9474s2LpeCjzf83zPd89KI1I9XJqhkPlO1291vVYYtPwoxND8929LB5Y64IMD8ggkb%2F639t09SDZB1v%2FijLDrhc6ffalfKlpogwHffj1bz3SVoX9UpsZBmm3P2dC2IeTDY9DZ9nwC6MGd6QRIZEOcn30k2fZcJpLB1qHSREFkSPgJVIMJhJpA0gmYvgnJfyAA47hwEVn%2F7gVtKnr9EKVTtCEL%2FzyArBqy8NujyPqfn1Zy6K5qVRZSZxbDtIYcTiB7E%2BTlLooNB7LaBSvehuQEWb%2BG5PtPJxGnNBTdRbEcBIthFMeLSUzjxdRLOjT0l4MgbM%2BskXICmU6gxAjUHkdpHZTSQZk6KHMHfb7v0qibel4nTdJ2Ow4ZY%2B02Y1G8zCPeDuPUQ8mm2kco8hGYGoGZG8jNDazLEUz5DexaDcsd2IJgwGtUgqCyBBUlqCRBVRBUg3qLKxvY%2Bi5Xtkz8eQ7muV2PddHbpFu66ImMbOYH5OGpYc5DH7%2BHdbHvBmHKxXIad7zY73g0iCiNeDcSIor9bsfzYGUNaY%2BBWgcbsiFPfJAhlw35%2F7cOEroLq3bB5JOg5VOg1bgTeKBr4zD2sJHtdK9RpQfCtJjug%2BsaebGA4rqzqQ7I47PFPf%2FaKgTbW%2FnFvf%2FR1u9XwEyN3NS4Ju8T9NSt8WVdkTuXdWXJvYt5Iftyg06XulrQQix8%2Boq4XmnDz52xo09eYFNgWu5cEbY4TzMus54ln52WnAtzVhsmyFfn7FWRXCrt2unSZGV%2B%2FtKLZ8%2F1cyOslTqbgMqGkLfeBJMNOeFks4N1hweQZgJT1uiXe2QekHoXLL8Bm%2B%2BtNLffOPn35DasJjDqiJPkDqqyHpsgOWoq2ZDgwWNQYm%2Fly97q90t%2F%2FAqa1LDiyIhE7H391yF%2F095Czzigxc3ZqQ5MjYGqQdUItjw%2BLnKzt%2FJjexZIlDNOlHHuJMqo9w8NtnLfjfxQxEncYZwngnG%2FE7TjtucFnIedrvC7KGzDfnrnz38BAAD%2F%2FwEAAP%2F%2FLPM5fIwEAAA%3D HTTP/1.1
Host: tragicbeyond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Cookie: u_pl=17734794; uid_id2=b5daa4e9-e622-4588-b8a8-f0b7a4162243:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Jan 2023 20:26:24 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 579caedf33159171d6dbb71478711493
Strict-Transport-Security: max-age=0; includeSubdomains

tragicbeyond.com/pixel/sbs?c=1

192.243.61.225

200 OK

0 B

URL HTTP/1.1
tragicbeyond.com/pixel/sbs?c=1
IP
192.243.61.225:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: tragicbeyond.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://leakedtv.wiki/
Cookie: u_pl=17734794; uid_id2=b5daa4e9-e622-4588-b8a8-f0b7a4162243:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sat, 28 Jan 2023 20:26:24 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff

172.64.167.9

200 OK

73 kB

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format, TrueType, length 72696, version 11.0\012- data
Size
73 kB (72696 bytes)
Hash
53d97caea7ef8a12beab745fcc5744e1
b8c70e4f67957e4f2cb809a58d84c773a3bde6d0
542772868e28df6d786b6f00f9dec929cba214d928cb013b32588485b46f8715

HTTP Headers

GET /sb/notifications/software/us/ios/desk-new-big/SFUIText-Regular.woff HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leakedtv.wiki
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:24 GMT
content-type: application/font-woff
content-length: 72696
last-modified: Wed, 17 Feb 2021 11:42:38 GMT
etag: "602d012e-11bf8"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XbKR23xzHO0lsjsO51H%2FRN6ELugnnMeCTTciDNH51FB76G3cNqhTjuA0i0i1pedKPRy4EHQL9mAxguO1Kxk5nmW6E%2B1C9ggmGkhp0QYRlp2RenR5xsypW7qhutEUKRg8Lyf1DfSBFLiy"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c767d1daf24e9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/style.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/software/us/ios/desk-new-big/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakedtv.wiki
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:23 GMT
content-type: text/css
last-modified: Thu, 23 Sep 2021 12:16:53 GMT
etag: W/"614c7035-145e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q%2F70N19LVJg1HgjgB5abUYVuyZ%2BLVou0Z4%2FAmQUQCftLJl0w99DRgJJ7oRr1KM3QsujRqgNRsp6T5g1ujafHZQrN89QNmZD43SmdgPCXSCMXiDgg%2Fi4E3dJtPSw98toPW1cHIrIGMHeW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c767a9a3624e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/css/animate.css
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/software/us/ios/desk-new-big/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakedtv.wiki
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:23 GMT
content-type: text/css
last-modified: Wed, 17 Feb 2021 11:44:02 GMT
etag: W/"602d0182-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xNOWUw%2FwSGhiXizG4EVOAc8aTZeo4jmn1KS%2Fe6Z3uycGeVT50fqwFQr3znUJFfGV50wZODXuYHhipVhLjjX%2BemdMrAVdRqcpScMHty6NA2LXI2UZIc7WDXVS%2Bh65xsaFwdIPCiMsVh30"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c767a8a3124e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js

172.64.167.9

200 OK

0 B

URL HTTP/2
cdn.creative-bars1.com/sb/notifications/software/us/ios/desk-new-big/js/script.js
IP
172.64.167.9:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sb/notifications/software/us/ios/desk-new-big/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakedtv.wiki
Connection: keep-alive
Referer: https://leakedtv.wiki/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Sat, 28 Jan 2023 20:26:24 GMT
content-type: application/javascript
last-modified: Wed, 17 Feb 2021 11:44:05 GMT
etag: W/"602d0185-183"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J351oYx3VxRjxDBaMtqmW8CUnPurMkQWM6kuguLJp9LAf6EPL3PSf%2FwTf9xDRLw4JqKFvkhXYheyJ6BNgeKtQebVzJN9EYC5R9eT%2Bw4d9jnyEPbpBvklDadmvc4diBsKHPl845B42U6t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 790c767a9a3924e9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML