Report - nudeleakteen.com/

Report Overview

Visited public
2025-05-28 22:38:16
Tags
URL
nudeleakteen.com/
Finishing URL
ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0
IP / ASN
192.187.111.221
#33387 NOCIX
Title
nudeleakteen.com

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
ww1.nudeleakteen.com	unknown	unknown	No data	No data	1.3 kB	5.0 kB	76.223.26.96
nudeleakteen.com	unknown	unknown	No data	No data	485 B	3.6 kB	192.187.111.221
yfdpco.com	unknown	2025-03-03	2025-03-18	2025-05-21	697 B	951 B	208.91.196.46

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-28	medium	yfdpco.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (2)

	URL	From	Size	First Seen	Last Seen
	ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0	ScriptElement	673 B	2025-05-28	2025-05-28
Pretty URL ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0 IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-28 22:38 Last Seen2025-05-28 22:38 Times Seen1 Hash d78fae9e439050b8e7b2699991a9888d 216e046eda30ae5f631090650a91bb6bca5efacb b0e6ebb2ca4a255aad1e11e59a26cb68e203dae641df1f73c8719a42801dce18 Loading...

	ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0	ScriptElement	164 B	2025-03-03	2025-06-13
Pretty URL ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0 IP 76.223.26.96 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-03 19:06 Last Seen2025-06-13 20:22 Times Seen2574 Hash a721fadebac58116f06d5f8f84bcfe5a 413588bc107bd1be0cbd14345fb68c9b8ba14b38 912e5797a8e5f63052f4171a842ef7e90701101824c00a4dab15ce20f67605e0 Loading...

HTTP Transactions (5)

URL IP Response Size

ww1.nudeleakteen.com/munin/a/ls?t=68379043&token=ed57f0442e2d06639f63560e9c39d9480019dc66

76.223.26.96

201 Created

0 B

URL GET
ww1.nudeleakteen.com/munin/a/ls?t=68379043&token=ed57f0442e2d06639f63560e9c39d9480019dc66
IP
76.223.26.96:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /munin/a/ls?t=68379043&token=ed57f0442e2d06639f63560e9c39d9480019dc66 HTTP/1.1
Host: ww1.nudeleakteen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 201 Created
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Allow-Origin: 
Access-Control-Max-Age: 86400
Charset: utf-8
Content-Length: 0
Content-Type: text/javascript;charset=UTF-8
Date: Wed, 28 May 2025 22:37:55 GMT
Server: Caddy, nginx
Status: 201 Created
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_dxCOsX9HWijrjzxWPCVgwB8D3AuM/BHID0nx+EMT+dpwApMVLwb2aR6nYSEXOq17/Y3ErZYW0nSwYs8hUsy/Gg==
X-Log-Success: 6837904358e2765ca101a529

ww1.nudeleakteen.com/favicon.ico

76.223.26.96

200 OK

0 B

URL GET
ww1.nudeleakteen.com/favicon.ico
IP
76.223.26.96:80
ASN
#16509 AMAZON-02

Requested by
http://ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: ww1.nudeleakteen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Length: 0
Content-Type: image/x-icon
Date: Wed, 28 May 2025 22:37:55 GMT
Etag: "670f7248-0"
Last-Modified: Wed, 16 Oct 2024 07:59:04 GMT
Server: Caddy, nginx

nudeleakteen.com/

192.187.111.221

302 Found

3.2 kB

URL User Request GET
nudeleakteen.com/
IP
192.187.111.221:443
ASN
#33387 NOCIX

Certificate
IssuerLet's Encrypt
Subjectnudeleakteen.com
FingerprintE1:E0:6B:B2:2E:C1:1C:AC:6B:16:B4:7C:CE:3D:84:F5:83:F1:D5:99
ValidityMon, 14 Apr 2025 01:17:35 GMT - Sun, 13 Jul 2025 01:17:34 GMT

File type

Size
3.2 kB (3206 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: nudeleakteen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 11
date: Wed, 28 May 2025 22:37:54 GMT
location: http://ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0
server: Cowboy
set-cookie: sid=654ded91-3c14-11f0-ac76-4d98c1e41df0; path=/; domain=.nudeleakteen.com; expires=Tue, 16 Jun 2093 01:52:01 GMT; max-age=2147483647; secure; HttpOnly
X-Firefox-Spdy: h2

ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0

76.223.26.96

200 OK

3.2 kB

URL User Request GET
ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0
IP
76.223.26.96:80
ASN
#16509 AMAZON-02

File type
HTML document, ASCII text, with very long lines (337)
Size
3.2 kB (3206 bytes)
Hash
0c35dd9b3f71facf15e0992d5a5c0af5
902bb4bc551af88bd8fb9e1056f39ece82856734
0cfaaf9c9039b2cb1a19b9aeccbf105a060d55c61dd258bf3b1a7cd89934dea9

HTTP Headers

GET /?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0 HTTP/1.1
Host: ww1.nudeleakteen.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ch: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-Ch-Lifetime: 30
Content-Encoding: gzip
Content-Length: 1491
Content-Type: text/html; charset=UTF-8
Date: Wed, 28 May 2025 22:37:55 GMT
Server: Caddy, nginx
Vary: Accept-Encoding
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_hpk3ogYzAzAUx1HP4J1+okHhgg9TVwKj6CAqsziHbr9Q1bMpUzEtL4AzkJ65AfNSxeQ3mJRJQTaz0S+LqK1dqg==
X-Buckets: bucket003
X-Domain: nudeleakteen.com
X-Language: norwegian
X-Pcrew-Blocked-Reason: hosting network
X-Pcrew-Ip-Organization: Blix Solutions
X-Redirect: skenzo
X-Subdomain: ww1
X-Template: tpl_CleanPeppermintBlack_twoclick

yfdpco.com/sk-park.php?pid=9PO15V947&dn=nudeleakteen.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&requrl=http%3A%2F%2Fww1.nudeleakteen.com%2F%3Fsubid1%3D654ded91-3c14-11f0-ac76-4d98c1e41df0&al=en-US%2Cen%3Bq%3D0.5

208.91.196.46

403 Forbidden

299 B

URL GET
yfdpco.com/sk-park.php?pid=9PO15V947&dn=nudeleakteen.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&requrl=http%3A%2F%2Fww1.nudeleakteen.com%2F%3Fsubid1%3D654ded91-3c14-11f0-ac76-4d98c1e41df0&al=en-US%2Cen%3Bq%3D0.5
IP
208.91.196.46:80
ASN
#40034 CONFLUENCE-NETWORK-INC

Requested by
http://ww1.nudeleakteen.com/?subid1=654ded91-3c14-11f0-ac76-4d98c1e41df0

File type
HTML document, ASCII text, with CRLF line terminators
Size
299 B (299 bytes)
Hash
bb66e28b0f0649997f97579d2c30acec
7810f842a0c5bad4170762b69bbb17601772bd7d
9fc60fdfd6c15bf1836e6f5d0021da261318757874b9f66f028187625a5e6163

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sk-park.php?pid=9PO15V947&dn=nudeleakteen.com&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&requrl=http%3A%2F%2Fww1.nudeleakteen.com%2F%3Fsubid1%3D654ded91-3c14-11f0-ac76-4d98c1e41df0&al=en-US%2Cen%3Bq%3D0.5 HTTP/1.1
Host: yfdpco.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ww1.nudeleakteen.com/
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Wed, 28 May 2025 22:37:47 GMT
Server: Apache
Referrer-Policy: no-referrer-when-downgrade
Accept-CH: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
Permissions-Policy: ch-ua-platform-version=("https://dts.gnpge.com"), ch-ua-model=("https://dts.gnpge.com")
Content-Length: 299
Keep-Alive: timeout=5, max=61
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (2)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (5)

URL GET

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

Certificate

File type

Size

Hash

HTTP Headers

URL User Request GET

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET

IP

ASN

Requested by

File type

Size

Hash

Detections

HTTP Headers