Report - dankleaks.top/

Report Overview

Visited public
2025-01-05 03:31:03
Tags
URL
dankleaks.top/
Finishing URL
dankleaks.top/login
IP / ASN
104.21.48.1
#13335 CLOUDFLARENET
Title
Dank Leaks - Find leaks and exclusive content or just have a community to chat with. All Noobs always welcome

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

128

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
dankleaks.top	unknown	2024-08-14	2024-08-14	2024-10-08	36 kB	8.7 MB	104.21.48.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed
2025-01-05	medium	dankleaks.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (36)

	URL	From	Size	First Seen	Last Seen
	dankleaks.top/assets/plugins/docker_manager_admin-d2b95af1064c079cd42baecb60f158994e169de221f8ed692209a18324b36f15.js	ScriptElement	32 kB	2024-12-16	2025-01-15
Pretty URL dankleaks.top/assets/plugins/docker_manager_admin-d2b95af1064c079cd42baecb60f158994e169de221f8ed692209a18324b36f15.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-16 14:48 Last Seen2025-01-15 16:52 Times Seen7 Hash 5f61aa6402adc8d70f3abb403c619f25 6a689d7d61f37f7f18744a11e5e3917a05a1bb5f d2b95af1064c079cd42baecb60f158994e169de221f8ed692209a18324b36f15 Loading...

	dankleaks.top/theme-javascripts/18f09c6fdbaed6c53d1071a320a68ded0652fe4d.js?__ws=dankleaks.top	ScriptElement	1.4 kB	2024-12-05	2025-01-13
Pretty URL dankleaks.top/theme-javascripts/18f09c6fdbaed6c53d1071a320a68ded0652fe4d.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-01-13 22:34 Times Seen3 Hash 8f5bd19c00fb01c6f330e01fb3717763 fdab23c4198186459609cb29975f0b5cc92369e5 f75ddfb0d7a0c16e57cd0327752dacb5968b0282d483d0a8e27adacdc10b41d5 Loading...

	dankleaks.top/assets/vendor.6f1929e16c84d825f1e134b0a5a6bf6d-ed21b08557694a2386531fb8b5bd479da7fe4ec9cffd9278c49f382c5e7bc3a4.js	ScriptElement	18 kB	2024-12-16	2025-01-15
Pretty URL dankleaks.top/assets/vendor.6f1929e16c84d825f1e134b0a5a6bf6d-ed21b08557694a2386531fb8b5bd479da7fe4ec9cffd9278c49f382c5e7bc3a4.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-16 14:48 Last Seen2025-01-15 16:52 Times Seen10 Hash 5f9d1aa2870881a4a8306735e6269299 bb530d8c8b7412c03278d9675158cd82190843c0 ed21b08557694a2386531fb8b5bd479da7fe4ec9cffd9278c49f382c5e7bc3a4 Loading...

	dankleaks.top/assets/plugins/chat-fb2901c15a318c458ab12dc4417cb02df0ffd4690f7fc09dcabb167836251437.js	ScriptElement	784 kB	2025-01-05	2025-01-05
Pretty URL dankleaks.top/assets/plugins/chat-fb2901c15a318c458ab12dc4417cb02df0ffd4690f7fc09dcabb167836251437.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 03:31 Last Seen2025-01-05 03:31 Times Seen1 Hash 01b5009d0166bed2aeba4b0d2e7a5836 26d98b1533cffcda4062af1c6ca189f9670d50d4 fb2901c15a318c458ab12dc4417cb02df0ffd4690f7fc09dcabb167836251437 Loading...

	dankleaks.top/assets/plugins/discourse-details-a19980264e3a6feb20b7e320b03ab0e7a3457105d99b863cd2f62eda09f15507.js	ScriptElement	1.4 kB	2024-12-05	2025-03-12
Pretty URL dankleaks.top/assets/plugins/discourse-details-a19980264e3a6feb20b7e320b03ab0e7a3457105d99b863cd2f62eda09f15507.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-03-12 13:55 Times Seen19 Hash 15a2166ed5cec7d8c765e5bd6e1e68a5 e37ad940c13a4b075c1698d08a6513345ae98f8d a19980264e3a6feb20b7e320b03ab0e7a3457105d99b863cd2f62eda09f15507 Loading...

	dankleaks.top/assets/plugins/discourse-local-dates-e622ba3973e1136408d885aa43a8dbf02095f2f9d0165a4954b2ab1b50b5300e.js	ScriptElement	31 kB	2024-12-13	2025-01-15
Pretty URL dankleaks.top/assets/plugins/discourse-local-dates-e622ba3973e1136408d885aa43a8dbf02095f2f9d0165a4954b2ab1b50b5300e.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 13:34 Last Seen2025-01-15 16:52 Times Seen11 Hash a0b8c76a7cb6e017705c5af02fd86363 8b69e3a46b3740449f515a2c18f6761802b6eefa e622ba3973e1136408d885aa43a8dbf02095f2f9d0165a4954b2ab1b50b5300e Loading...

	dankleaks.top/assets/chunk.4c5fe19cfb15e7f301c5.d41d8cd9.js	ScriptElement	75 kB	2025-01-05	2025-01-05
Pretty URL dankleaks.top/assets/chunk.4c5fe19cfb15e7f301c5.d41d8cd9.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 03:31 Last Seen2025-01-05 03:31 Times Seen1 Hash 7c406b6d097e045549e6b594f3125db6 85df950808011032152aab6c6f92969a7b6ee064 200d8bf69be7f90fcb4c3a99a1de16e8d69566c39a11d1fca33898bb763e9385 Loading...

	dankleaks.top/theme-javascripts/3b5867a6c61fddf3c1a34a5b116498ebb69562e5.js?__ws=dankleaks.top	ScriptElement	18 kB	2025-01-05	2025-01-13
Pretty URL dankleaks.top/theme-javascripts/3b5867a6c61fddf3c1a34a5b116498ebb69562e5.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 03:31 Last Seen2025-01-13 22:34 Times Seen2 Hash 312a5d58ebe3c4cdcfadd79db2d16c66 5820d335a0c433f0a19d29ad6979e8b8d6282469 891c5d7df9a6f7831af11791e99cb2e35e7bd571d64a5fbd9ae372cba3f901c5 Loading...

	dankleaks.top/theme-javascripts/c30053ba7f4fb4443b65d55cae2b0e6adb7f450a.js?__ws=dankleaks.top	ScriptElement	556 B	2024-12-05	2025-01-13
Pretty URL dankleaks.top/theme-javascripts/c30053ba7f4fb4443b65d55cae2b0e6adb7f450a.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-01-13 22:34 Times Seen3 Hash d2c1b3e92b8844cd353212b406a449fa 2064e4d032323eb7ca004910a9ce1c2f6fc72a7e 02cfef05f4daffcbf0de85a98c8de4110664d0e0fc7d29fdf7428cda0f534fee Loading...

	dankleaks.top/login	ScriptElement	1.1 kB	2024-04-11	2025-03-08
Pretty URL dankleaks.top/login IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-04-11 00:56 Last Seen2025-03-08 13:51 Times Seen53 Hash c520348cf87ad980e0c0167822d5cb45 22b38a6baaf930f7344245d820783ffe5b385311 e9e5ecc66724ff2e4b7375ca228890b566af3b78f8470aad7eae75b58b596396 Loading...

	dankleaks.top/assets/plugins/footnote-b30502d9bd28251a1683c8d09ed164bc6650c5c67c4375e6a42adf95b3ee8110.js	ScriptElement	2.9 kB	2024-09-28	2025-03-08
Pretty URL dankleaks.top/assets/plugins/footnote-b30502d9bd28251a1683c8d09ed164bc6650c5c67c4375e6a42adf95b3ee8110.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-28 08:22 Last Seen2025-03-08 13:51 Times Seen20 Hash d7518b5dfd94ecc1ff0a470b4572554a d63b4187efd360f61c330730ca78439f7a879eca b30502d9bd28251a1683c8d09ed164bc6650c5c67c4375e6a42adf95b3ee8110 Loading...

	dankleaks.top/extra-locales/mf?v=50fc7aac4b913b2fb6284a3ad8efa92b	ScriptElement	18 kB	2024-11-05	2025-04-02
Pretty URL dankleaks.top/extra-locales/mf?v=50fc7aac4b913b2fb6284a3ad8efa92b IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-05 01:21 Last Seen2025-04-02 04:28 Times Seen27 Hash 50fc7aac4b913b2fb6284a3ad8efa92b 9c5739b564a8ec4ccef9c30d8b76aa49b665e587 2e8184a4bb598f1bd378dad0b24dc19aaa26071c75e055ebf173f91e62658c6a Loading...

	dankleaks.top/assets/plugins/poll-a5d86d6ee6963980150c78fa309e5d0ddf18ff8b4224b9a2a87cbe8a34205280.js	ScriptElement	92 kB	2024-12-26	2025-01-15
Pretty URL dankleaks.top/assets/plugins/poll-a5d86d6ee6963980150c78fa309e5d0ddf18ff8b4224b9a2a87cbe8a34205280.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-26 07:52 Last Seen2025-01-15 16:52 Times Seen7 Hash d76e97adf4e6e3b1bdc01dd09ddd72e3 746ff01274f3af9c78c21f6544481c51eece7d3f a5d86d6ee6963980150c78fa309e5d0ddf18ff8b4224b9a2a87cbe8a34205280 Loading...

	dankleaks.top/assets/plugins/spoiler-alert-f248215b3244c267d8dff2d32901afb6d1dd07988eff90c2b4fc794234956de7.js	ScriptElement	3.3 kB	2024-12-05	2025-03-12
Pretty URL dankleaks.top/assets/plugins/spoiler-alert-f248215b3244c267d8dff2d32901afb6d1dd07988eff90c2b4fc794234956de7.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-03-12 13:55 Times Seen19 Hash 16dc5f470fe449d5b2aac28147dd5fd3 b1f581c2b52bb9e8975c1ce2da4ed0550df4a3b9 f248215b3244c267d8dff2d32901afb6d1dd07988eff90c2b4fc794234956de7 Loading...

	dankleaks.top/assets/locales/en-db7ca6cd24f86f5b448c9c114e7752f23917aa6544612aaeae6dd70dbff23922.js	ScriptElement	331 kB	2025-01-04	2025-01-05
Pretty URL dankleaks.top/assets/locales/en-db7ca6cd24f86f5b448c9c114e7752f23917aa6544612aaeae6dd70dbff23922.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-04 16:02 Last Seen2025-01-05 03:31 Times Seen2 Hash 298363003d758d9a85c80f85656efce4 a84c34ad14500a1f4549fdc155577738d4b604a8 274eb82a650b694a429de47633da2b5c059380113e008a12946e51bb05235ee3 Loading...

	dankleaks.top/theme-javascripts/8b940f1c1f87650666c18108a0d2484a5c084970.js?__ws=dankleaks.top	ScriptElement	11 kB	2024-12-05	2025-01-05
Pretty URL dankleaks.top/theme-javascripts/8b940f1c1f87650666c18108a0d2484a5c084970.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-01-05 03:31 Times Seen2 Hash 4719bfc3ac402e3ec9cb6b3aa1c54a51 b6499ceb374439395ff459a8ab1d4b289d286736 cc020e279acba07ff120180dae8a734755323dc816894fb106512d64f7b2f056 Loading...

	dankleaks.top/login	ScriptElement	67 B	2024-02-23	2025-04-02
Pretty URL dankleaks.top/login IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-02-23 08:28 Last Seen2025-04-02 04:28 Times Seen67 Hash 8a9d083d236ddf91ca023e737cc2518a 6467793d849103da5d6998df3c6a6861bd1c3cd4 40596760ed8b97eae01512a4526b7246e6e505ceca14db1bcc5ec1ce80aa8e00 Loading...

	dankleaks.top/assets/plugins/discourse-lazy-videos-9aedaec9b360053ab6f08fc1906a26d134f2c3c18220cd09a96549a2067584fb.js	ScriptElement	6.4 kB	2024-11-18	2025-03-12
Pretty URL dankleaks.top/assets/plugins/discourse-lazy-videos-9aedaec9b360053ab6f08fc1906a26d134f2c3c18220cd09a96549a2067584fb.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-18 10:06 Last Seen2025-03-12 13:55 Times Seen21 Hash a5247fa8692b9b35976684ec7f460fe8 49d50176bdaab4ce046e8276adf67718ec2b6119 9aedaec9b360053ab6f08fc1906a26d134f2c3c18220cd09a96549a2067584fb Loading...

	dankleaks.top/assets/plugins/discourse-presence-4936ee7cf92a3f490144a4c6818f17eb70f147b34a3cb5043c3427652d4575de.js	ScriptElement	11 kB	2024-12-13	2025-01-15
Pretty URL dankleaks.top/assets/plugins/discourse-presence-4936ee7cf92a3f490144a4c6818f17eb70f147b34a3cb5043c3427652d4575de.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-13 13:34 Last Seen2025-01-15 16:52 Times Seen11 Hash 8a7b60e21f2753ac6010f81eac58cecf 3cec843474ffe12ede8cf27ba738fa29e4deee01 4936ee7cf92a3f490144a4c6818f17eb70f147b34a3cb5043c3427652d4575de Loading...

	dankleaks.top/assets/plugins/footnote_extra-295b457b90cb18fedfdb544868c494c71842a27c0781d3042fa4fd26589204fa.js	ScriptElement	6.2 kB	2024-03-19	2025-04-02
Pretty URL dankleaks.top/assets/plugins/footnote_extra-295b457b90cb18fedfdb544868c494c71842a27c0781d3042fa4fd26589204fa.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-03-19 03:14 Last Seen2025-04-02 04:28 Times Seen64 Hash f81ebd751747094dde00a9fed709a918 f145bb23d59a7b995933e6742ea9e0d2a3363c3d 5d42ebdcddd972fdff22dca8398998a80ce50b0ec08915e8e8b9682a941b8651 Loading...

	dankleaks.top/assets/browser-update-5faeb6403cf1359d9e201f096cc21a2cb3290010f06dac44d3d9c52210a05aac.js	ScriptElement	1.6 kB	2024-11-18	2025-03-12
Pretty URL dankleaks.top/assets/browser-update-5faeb6403cf1359d9e201f096cc21a2cb3290010f06dac44d3d9c52210a05aac.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-18 10:06 Last Seen2025-03-12 13:55 Times Seen21 Hash bf8d42e3f8d92e5bb394ba24b4d1dbc5 9a6c5f34a392b5aed19f7ccc0a8e3c526ac0ea57 5faeb6403cf1359d9e201f096cc21a2cb3290010f06dac44d3d9c52210a05aac Loading...

	dankleaks.top/assets/chunk.c6a0d7f79844e46a5bed.d41d8cd9.js	ScriptElement	5.3 MB	2025-01-05	2025-01-05
Pretty URL dankleaks.top/assets/chunk.c6a0d7f79844e46a5bed.d41d8cd9.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 03:31 Last Seen2025-01-05 03:31 Times Seen1 Hash 085ba55a53695ac4daf02e81c29b4bd5 4ef1b214beb9adc9e289f7504b2a3e0c67e417b6 4e9cdbede9c21ba3540407febb66ca6e328e05a7dfb98afebda823a7995617da Loading...

	dankleaks.top/theme-javascripts/c59873202aa46fad28b2cf96a77d5e1360e13740.js?__ws=dankleaks.top	ScriptElement	470 B	2024-09-20	2025-01-13
Pretty URL dankleaks.top/theme-javascripts/c59873202aa46fad28b2cf96a77d5e1360e13740.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-20 20:06 Last Seen2025-01-13 22:34 Times Seen4 Hash 1126aca052a8a376ac7e68b31e36e64c 20f2e46d13a0a8d777455c1678a9d563901b3660 e6962ca76355754f86f620f96d9d4cd0d27727e0e10d442e96b99e41522e9095 Loading...

	dankleaks.top/svg-sprite/dankleaks.top/svg-1-a86aefd5457e930e93829f96d8c7ddf99811cc72.js	ScriptElement	143 kB	2024-12-05	2025-01-13
Pretty URL dankleaks.top/svg-sprite/dankleaks.top/svg-1-a86aefd5457e930e93829f96d8c7ddf99811cc72.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-01-13 22:34 Times Seen3 Hash e98f4a84ead02c857df32abdfaba0cfe 1d3effe9fe01dddf0a85ff5426bbb889ff4c31d9 a3c3492dbab94dd57e93e119dc26fc951708b758e20183cbf04f1215f0557b27 Loading...

	dankleaks.top/cdn-cgi/challenge-platform/scripts/jsd/main.js	ScriptElement	8.7 kB	2025-01-05	2025-01-05
Pretty URL dankleaks.top/cdn-cgi/challenge-platform/scripts/jsd/main.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 03:31 Last Seen2025-01-05 05:14 Times Seen3 Hash 42570e662c5f2d4c2f73e3678fdc9c15 508b45f3894afd0653cb9f8726ead5a17cdd72ff 2c439bf88af7b910485b5b852fc882ce3a4c1007bdcdc44875d57edb34462e54 Loading...

	dankleaks.top/assets/plugins/automation_admin-fce8c2847d735a9bb8ea4f907d496b19afc01636f27d0fee838ac6112b875d8f.js	ScriptElement	90 kB	2025-01-05	2025-01-13
Pretty URL dankleaks.top/assets/plugins/automation_admin-fce8c2847d735a9bb8ea4f907d496b19afc01636f27d0fee838ac6112b875d8f.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 03:31 Last Seen2025-01-13 22:34 Times Seen2 Hash f6f3155b1f52eefd4019317f104fdc0c 5aea77415dc6a1863d27272ccc408c7453ae00b7 fce8c2847d735a9bb8ea4f907d496b19afc01636f27d0fee838ac6112b875d8f Loading...

	dankleaks.top/theme-javascripts/bbd8ced11c530be8cb037cc8ecd216417c69d0c8.js?__ws=dankleaks.top	ScriptElement	1.0 kB	2024-09-20	2025-01-13
Pretty URL dankleaks.top/theme-javascripts/bbd8ced11c530be8cb037cc8ecd216417c69d0c8.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-20 20:06 Last Seen2025-01-13 22:34 Times Seen4 Hash e619ee2ad8ec2fde31512f1a00c3454c efe387bdfaeb132b3214fe1b873b519b274bfaa4 57f71077daa21a85e08cabd0f581f3b6f7096138774cab64cea093fb897f6afd Loading...

	dankleaks.top/theme-javascripts/7f3143e250ce0c3e24cfd1715cc17d6c3daaf865.js?__ws=dankleaks.top	ScriptElement	2.3 kB	2024-12-05	2025-01-13
Pretty URL dankleaks.top/theme-javascripts/7f3143e250ce0c3e24cfd1715cc17d6c3daaf865.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-01-13 22:34 Times Seen3 Hash a53593ce1e4bd0440aa4ba870d3ff5b4 8bb400ed6d5bf97c1a114e4020eff92b2a8db38c 26494cb3f0b62ca224a63edc99a7219e7baa08e3888870af01d395837567a59f Loading...

	dankleaks.top/assets/browser-detect-06b8e45041d4587c0c6b454b2c35e1584b6ab99cf1792f325e4ff851f4db507d.js	ScriptElement	497 B	2024-11-18	2025-02-20
Pretty URL dankleaks.top/assets/browser-detect-06b8e45041d4587c0c6b454b2c35e1584b6ab99cf1792f325e4ff851f4db507d.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-18 10:06 Last Seen2025-02-20 15:10 Times Seen20 Hash fd39788d1cae08e3082f381b676c6c4a 7e2b04b712d1bf4fb4e75d843013d5980953da5d 06b8e45041d4587c0c6b454b2c35e1584b6ab99cf1792f325e4ff851f4db507d Loading...

	dankleaks.top/assets/plugins/chat_admin-aeb2809a04d368a2854d3ffe709f1c978ded0cea8dd8af709eccb4be4db87784.js	ScriptElement	19 kB	2024-12-27	2025-01-13
Pretty URL dankleaks.top/assets/plugins/chat_admin-aeb2809a04d368a2854d3ffe709f1c978ded0cea8dd8af709eccb4be4db87784.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-27 03:36 Last Seen2025-01-13 22:34 Times Seen3 Hash 84ac9100e8010ab23791fb856f549b75 b7d7b20defee8ee50bee0484cd830ee3fcdcc894 aeb2809a04d368a2854d3ffe709f1c978ded0cea8dd8af709eccb4be4db87784 Loading...

	dankleaks.top/assets/start-discourse-9f921142b762fb91207051d0a28e571b9455bab74e7d0e03726024c286cff8d5.js	ScriptElement	567 B	2024-06-20	2025-03-12
Pretty URL dankleaks.top/assets/start-discourse-9f921142b762fb91207051d0a28e571b9455bab74e7d0e03726024c286cff8d5.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-20 10:25 Last Seen2025-03-12 13:55 Times Seen41 Hash 17c043b81a2a9d3399b97b5fce118e31 de16bdcb3a87f8bf081a4b73b17b717526fd3152 9f921142b762fb91207051d0a28e571b9455bab74e7d0e03726024c286cff8d5 Loading...

	unknown	ScriptElement	261 B	2025-01-05	2025-01-05
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 03:31 Last Seen2025-01-05 03:31 Times Seen1 Hash db14a6d721d0a0c5cb4589ab91d9232f 6eac5c10473ed748304f2de3d6ffcf44c780f653 6fdceb0373d81038aa003a0a2e898bea07d8625dfa4df065de0373fecd67fcb9 Loading...

	dankleaks.top/login	ScriptElement	982 B	2025-01-05	2025-01-05
Pretty URL dankleaks.top/login IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-05 03:31 Last Seen2025-01-05 03:31 Times Seen1 Hash 6e1468facbc96f260d258b69f806cbca 7f9de4c23e80613f6864a024e32f29fb0b51ad03 569fccff472a809783a05e64fb308b7e9595850e0177ae93f4799d5cde06d9d0 Loading...

	dankleaks.top/assets/plugins/checklist-f56c22844d8be39217397d68624ee48a0261664604905e36d0b7c8517e35dca6.js	ScriptElement	3.9 kB	2024-12-05	2025-01-15
Pretty URL dankleaks.top/assets/plugins/checklist-f56c22844d8be39217397d68624ee48a0261664604905e36d0b7c8517e35dca6.js IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-01-15 16:52 Times Seen13 Hash 5b368ec5b57f808553be3387db4c7571 61d2e4fb045e64e841a2068b49fe12b25fcbcaaa f56c22844d8be39217397d68624ee48a0261664604905e36d0b7c8517e35dca6 Loading...

	dankleaks.top/theme-javascripts/6c1af58d911c45faf11da37e083fcfdbaaf39381.js?__ws=dankleaks.top	ScriptElement	3.0 kB	2025-01-05	2025-01-13
Pretty URL dankleaks.top/theme-javascripts/6c1af58d911c45faf11da37e083fcfdbaaf39381.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-05 03:31 Last Seen2025-01-13 22:34 Times Seen2 Hash 6a4ecb887357fef66badafa7d07d4746 754a26508d841b304231c6e1493a3a380a8d8446 4eac77e1b70556356b68364b80d3ad04f9b7a27105df358b2f2bd82d5103a86d Loading...

	dankleaks.top/theme-javascripts/d39bb90df27a6d3a555d43603f2a28e3f0b21d0e.js?__ws=dankleaks.top	ScriptElement	4.4 kB	2024-12-05	2025-01-13
Pretty URL dankleaks.top/theme-javascripts/d39bb90df27a6d3a555d43603f2a28e3f0b21d0e.js?__ws=dankleaks.top IP 104.21.48.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-05 23:58 Last Seen2025-01-13 22:34 Times Seen3 Hash 504ed1f3af7cd3b8ada6ddad39e0b3a0 f645e8fc044e499d7b9201494ba1594f2806b395 f3e116fcb75d9549f014381355820576db6c16804e5925868a8b71358174ac68 Loading...

HTTP Transactions (64)

URL IP Response Size

dankleaks.top/theme-javascripts/c59873202aa46fad28b2cf96a77d5e1360e13740.js?__ws=dankleaks.top

104.21.48.1

200 OK

172 kB

URL GET HTTP/3
dankleaks.top/theme-javascripts/c59873202aa46fad28b2cf96a77d5e1360e13740.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text
Size
172 kB (171589 bytes)
Hash
1126aca052a8a376ac7e68b31e36e64c
20f2e46d13a0a8d777455c1678a9d563901b3660
e6962ca76355754f86f620f96d9d4cd0d27727e0e10d442e96b99e41522e9095

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/c59873202aa46fad28b2cf96a77d5e1360e13740.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hc9y9hp7JYXup63afAVpbnV35LXNIT4ZOmvnrMXGBQWxWRKfl8t8yDQWEtwCTH8kyFsod191zM36bcL4ShQiab%2FRHUwnd%2BzVywyS2q0MNZxe3q2hwpxf8Vl0YkTTN1Y1"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Fri, 26 Apr 2024 19:14:34 GMT
content-disposition: inline; filename="c59873202aa46fad28b2cf96a77d5e1360e13740.js"; filename*=UTF-8''c59873202aa46fad28b2cf96a77d5e1360e13740.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: f444554c-8542-413b-8e26-c31444285e1b
cf-cache-status: HIT
age: 3448456
content-encoding: br
cf-ray: 8fd063fcc98856c7-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/browser-detect-06b8e45041d4587c0c6b454b2c35e1584b6ab99cf1792f325e4ff851f4db507d.js

104.21.48.1

200 OK

827 B

URL GET HTTP/3
dankleaks.top/assets/browser-detect-06b8e45041d4587c0c6b454b2c35e1584b6ab99cf1792f325e4ff851f4db507d.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (306)
Size
827 B (827 bytes)
Hash
fd39788d1cae08e3082f381b676c6c4a
7e2b04b712d1bf4fb4e75d843013d5980953da5d
06b8e45041d4587c0c6b454b2c35e1584b6ab99cf1792f325e4ff851f4db507d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/browser-detect-06b8e45041d4587c0c6b454b2c35e1584b6ab99cf1792f325e4ff851f4db507d.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5f1ZVCaPLIVvnUrxgwyHIV6KtG7SFjKd5ir2da4MTHi%2BhaKEmHPhmJaBd7ZE7koTWnLLbZdb0HuDmsUq316ed0Du70USPEj3zMxgFCbDeVNDOIUYEyduDIDEUJTJ9D6R"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 25 Nov 2024 20:41:00 GMT
vary: Accept-Encoding
expires: Tue, 25 Nov 2025 21:56:08 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 3476067
content-encoding: br
cf-ray: 8fd063fc997456c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/start-discourse-9f921142b762fb91207051d0a28e571b9455bab74e7d0e03726024c286cff8d5.js

104.21.48.1

200 OK

864 B

URL GET HTTP/3
dankleaks.top/assets/start-discourse-9f921142b762fb91207051d0a28e571b9455bab74e7d0e03726024c286cff8d5.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text
Size
864 B (864 bytes)
Hash
17c043b81a2a9d3399b97b5fce118e31
de16bdcb3a87f8bf081a4b73b17b717526fd3152
9f921142b762fb91207051d0a28e571b9455bab74e7d0e03726024c286cff8d5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/start-discourse-9f921142b762fb91207051d0a28e571b9455bab74e7d0e03726024c286cff8d5.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mC%2BkX0YVqzovLYEecvr2dC44%2FKuyaaJS6Lxfmy9U8fdOOML1S%2FIrUeqd0eGFoFKn%2BeZf%2Ff7OAf6jSIMElISojugJIKuYTD6Tibygc74mukwCwgT7smDC3UkEW7s5Bv5L"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 12 Dec 2024 18:39:40 GMT
vary: Accept-Encoding
expires: Sat, 20 Dec 2025 01:57:01 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 1388014
content-encoding: br
cf-ray: 8fd063fc997256c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/docker_manager_admin-d2b95af1064c079cd42baecb60f158994e169de221f8ed692209a18324b36f15.js

104.21.48.1

200 OK

13 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/docker_manager_admin-d2b95af1064c079cd42baecb60f158994e169de221f8ed692209a18324b36f15.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (4288)
Size
13 kB (12623 bytes)
Hash
5f61aa6402adc8d70f3abb403c619f25
6a689d7d61f37f7f18744a11e5e3917a05a1bb5f
d2b95af1064c079cd42baecb60f158994e169de221f8ed692209a18324b36f15

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/docker_manager_admin-d2b95af1064c079cd42baecb60f158994e169de221f8ed692209a18324b36f15.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2BSmqowng%2BZVSMsGOR1TLK2TIE5aKsYv8uk5Feq56ZHLWG8ThkIYflZTNtYcV%2BI0YNhrCCNujW2PK8%2BsCgMlKrtbCIc%2FYKV7UKa%2F26mNErEndV4%2BQEK7INqf4sk1CZxd"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 12 Dec 2024 18:40:03 GMT
vary: Accept-Encoding
expires: Fri, 12 Dec 2025 18:51:00 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 2018375
content-encoding: br
cf-ray: 8fd063fcb98156c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/theme-javascripts/d39bb90df27a6d3a555d43603f2a28e3f0b21d0e.js?__ws=dankleaks.top

104.21.48.1

200 OK

9.8 kB

URL GET HTTP/3
dankleaks.top/theme-javascripts/d39bb90df27a6d3a555d43603f2a28e3f0b21d0e.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
gzip compressed data, from Unix
Size
9.8 kB (9771 bytes)
Hash
eda5bf69ee24a152d9ff0e7078e9f748
15fb9a99467f6c840d205ac1b2058d2e4d9a6212
3c06ac0fbc6e16083b427ab2ecd1454be01f6a44237ee2d7a411b2761c4f6f3f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/d39bb90df27a6d3a555d43603f2a28e3f0b21d0e.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=d9dLbVckljFsnMikMOzwI61IKjOuUqOH9V7D6F7a3PKtHgSxMWWtiyZUC%2BpDK8C5yVw3mwR5%2BhoW10L%2BGyoMGah4TmEjj7D77NhuSzuebidLQYfnJTbjeHmfyYUZGzHB"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Wed, 12 Jun 2024 20:54:58 GMT
content-disposition: inline; filename="d39bb90df27a6d3a555d43603f2a28e3f0b21d0e.js"; filename*=UTF-8''d39bb90df27a6d3a555d43603f2a28e3f0b21d0e.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: e6c43d63-05be-44b9-a3a2-d11591f39df8
content-encoding: gzip
cf-cache-status: HIT
age: 3448342
cf-ray: 8fd063fce98e56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/extra-locales/mf?v=50fc7aac4b913b2fb6284a3ad8efa92b

104.21.48.1

200 OK

8.3 kB

URL GET HTTP/3
dankleaks.top/extra-locales/mf?v=50fc7aac4b913b2fb6284a3ad8efa92b
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
gzip compressed data, from Unix
Size
8.3 kB (8309 bytes)
Hash
d3478c5a4359b6cbebb7b022ec9328a6
65dd9fbe26e0cb97f928551f9a9a83dbf194f8fe
43b3f457721ad8cac2a883bcc29fb83c2f1ddd038b61a7784140188c73ffba9e

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /extra-locales/mf?v=50fc7aac4b913b2fb6284a3ad8efa92b HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:36 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8uTrCr8mFOA5gM5J1nUdEGXz1eDxvdxQlWd5V%2FRsucC2lDJWZUqrs3uYpEGgTz%2BsC2dv7D48zCJQAeOxY6Sv1cimZMn9UVQ3phe3xS9AqQTbmNlsN2oH0v9gsOmIty0g"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: extra_locales/show
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
cache-control: max-age=31556952, public, immutable
x-request-id: 103f517b-4d07-452e-b030-88126226f0c5
x-runtime: 0.480652
content-encoding: gzip
cf-cache-status: DYNAMIC
cf-ray: 8fd063fcc98656c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/theme-javascripts/3b5867a6c61fddf3c1a34a5b116498ebb69562e5.js?__ws=dankleaks.top

104.21.48.1

200 OK

14 kB

URL GET HTTP/3
dankleaks.top/theme-javascripts/3b5867a6c61fddf3c1a34a5b116498ebb69562e5.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
gzip compressed data, from Unix
Size
14 kB (14207 bytes)
Hash
583fd0c59828d9c579d5029590f29490
5b6b3c396a30a1d299b8375233ed14455180f96e
81b26e42fd6382d8bcd353118c1bdd9ec6ae7c7b15d7dbbd7c0b09facae5b397

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/3b5867a6c61fddf3c1a34a5b116498ebb69562e5.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4gsTfLW2Cj%2F74bclXJU0fnJohJlQkdyjCnmFAQrKS48AnrSossk10MZQrKBerD%2B6Ssm5pEPgYAAnwXZK0HT0mY2CuILMI2GHnWiPWecWBB8jL2b1EINDIQNapRgG5a%2F6"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Thu, 12 Dec 2024 18:44:36 GMT
content-disposition: inline; filename="3b5867a6c61fddf3c1a34a5b116498ebb69562e5.js"; filename*=UTF-8''3b5867a6c61fddf3c1a34a5b116498ebb69562e5.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 03aac1c3-3d21-44d7-8c5c-6471aa3da674
content-encoding: gzip
cf-cache-status: HIT
age: 1455634
cf-ray: 8fd063fcd98b56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/uploads/default/optimized/3X/1/8/18d945cb7d516b7813c4cb9a86d5a91b49804756_2_180x180.png

104.21.48.1

200 OK

8.2 kB

URL GET HTTP/3
dankleaks.top/uploads/default/optimized/3X/1/8/18d945cb7d516b7813c4cb9a86d5a91b49804756_2_180x180.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
PNG image data, 180 x 180, 8-bit colormap, non-interlaced
Size
8.2 kB (8233 bytes)
Hash
c9fea4190cb4b77413eacc2a3477b903
90351246c66926b9060c0ebe784740859c00acb1
af5e56a4f450de132967d8951bec0054eea33bde0b0f171be39dae29e3d583a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/default/optimized/3X/1/8/18d945cb7d516b7813c4cb9a86d5a91b49804756_2_180x180.png HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:37 GMT
content-type: image/png
content-length: 8233
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7OxcC0tSpZHRiiVakOwIM3maFOywseTunwZ86KY06XS4JMD21xbU9pgXcpWYGe3ya92wD826vVuaAocu%2Bz2FdzRykfWfDolnNlXhS6A1DPOO%2FwcO4zfe0XeEYLZB7Bo0"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Dec 2024 21:14:13 GMT
expires: Fri, 19 Dec 2025 21:15:05 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1404932
accept-ranges: bytes
cf-ray: 8fd0640569a756c7-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

dankleaks.top/uploads/default/optimized/3X/6/5/654674a8e7cb89892748e2538e3b08683e202157_2_32x32.png

104.21.48.1

200 OK

1.0 kB

URL GET HTTP/3
dankleaks.top/uploads/default/optimized/3X/6/5/654674a8e7cb89892748e2538e3b08683e202157_2_32x32.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGB, non-interlaced
Size
1.0 kB (1017 bytes)
Hash
b0b3c97665f7d21c04fa5bb134715cf2
5a8f89fbf8daff63e7c83d92895893f5edf0e151
b3c77fcaf8970a24457095e8fd407efa28d2e97aa2fcd72a8e4a9e27acaaeded

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/default/optimized/3X/6/5/654674a8e7cb89892748e2538e3b08683e202157_2_32x32.png HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:37 GMT
content-type: image/png
content-length: 1017
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f%2B1l2niNshTQo1vclJrgGd323vAyGchZkF%2FeK44vMWpN3UKVJynG177S4HQQI%2FNzn1jCqnvkUWHbC3O2LQYjH9bk1Q47NWoJxv361uorkh1QXLPO9CT%2Bi9Q502Rxhj5p"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Dec 2024 21:13:06 GMT
expires: Fri, 19 Dec 2025 21:28:34 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1404123
accept-ranges: bytes
cf-ray: 8fd0640569a856c7-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

dankleaks.top/cdn-cgi/challenge-platform/scripts/jsd/main.js

104.21.48.1

302 Found

0 B

URL GET HTTP/3
dankleaks.top/cdn-cgi/challenge-platform/scripts/jsd/main.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 302 Found
date: Sun, 05 Jan 2025 03:30:37 GMT
content-length: 0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nXrBr3fDjzhBGLry05Wkz9D7RnP3D8Y%2FGueXehjIWlatGrcjhYssKSMzBh0IHdcU%2Fgsr8VXyje%2BWPwj9HJSWj4y9bdorPpemJqG2zIocAWVulSt7qfBGtXrrc7DEH9Ha"}],"group":"cf-nel","max_age":604800}
location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?
cache-control: max-age=300, stale-if-error=10800, stale-while-revalidate=10800, public
access-control-allow-origin: *
cf-ray: 8fd0640749ab56c7-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

dankleaks.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?

104.21.48.1

200 OK

4.0 kB

URL GET HTTP/3
dankleaks.top/cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js?
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (8686), with no line terminators
Size
4.0 kB (4048 bytes)
Hash
42570e662c5f2d4c2f73e3678fdc9c15
508b45f3894afd0653cb9f8726ead5a17cdd72ff
2c439bf88af7b910485b5b852fc882ce3a4c1007bdcdc44875d57edb34462e54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/849bfe45bf45/main.js? HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:37 GMT
content-type: application/javascript; charset=UTF-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BLzVw3JLFnzNqJk%2B4hPpf8NlW2cNoX%2FSrguwl6aWG4zYOLXCUHY7YatSILKtl1qXM3dWchTOgsyy3EsOIH2kRtsuC1%2F7zKOnDDuRXPM%2BmIU7GTqFsQFV2GKilGrjHjSn"}],"group":"cf-nel","max_age":604800}
cache-control: max-age=14400, stale-if-error=10800, stale-while-revalidate=10800, public
x-content-type-options: nosniff
content-encoding: br
cf-ray: 8fd0640799ac56c7-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

dankleaks.top/uploads/default/original/3X/8/d/8de2f902dae691b2dab9ae51e1460dfc91c00f3f.png

104.21.48.1

200 OK

20 kB

URL GET HTTP/3
dankleaks.top/uploads/default/original/3X/8/d/8de2f902dae691b2dab9ae51e1460dfc91c00f3f.png
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
PNG image data, 400 x 120, 8-bit/color RGB, non-interlaced
Size
20 kB (20239 bytes)
Hash
1aeeaba6a70bd39b1fd96bd8c2b656ca
8de2f902dae691b2dab9ae51e1460dfc91c00f3f
2af278a8e57dd09763ad67462fec520c58ef6e591804c1b604af9a564db6b373

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /uploads/default/original/3X/8/d/8de2f902dae691b2dab9ae51e1460dfc91c00f3f.png HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F; cf_clearance=Mp2fm4hqgd2gfMPz_TXvShJ1_NwN8XXa1E2hFrIatcU-1736047837-1.2.1.1-0Z.jM6c5.eWtWXhYMHB1EtsOCyToSmiTnqO8NvijGx2wYIJkxl83KArANrjqh7qZIfkqRBROg7iUVB3qkINjeJcwznsnIlYY6huEPCuchT1ejdSHj6Y3sZZb_lhejJmdPvg7PgJTV1gfjtqsSTbhs8_j0jf6z77hSno8.SuiRq6mOXC8U78hQG7upvIBfZOxQSevHyE3xURGJAASXsj6rbVJFI2Fq4uiz4rOSmbeumzE5_9ln5iI17kNQ_dRMKQl72IzHB6BETFbuWfZWjsesE75s1touMnzjrb.oxr_Bodg41w9RFSmWFLYRGkrPDlH9c_rmBIYQAjJdxJEjjg2yw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:37 GMT
content-type: image/png
content-length: 20239
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kQWV%2BzeCZ2ggqOEp2zBH3ELaa5YxTf60uo9zfole8aaXClSGRLzIK1NBy4%2FnCaOCAXVCXEsR%2BMvrE8DJbMSVlaFmHeJWSLZL6mI2y7UDw%2BWIhBZVKbtTkCLlcw8AiQBf"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Dec 2024 17:00:40 GMT
expires: Fri, 19 Dec 2025 21:15:05 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
cf-cache-status: HIT
age: 1404932
accept-ranges: bytes
cf-ray: 8fd06409e9af56c7-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

dankleaks.top/svg-sprite/dankleaks.top/svg-1-a86aefd5457e930e93829f96d8c7ddf99811cc72.js

104.21.48.1

200 OK

290 kB

URL GET HTTP/3
dankleaks.top/svg-sprite/dankleaks.top/svg-1-a86aefd5457e930e93829f96d8c7ddf99811cc72.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
gzip compressed data, from Unix
Size
290 kB (289450 bytes)
Hash
c0cdabfb5dd01035ae67c328a8fc1513
238fb7f44ec0dfadd5c5996f618c1f96ca399d4f
3d952bf12d9c448fbd89aa5567ca15ce3a5e6dca4dd4aeb6181df9a133e5ed2c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /svg-sprite/dankleaks.top/svg-1-a86aefd5457e930e93829f96d8c7ddf99811cc72.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:37 GMT
content-type: application/javascript; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yd7j%2FOqtJwYAn1Nl1SPZC7yNFVjKP7krLnFxsPM5nH3mna%2BeFgtw3JzdNVV0wMUY4JVs1TydW%2BmkWK54tDRyY1ejmH8uzpLS1sN1NyoCHiev7imm5lmI263pjYE3HvDh"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: svg_sprite/show
last-modified: Wed, 26 Nov 2014 04:18:00 GMT
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
cache-control: public, max-age=31556952, immutable
x-request-id: fa0016d5-06af-4180-bf8b-0f8a2b62bf31
content-encoding: gzip
cf-cache-status: HIT
age: 3450288
cf-ray: 8fd06406d9a956c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/poll-a5d86d6ee6963980150c78fa309e5d0ddf18ff8b4224b9a2a87cbe8a34205280.js

104.21.48.1

200 OK

27 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/poll-a5d86d6ee6963980150c78fa309e5d0ddf18ff8b4224b9a2a87cbe8a34205280.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (9570)
Size
27 kB (26917 bytes)
Hash
d76e97adf4e6e3b1bdc01dd09ddd72e3
746ff01274f3af9c78c21f6544481c51eece7d3f
a5d86d6ee6963980150c78fa309e5d0ddf18ff8b4224b9a2a87cbe8a34205280

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/poll-a5d86d6ee6963980150c78fa309e5d0ddf18ff8b4224b9a2a87cbe8a34205280.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xFxBlsInpzonwX2O8YhiWYdOHIsF7ltyw1gTMxEP2LtgocjWR6uYm%2BcLUAsZ%2FfnwbP65OxiYWppGvz6YQIjmJQDtPp8%2BH%2Bcw06nTsSvy%2FZGg9Ni9x7qdcP34RtMQWgTt"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 27 Dec 2024 20:10:34 GMT
vary: Accept-Encoding
expires: Sat, 27 Dec 2025 20:24:54 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 716741
content-encoding: br
cf-ray: 8fd063fcb98356c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/footnote-b30502d9bd28251a1683c8d09ed164bc6650c5c67c4375e6a42adf95b3ee8110.js

104.21.48.1

200 OK

6.0 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/footnote-b30502d9bd28251a1683c8d09ed164bc6650c5c67c4375e6a42adf95b3ee8110.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (460)
Size
6.0 kB (5999 bytes)
Hash
d7518b5dfd94ecc1ff0a470b4572554a
d63b4187efd360f61c330730ca78439f7a879eca
b30502d9bd28251a1683c8d09ed164bc6650c5c67c4375e6a42adf95b3ee8110

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/footnote-b30502d9bd28251a1683c8d09ed164bc6650c5c67c4375e6a42adf95b3ee8110.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iF0bue8yRXcubPoWz7SGICKnFOj%2FH%2FNKZDcdpEAEPqqHAYkOI9ycEq7W6SEI5Y2YcSsWxijh4ss4kAsDWPj2soQ69VqS7qxiM889EkzGjcKAfhRIb4kQDmzxoiRbP6Wz"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 25 Nov 2024 20:41:18 GMT
vary: Accept-Encoding
expires: Tue, 25 Nov 2025 21:56:08 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 3476067
content-encoding: br
cf-ray: 8fd063fcb98056c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/automation_admin-fce8c2847d735a9bb8ea4f907d496b19afc01636f27d0fee838ac6112b875d8f.js

104.21.48.1

200 OK

90 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/automation_admin-fce8c2847d735a9bb8ea4f907d496b19afc01636f27d0fee838ac6112b875d8f.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (4277)
Size
90 kB (90150 bytes)
Hash
f6f3155b1f52eefd4019317f104fdc0c
5aea77415dc6a1863d27272ccc408c7453ae00b7
fce8c2847d735a9bb8ea4f907d496b19afc01636f27d0fee838ac6112b875d8f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/automation_admin-fce8c2847d735a9bb8ea4f907d496b19afc01636f27d0fee838ac6112b875d8f.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHtJioR5QkRY0k4DcDX7NO6QjhPdv2sFDFsHSsReNGoXmdO6m3YzuDnS6qCrqWiiq%2FwuRQ1hAn3lUeAGPC4Mw%2BYcSFmlPaQlJrCzGN4CmM1Fje1oYBQ0Lxt6csIlcsvQ"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Dec 2024 21:43:22 GMT
vary: Accept-Encoding
expires: Fri, 19 Dec 2025 21:48:13 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 1402942
content-encoding: br
cf-ray: 8fd063fca97856c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/theme-javascripts/bbd8ced11c530be8cb037cc8ecd216417c69d0c8.js?__ws=dankleaks.top

104.21.48.1

200 OK

1.0 kB

URL GET HTTP/3
dankleaks.top/theme-javascripts/bbd8ced11c530be8cb037cc8ecd216417c69d0c8.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (1045), with no line terminators
Size
1.0 kB (1005 bytes)
Hash
269e68b7fc724605d68a3d0744b5b78a
44f48851f1d96f663b2b5d4632b875244c0078ed
5d6adffb1ff669478a341ccb12e8011344e524dcf892c4512a34fc15b9a10b6f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/bbd8ced11c530be8cb037cc8ecd216417c69d0c8.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fjyk%2Fw41oavFGmrq%2BjF98TG%2FqSe1RIJ6NC%2Br1M7riBYPNNTr8bTtYoL6ROjBzwwrI5B6sxZDiGeRJ%2FKvF5X7BCvV1wysqoSIW4T7URDTtY7n%2BWxxUZe5xOI9lz%2F6jOrH"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Sun, 07 Apr 2024 18:59:55 GMT
content-disposition: inline; filename="bbd8ced11c530be8cb037cc8ecd216417c69d0c8.js"; filename*=UTF-8''bbd8ced11c530be8cb037cc8ecd216417c69d0c8.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: c24a1823-8fe8-4ff5-ba49-7f1197ad6cf7
content-encoding: gzip
cf-cache-status: HIT
age: 3448456
cf-ray: 8fd063fcc98756c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/discourse-details_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

3.2 kB

URL GET HTTP/3
dankleaks.top/stylesheets/discourse-details_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (3171), with no line terminators
Size
3.2 kB (3169 bytes)
Hash
06d1fb7378897a73d773c0e5647164cb
3fc0a2eddf4282ddb927a6f2eb8a624333641aa8
7abb942c2454bf969c933e401099987f7434840ad41bfd821c7bf95c29ba04e1

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/discourse-details_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vNbKJERehWJGMU0Mf7xSBWfGK5XoIFg%2F50%2FD4SlSGTnbiVv3GoA%2B%2BY%2BPuDRMcQ%2FEP0kRODiJs67wjk5V%2B4niDxeQixHshmXTdPR2rrLlBXpOZkAEjRtmBSR%2FRaAVfwhi"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="discourse-details_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''discourse-details_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: b63c901a-e58c-4743-93e8-576ab5ca2596
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099456c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/fonts/Montserrat-Bold.ttf?v=0.0.12

104.21.48.1

200 OK

244 kB

URL GET HTTP/3
dankleaks.top/fonts/Montserrat-Bold.ttf?v=0.0.12
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 The Montserrat Project Authors (https://github.com/JulietaUla/Montserrat)Montserr
Size
244 kB (244468 bytes)
Hash
ade91f473255991f410f61857696434b
3a54407a2b26ff4718708a4726b10cb070d16534
c8289a870d238aa042bdfd09364fe6dea524bcd1ea485341878d8c75a32ab444

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/Montserrat-Bold.ttf?v=0.0.12 HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/stylesheets/color_definitions_dark_1_1_f37e69cf85fe15be21d8c37925a1b4af381fe224.css?__ws=dankleaks.top
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F; cf_clearance=Mp2fm4hqgd2gfMPz_TXvShJ1_NwN8XXa1E2hFrIatcU-1736047837-1.2.1.1-0Z.jM6c5.eWtWXhYMHB1EtsOCyToSmiTnqO8NvijGx2wYIJkxl83KArANrjqh7qZIfkqRBROg7iUVB3qkINjeJcwznsnIlYY6huEPCuchT1ejdSHj6Y3sZZb_lhejJmdPvg7PgJTV1gfjtqsSTbhs8_j0jf6z77hSno8.SuiRq6mOXC8U78hQG7upvIBfZOxQSevHyE3xURGJAASXsj6rbVJFI2Fq4uiz4rOSmbeumzE5_9ln5iI17kNQ_dRMKQl72IzHB6BETFbuWfZWjsesE75s1touMnzjrb.oxr_Bodg41w9RFSmWFLYRGkrPDlH9c_rmBIYQAjJdxJEjjg2yw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:37 GMT
content-type: application/octet-stream
content-length: 244468
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HUKT0yyN8iuOK8nRROGNQWNIoZdojXJEM5VN1VTx1MH6twGnd6CjNVnyd0YqDCCxMO22B5vUT7ViObtTABTIM8LAr3W78YDx%2BfzblKXNzuisak1Q0XXNN3yPG6H1tqPi"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Dec 2024 21:36:35 GMT
expires: Mon, 22 Dec 2025 08:48:48 GMT
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
cf-cache-status: HIT
age: 1190509
accept-ranges: bytes
cf-ray: 8fd0640ad9b056c7-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/vendor.6f1929e16c84d825f1e134b0a5a6bf6d-ed21b08557694a2386531fb8b5bd479da7fe4ec9cffd9278c49f382c5e7bc3a4.js

104.21.48.1

200 OK

18 kB

URL GET HTTP/3
dankleaks.top/assets/vendor.6f1929e16c84d825f1e134b0a5a6bf6d-ed21b08557694a2386531fb8b5bd479da7fe4ec9cffd9278c49f382c5e7bc3a4.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (18419)
Size
18 kB (18523 bytes)
Hash
5f9d1aa2870881a4a8306735e6269299
bb530d8c8b7412c03278d9675158cd82190843c0
ed21b08557694a2386531fb8b5bd479da7fe4ec9cffd9278c49f382c5e7bc3a4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/vendor.6f1929e16c84d825f1e134b0a5a6bf6d-ed21b08557694a2386531fb8b5bd479da7fe4ec9cffd9278c49f382c5e7bc3a4.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GV%2Bb39agTRiWi7lrtYVkCva3S6rD%2FjzULTCwQi9xDJmMVuxunWvgzNv2AyNyfiawDJqYPneSgNFeA4A0nRZlg7svcELQiYQ59vBkzzELH5ylu19bHwWMvGW%2FNoO3GyXI"}],"group":"cf-nel","max_age":604800}
last-modified: Tue, 17 Dec 2024 17:53:42 GMT
vary: Accept-Encoding
expires: Wed, 17 Dec 2025 18:01:38 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 1589336
content-encoding: br
cf-ray: 8fd063fca97556c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/theme-javascripts/18f09c6fdbaed6c53d1071a320a68ded0652fe4d.js?__ws=dankleaks.top

104.21.48.1

200 OK

1.4 kB

URL GET HTTP/3
dankleaks.top/theme-javascripts/18f09c6fdbaed6c53d1071a320a68ded0652fe4d.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (1435), with no line terminators
Size
1.4 kB (1402 bytes)
Hash
71f37a50f2f691c203abcb967b55a59e
1b17d3544698088741194ab1f6b3ab980746728c
b70d0c7d070b628485c3daba6eb0983c60c883c78aaf2cf3a10e8515f65cda3b

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/18f09c6fdbaed6c53d1071a320a68ded0652fe4d.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L7SEIDIHfUVkCEKXb2DASvsItvA8WccavgO0o2c%2BXTsYZ3poTR5H0OUPlJczC3QwuEdGs5urBdIhG%2B6fbb%2FxPYuYiJL0cFaQgYjRsKR4ewD27p6RT3sVZZBAMSmHGIa3"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Fri, 17 May 2024 11:28:33 GMT
content-disposition: inline; filename="18f09c6fdbaed6c53d1071a320a68ded0652fe4d.js"; filename*=UTF-8''18f09c6fdbaed6c53d1071a320a68ded0652fe4d.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 0f85c30a-856f-40b8-bc4a-d67c17fff272
content-encoding: gzip
cf-cache-status: HIT
age: 3448342
cf-ray: 8fd063fcd98956c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/automation_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

7.5 kB

URL GET HTTP/3
dankleaks.top/stylesheets/automation_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (7461), with no line terminators
Size
7.5 kB (7458 bytes)
Hash
792fe22ee8fbb89550c80a458351bdce
5a9c6c9f65fbe81e6c6830619c941aba9d4b1fc3
51f3935ab9641506e59fb0fae1543d1f5c16f26a6357ccb66f4c68450137bae5

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/automation_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6TY2r%2BadcTY2PrylgoD8feM3ndXzv3BvNVkNvk7dDSQMcNXa3nGSj82p1%2BjZEa65HBkhVaz%2BbpjT9zZ4Yb8N00LvAlWBLIawE3z1gk78lLEQRgrUXQ5j03lTj89TXOFH"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:15 GMT
content-disposition: inline; filename="automation_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''automation_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 2c2cfec9-1d27-4b5c-b92a-d2a51efd0d2e
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099256c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/chat_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

108 kB

URL GET HTTP/3
dankleaks.top/stylesheets/chat_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
108 kB (107784 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/chat_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AJEECsJ8k1apItbiyPhmbEZqK8KadbTK2kjSji4HTqD%2BLc%2BSiinRCv10GMoDirksJysRQdNWF6Qoc70jpiBhQFuLJGc7uXNPz2NaHDRAwcNS1%2BjSyuTlWIdhfCTtTk7o"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="chat_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''chat_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 898d99d7-720f-4dfd-9c6e-df7469c1f7e9
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099156c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/poll_desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

487 B

URL GET HTTP/3
dankleaks.top/stylesheets/poll_desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (490), with no line terminators
Size
487 B (487 bytes)
Hash
06196f25921adf16ef24dc2bcd6e9737
c46b25ff1e19e67cb2740b94f365f90aaf42654e
ab37f02c45e3f2e283e8fd10a710fd4d58564514ecbf7afc60278acc46a52bc7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/poll_desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YPwp7ST40dGKFQl6VyD9zFOvdq3b6%2ByMQq85m2B88FG3NZKCC9eFe7Y49pVsw0Run62eHUlMFSHsWAxl15u%2FD7cApDKHJ0df%2F9fjeOZMl8hVeVaXau%2B8wcED1OR2iU05"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:17 GMT
content-disposition: inline; filename="poll_desktop_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''poll_desktop_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 3970ffc0-1f42-43ce-bf01-c7857095be52
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd199e56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/desktop_theme_6_b19e375d66bc6c7281efed746682c04f4fda1ac6.css?__ws=dankleaks.top

104.21.48.1

200 OK

1.1 kB

URL GET HTTP/3
dankleaks.top/stylesheets/desktop_theme_6_b19e375d66bc6c7281efed746682c04f4fda1ac6.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (1067), with no line terminators
Size
1.1 kB (1064 bytes)
Hash
b5df38faa55173d9da79a9af78bd4eb8
0c68378aeeb33152098e7493dbd23338a7a3feea
72c5052255ae916d6d4cebf10a232b10fe9b5189ab4abed3abc0555bdec153cb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/desktop_theme_6_b19e375d66bc6c7281efed746682c04f4fda1ac6.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=h571nxiioVC9dV%2BuHuCOXo9drC78N1JCM0TyYk5o%2FUJlaEyVGqVbxOMRfnb12dblN1JqJ9heR%2F1JZH7Qa7F%2BCfVgtDp0vqbSqm7k3wRabw0OrE6IsIFyT2%2B%2FRauDDwfk"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:21 GMT
content-disposition: inline; filename="desktop_theme_6_b19e375d66bc6c7281efed746682c04f4fda1ac6.css"; filename*=UTF-8''desktop_theme_6_b19e375d66bc6c7281efed746682c04f4fda1ac6.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: eec82bba-3a90-4646-ae04-99979c5456ac
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd19a556c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/login.html

104.21.48.1

200 OK

485 B

URL GET HTTP/3
dankleaks.top/login.html
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
HTML document, ASCII text, with very long lines (512), with no line terminators
Size
485 B (485 bytes)
Hash
e69d64e497c8408e34c89f1bbd05b879
bd7f23cb9a1c9854133d7846c0f7bf63337e6c07
1e4e97c0c6963e805570d14416f0730a81fdff7dd55fd3a43d24c3ce97b14d78

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login.html HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
X-CSRF-Token: undefined
Discourse-Present: true
X-Requested-With: XMLHttpRequest
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:37 GMT
content-type: text/html; charset=utf-8
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t3NIa9Dax6I19J0Akj8p0P8%2FkY15ftaUeDZkBtZggX%2FAopnx9T8MaoYBShoW9%2B5hjzcdeWFaa4%2FVgE8%2FfBVzz8tWKx8YaGscA7PKswiyJxRJ31i%2FmCCCc4dUFEj5btYw"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: static/show
discourse-no-onebox: 1
cache-control: no-cache, no-store
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'strict-dynamic'; frame-ancestors 'self'; manifest-src 'self'
x-request-id: 29e277e4-f00d-4f2e-a645-a31790b57388
x-runtime: 0.148743
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 8fd0640739aa56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/color_definitions_dark_1_1_f37e69cf85fe15be21d8c37925a1b4af381fe224.css?__ws=dankleaks.top

104.21.48.1

200 OK

4.5 kB

URL GET HTTP/3
dankleaks.top/stylesheets/color_definitions_dark_1_1_f37e69cf85fe15be21d8c37925a1b4af381fe224.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (4497), with no line terminators
Size
4.5 kB (4478 bytes)
Hash
0371569426849646d50f09044fd3c5fe
08a5a07717e5339d51f757c78c6c9794b773d92f
887d6adf661032b20819c18bcf941fe44c035d35179a99fdb892d93305c19129

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/color_definitions_dark_1_1_f37e69cf85fe15be21d8c37925a1b4af381fe224.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ix813dRjBY5jy8o96IMCyM1z8OrSSydET0isnQxatuBjBpF2bSTV5ZAWoAiijO008isTq4XTOyk%2FDx%2B6%2BMtbj3UN5X1IQD%2BrPs%2FzarXqlhmQYjiA1D76Ziyt138Tw91Z"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:22 GMT
content-disposition: inline; filename="color_definitions_dark_1_1_f37e69cf85fe15be21d8c37925a1b4af381fe224.css"; filename*=UTF-8''color_definitions_dark_1_1_f37e69cf85fe15be21d8c37925a1b4af381fe224.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: ddcedcff-5433-49ae-a7fd-6133d8bd0e59
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd098f56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/poll_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

14 kB

URL GET HTTP/3
dankleaks.top/stylesheets/poll_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (13494)
Size
14 kB (13593 bytes)
Hash
9b4c42d2ed6d73af4949a3d1288be254
25e459dfeaa3457ff883982d4b3abca82a3622b1
342c3596bd5a501e8a2f82a303bb4e8145060efb7d48d717d9bf153b6d38069f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/poll_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9FArRdytRltoZ3QKQzG%2Fam0LOlMZ7AX6Mkg7vBTPY9HM70TnarrGEqYsqTaQwzgoi6kWibr2s73d5I9%2FqfT%2FtWR%2Bvr3G9Kzs%2B8YjoRNIKc2t8qZ3VVTzSAX3DOCa%2FnDB"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="poll_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''poll_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: e90b8403-0fb4-4120-8fe8-e63eccec5642
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd199b56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/chat-fb2901c15a318c458ab12dc4417cb02df0ffd4690f7fc09dcabb167836251437.js

104.21.48.1

200 OK

784 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/chat-fb2901c15a318c458ab12dc4417cb02df0ffd4690f7fc09dcabb167836251437.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
784 kB (784232 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/chat-fb2901c15a318c458ab12dc4417cb02df0ffd4690f7fc09dcabb167836251437.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=To0h8E9HovyaBmahsnKbZKDn6npOfpHvynRvuVB%2BrPZP0Dt49xj12s1o1iJdMcchmEzGHtUlPIFAql0Askjmv%2Fv%2F5RSzzh%2FtuaVvrRnkNJA0XxXnDIpSxossvDuwgdiW"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 27 Dec 2024 20:10:39 GMT
vary: Accept-Encoding
expires: Sat, 27 Dec 2025 20:24:54 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 716741
content-encoding: br
cf-ray: 8fd063fca97956c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/footnote_extra-295b457b90cb18fedfdb544868c494c71842a27c0781d3042fa4fd26589204fa.js

104.21.48.1

200 OK

6.2 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/footnote_extra-295b457b90cb18fedfdb544868c494c71842a27c0781d3042fa4fd26589204fa.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (6416), with no line terminators
Size
6.2 kB (6241 bytes)
Hash
322337784b56ebb07bab9f50a43d872c
1124c0465a1921ffeff8bc38b529861df13d05f0
ded3b3aefd0ea1b9803b0b2795ee8ffb54df8c7aa6692d85f89f410566cac05a

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/footnote_extra-295b457b90cb18fedfdb544868c494c71842a27c0781d3042fa4fd26589204fa.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mWVqPc1f50nc0ReJj5OYAn0kiUtIYlZ875370Jy%2FNjBlDQLcKmsg8tuL9o3Xd%2FC7AO2b%2FMwrgfvCA4mQ0zDT3KTXyNh4fvp9bb3UQL%2B5hvvZ5P2dqgIaCLe8rrEJgPXN"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 25 Nov 2024 20:42:30 GMT
vary: Accept-Encoding
expires: Tue, 25 Nov 2025 21:56:08 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 3476067
content-encoding: br
cf-ray: 8fd063fcb98256c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/theme-javascripts/7f3143e250ce0c3e24cfd1715cc17d6c3daaf865.js?__ws=dankleaks.top

104.21.48.1

200 OK

2.3 kB

URL GET HTTP/3
dankleaks.top/theme-javascripts/7f3143e250ce0c3e24cfd1715cc17d6c3daaf865.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (2394), with no line terminators
Size
2.3 kB (2291 bytes)
Hash
268a840a22c46f7ebc1e552ca65a93bf
32ea026ac2997aa730817f24eb10ec8f3f1b5f6e
c869db25bd94a132cec360faa6cb33672af8b95b81a541487af498c87533d3ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/7f3143e250ce0c3e24cfd1715cc17d6c3daaf865.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KfiqENsz6iBpKew6VyAbXgvx1ngOxHpj3EpXOXFUT7WjzBXkOYL3TBFFdOQs66LOGzrIS20D4cwcyrvyfHsggG%2B5u32%2BEtO1WIegb4%2F3Tz%2BGNEodyNF7PJdXkxK86hiR"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Wed, 27 Nov 2024 11:08:58 GMT
content-disposition: inline; filename="7f3143e250ce0c3e24cfd1715cc17d6c3daaf865.js"; filename*=UTF-8''7f3143e250ce0c3e24cfd1715cc17d6c3daaf865.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 6198766c-e0e6-4245-a381-1a8180ca1ee1
content-encoding: gzip
cf-cache-status: HIT
age: 3341079
cf-ray: 8fd063fcd98a56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/spoiler-alert_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

1.0 kB

URL GET HTTP/3
dankleaks.top/stylesheets/spoiler-alert_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (1051), with no line terminators
Size
1.0 kB (1048 bytes)
Hash
18fb1243d173a85b1262028cd7b157fe
8fb43c99f83cdf72080be21954643e1a0e523e12
9fddcba05fbd8389b72d31f29fe44d012bcfa808bc32ef41cca26272113a3f7f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/spoiler-alert_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WuSZzOZL%2BapabnhqBbgNNg4jHxV3dDGcVKPW7WRhrw1bLTSyMkLWnCp5Dby5qBQCsSm4njFmO%2BJh6O4uk8hbhdqUX%2BkE2EW9lqMaqtSwiKr2iXO2zdBsUPipcE7h8tAF"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="spoiler-alert_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''spoiler-alert_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: b3426d9f-0230-409b-be71-afda4e578eb5
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd199c56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/desktop_theme_5_409e4f549ac9870d33bb43287e9d601738ed51d9.css?__ws=dankleaks.top

104.21.48.1

200 OK

1.5 kB

URL GET HTTP/3
dankleaks.top/stylesheets/desktop_theme_5_409e4f549ac9870d33bb43287e9d601738ed51d9.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (1543), with no line terminators
Size
1.5 kB (1540 bytes)
Hash
24f9c7cf532d4a6f218cadd0935309bb
5fa968d99bf97cfb75b155f6e8844368137539ea
5a66aa63e2979988b30fecd8dd65fa3f4b5fb1a317a065d97d9ad894a84c0433

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/desktop_theme_5_409e4f549ac9870d33bb43287e9d601738ed51d9.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W7%2FWrYrxUCKkk2g5fdfJFZqajWAGKOkaUGM4DUhEwXM199W6aaoGpLt8VXYWcYVL6fw9jNfOfcyBwMNmwIOkxJVNHvdJYkaQ3%2F9OxlR6veznJHvMJDvCXe9PKZDoAt5d"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:21 GMT
content-disposition: inline; filename="desktop_theme_5_409e4f549ac9870d33bb43287e9d601738ed51d9.css"; filename*=UTF-8''desktop_theme_5_409e4f549ac9870d33bb43287e9d601738ed51d9.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: df2fa4bd-8f88-4842-b83d-8c2ffa0a4596
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd199f56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/

104.21.48.1

302 Found

50 kB

URL User Request GET HTTP/2
dankleaks.top/
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
50 kB (49708 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/html; charset=utf-8
location: https://dankleaks.top/login
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: list/latest
discourse-no-onebox: 1
cache-control: no-cache, no-store
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'strict-dynamic'; frame-ancestors 'self'; manifest-src 'self'
set-cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F; path=/; SameSite=Lax
x-request-id: c64834a5-fa56-4670-8953-a67ad51ac58f
x-runtime: 0.009704
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0xYqG6Tw5VrCQ2GG2MVszG5UeY3DMsIG0Ozp9YT3UwWmvhX%2FLLuJvA%2BvZGSqH8K0LuDbe2Rm9x289fJTAphl3Ag2EzZdkRs2KdPJ%2BmpJk1R4XjUTiHlMpiDL67G61uar"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd063f87ae856a2-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1297&min_rtt=543&rtt_var=1534&sent=8&recv=11&lost=0&retrans=1&sent_bytes=3307&recv_bytes=1242&delivery_rate=4606574&cwnd=255&unsent_bytes=0&cid=670fef473e3e7002&ts=153&x=0"
X-Firefox-Spdy: h2

dankleaks.top/stylesheets/desktop_theme_3_0ae1055fa10b02c180086ca8f1f6ce2683e7a15e.css?__ws=dankleaks.top

104.21.48.1

200 OK

813 B

URL GET HTTP/3
dankleaks.top/stylesheets/desktop_theme_3_0ae1055fa10b02c180086ca8f1f6ce2683e7a15e.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (816), with no line terminators
Size
813 B (813 bytes)
Hash
f0748f99a4cbea66ed6f831ee1592919
bbbf2bdee7efa4589ba72152001714403424e078
ab47975a4ca3724fb4096f6071fd0da0a8a664293f830151437e1d914489157d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/desktop_theme_3_0ae1055fa10b02c180086ca8f1f6ce2683e7a15e.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EscpEfcsSn%2FAiKYAXBQ2GAhe1LlX07fme4%2Bq6oKzesbDI2%2BhXJkpjJTsfXj79n1mfeASQOrauKyw62s3gWYCOyAoPk1pIm9Xx5qsPHJnxaeIqTXlME%2FTYyr7XAacecWQ"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:20 GMT
content-disposition: inline; filename="desktop_theme_3_0ae1055fa10b02c180086ca8f1f6ce2683e7a15e.css"; filename*=UTF-8''desktop_theme_3_0ae1055fa10b02c180086ca8f1f6ce2683e7a15e.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 7ad5187f-ef20-46db-92af-be6d7702a15e
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd19a256c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/desktop_theme_1_b2cff937ade03a68d09e65ec387571eaeb835159.css?__ws=dankleaks.top

104.21.48.1

200 OK

644 B

URL GET HTTP/3
dankleaks.top/stylesheets/desktop_theme_1_b2cff937ade03a68d09e65ec387571eaeb835159.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (647), with no line terminators
Size
644 B (644 bytes)
Hash
1efe2c0859e9f9d96cd29d67df5a1d4a
09a831f201771726abfe6b5b3cbbf72e2369a540
5516783d667e9b0926c5838e8a2628a4065291cacf73108a21514db554eac9ff

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/desktop_theme_1_b2cff937ade03a68d09e65ec387571eaeb835159.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f4YyMdinOZVp27cCxRzJLagf8SrYEPWWqj2QHe47VEXZJ4QovqM%2BB8%2Br%2FcJp294ZwtqK7j73gDafu72HTKJitozNmF%2BcCjYRV5I1gJOSyeYs34LmwLSi5vYCuYTWbfWL"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:21 GMT
content-disposition: inline; filename="desktop_theme_1_b2cff937ade03a68d09e65ec387571eaeb835159.css"; filename*=UTF-8''desktop_theme_1_b2cff937ade03a68d09e65ec387571eaeb835159.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 857b8034-bdc5-4ec9-b26f-0cc16f75eac5
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd19a456c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/fonts/Roboto-Regular.ttf?v=0.0.12

104.21.48.1

200 OK

171 kB

URL GET HTTP/3
dankleaks.top/fonts/Roboto-Regular.ttf?v=0.0.12
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
TrueType Font data, 18 tables, 1st "GDEF", 13 names, Microsoft, language 0x409, Copyright 2011 Google Inc. All Rights Reserved.RobotoRegularVersion 2.137; 2017Roboto-RegularRob
Size
171 kB (171272 bytes)
Hash
11eabca2251325cfc5589c9c6fb57b46
096c9245b6a192d1403a82848e104a65f578a8ec
017c0be9aaa6d0359737e1fa762ad304c0e0107927faff5a6c1f415c7f5244ed

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /fonts/Roboto-Regular.ttf?v=0.0.12 HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/stylesheets/color_definitions_dark_1_1_f37e69cf85fe15be21d8c37925a1b4af381fe224.css?__ws=dankleaks.top
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:36 GMT
content-type: application/octet-stream
content-length: 171272
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=L%2Ff9JA%2B0VXt0j7HbJXXzuhI1lSe5AL%2FUJDsGk2zRMUeZy3yhiuPgBuxPIAcitl3cEbflGfI2%2Fo3OLjYJFcGyyxecRxVTBPhZzaXqny02MA%2B8B3a9uKqc6HbASl4jBF60"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Dec 2024 21:36:35 GMT
expires: Mon, 22 Dec 2025 08:48:47 GMT
cache-control: public, max-age=31536000, immutable
access-control-allow-origin: *
cf-cache-status: HIT
age: 1190509
accept-ranges: bytes
cf-ray: 8fd063ff99a656c7-OSL
server: cloudflare
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

dankleaks.top/theme-javascripts/6c1af58d911c45faf11da37e083fcfdbaaf39381.js?__ws=dankleaks.top

104.21.48.1

200 OK

3.0 kB

URL GET HTTP/3
dankleaks.top/theme-javascripts/6c1af58d911c45faf11da37e083fcfdbaaf39381.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (3140), with no line terminators
Size
3.0 kB (2982 bytes)
Hash
781380248e6a4239b6e40cac1e7a1368
16015879ce06de4ab06d2b7a1178710f47830f9d
3557e773a990c7c2cc4659a41d2b950f818d500ececc7b7d7de912ae82291630

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/6c1af58d911c45faf11da37e083fcfdbaaf39381.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jB%2BTtmAYxKQG8QF7kU4H6ysUuHDaiMitVm6iyqRJ0tZF%2BaR3hoCHcynkchKC1qRdXDtSzPFNIdDTV57saag9gamSP6q0J4DUHgEkNC%2BSLiYv%2BFDpIEdjL3I2yVJUA2Gn"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Tue, 17 Dec 2024 17:49:34 GMT
content-disposition: inline; filename="6c1af58d911c45faf11da37e083fcfdbaaf39381.js"; filename*=UTF-8''6c1af58d911c45faf11da37e083fcfdbaaf39381.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 9485ed94-49e0-45cd-9f53-316ebec3c5e0
content-encoding: gzip
cf-cache-status: HIT
age: 1589336
cf-ray: 8fd063fce98c56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

746 kB

URL GET HTTP/3
dankleaks.top/stylesheets/desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
746 kB (745872 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=t4q3lNIzPwJ7kw9HfiEKBI%2Fdpqc9yOEEMJA7wVCNX%2FjIP%2FDfRDUPDxLbaaMss1Z8YY3B4d1lg9j0PS1vkNesRZlmfy8uMJUMWOZnqN9vO7Gb0z7B8clXMeeAHXhjBa5R"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:06 GMT
content-disposition: inline; filename="desktop_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''desktop_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 1e02ec67-fe1d-4a20-ac91-594aba78cf9c
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099056c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/chunk.4c5fe19cfb15e7f301c5.d41d8cd9.js

104.21.48.1

200 OK

75 kB

URL GET HTTP/3
dankleaks.top/assets/chunk.4c5fe19cfb15e7f301c5.d41d8cd9.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (61499)
Size
75 kB (75276 bytes)
Hash
7c406b6d097e045549e6b594f3125db6
85df950808011032152aab6c6f92969a7b6ee064
200d8bf69be7f90fcb4c3a99a1de16e8d69566c39a11d1fca33898bb763e9385

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/chunk.4c5fe19cfb15e7f301c5.d41d8cd9.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OIj87mEIpcoAZq41559Dz22jnDTPgvZ26jy4WXtGIMqcUHpQcB%2Fx3QfYNy1B5DHdgyWQecXahqvqT%2FH8Oi5DaqKM6BPCuCb9QJZCPMaguqyafQrPO0KXMOcKBJHHlCpH"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 27 Dec 2024 20:09:24 GMT
vary: Accept-Encoding
expires: Sat, 27 Dec 2025 20:24:54 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 716741
content-encoding: br
cf-ray: 8fd063fca97756c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/theme-javascripts/8b940f1c1f87650666c18108a0d2484a5c084970.js?__ws=dankleaks.top

104.21.48.1

200 OK

11 kB

URL GET HTTP/3
dankleaks.top/theme-javascripts/8b940f1c1f87650666c18108a0d2484a5c084970.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (4716)
Size
11 kB (10934 bytes)
Hash
4719bfc3ac402e3ec9cb6b3aa1c54a51
b6499ceb374439395ff459a8ab1d4b289d286736
cc020e279acba07ff120180dae8a734755323dc816894fb106512d64f7b2f056

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/8b940f1c1f87650666c18108a0d2484a5c084970.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4AaIPOhY1j5QBjiHhODh%2BNgvZnmmW1vaKoiUECSSw%2FAkGt1Sv2jEDwoDgLvnabZcoyIU37131C9nIpJ8Drz6hUIPyLWrKx%2FLW2Va2Gze4uRWiZkjRnfAaIbxqqTav9Op"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Tue, 26 Nov 2024 04:17:57 GMT
content-disposition: inline; filename="8b940f1c1f87650666c18108a0d2484a5c084970.js"; filename*=UTF-8''8b940f1c1f87650666c18108a0d2484a5c084970.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: d83474ee-ad86-4579-b263-7e384506a369
content-encoding: gzip
cf-cache-status: HIT
age: 1505573
cf-ray: 8fd063fce98d56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/discourse-lazy-videos_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

7.7 kB

URL GET HTTP/3
dankleaks.top/stylesheets/discourse-lazy-videos_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
Unicode text, UTF-8 text, with very long lines (7644), with no line terminators
Size
7.7 kB (7668 bytes)
Hash
ddaf6369646ae9ff5cdebcf3935a9c88
2fa3907dc4c0d22e096ff0a734138c156653972c
eb5c969603fe272e19a0eef325305e131f042e95997570a29d83f4a5e1cc51a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/discourse-lazy-videos_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4RV1NWVfgB5jk7761dkyXN51Q67%2BeviAnBxuVZit8j5yqK5UOHVjPrmSKyj2ec%2FeBKcsdZPfzscHo6ujV4Ag%2BI6w0%2Fgbzn56C456WrvKhYFtuCiJ22hDhWUd%2FX2zMmFl"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="discourse-lazy-videos_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''discourse-lazy-videos_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: f1a9f3c9-4832-42e2-bffb-a1cbc170faae
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099556c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/chat_desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

8.3 kB

URL GET HTTP/3
dankleaks.top/stylesheets/chat_desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (8287), with no line terminators
Size
8.3 kB (8274 bytes)
Hash
bc49194ea7c7d1daa6d91229a36fc655
8b8eb2d1a05d738a076151711c8fdfb7b0d9c9cf
7ef4d4d628bd16702f0cae958e81d5ceec9d2f8a0b2702c68db01ec8b0e443e7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/chat_desktop_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KSBnRCt%2BeF%2FFewEwiXyCz6uAoXZCYNOGXkppz3accLi8sBAB%2B95M3qtY38HLcHxTqBHEbP0I6CtFrgqQJZfjxeEJTOmYd4w9OK3XG3nCg01Y%2BwlHuPd0OvFyo9nXRTAn"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:17 GMT
content-disposition: inline; filename="chat_desktop_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''chat_desktop_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: d4f11fb6-cd2e-45cc-b92b-f1fb936b5860
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd199d56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/login

104.21.48.1

200 OK

50 kB

URL User Request GET HTTP/2
dankleaks.top/login
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
50 kB (49708 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/html; charset=utf-8
vary: Accept-Encoding, Accept
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: static/show
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
cache-control: no-cache, no-store
content-security-policy: upgrade-insecure-requests; base-uri 'self'; object-src 'none'; script-src 'nonce-7BIWjIyIcIbfgFFitzEv0vKEx' 'strict-dynamic'; frame-ancestors 'self'; manifest-src 'self'
x-request-id: 6ec57bd5-5511-4c2e-9ea8-370e05f87c7d
x-runtime: 0.093871
x-discourse-trackview: 1
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Jbw1vkKOcN4YrdFDi3vMxYRVv11F6iJ7j%2FasNP6cGAejmlRueDe3lGAqwz%2Bm4ahxsJrsw43r%2FxhC2Bnk8Y%2FkTHMbzNczScAQQQV8EMT3RmHGSsTnxkbEkPra8pueZzko"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8fd063f98bb456a2-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1299&min_rtt=543&rtt_var=1155&sent=11&recv=13&lost=0&retrans=1&sent_bytes=4357&recv_bytes=1348&delivery_rate=4606574&cwnd=257&unsent_bytes=0&cid=670fef473e3e7002&ts=431&x=0"
X-Firefox-Spdy: h2

dankleaks.top/assets/plugins/discourse-presence-4936ee7cf92a3f490144a4c6818f17eb70f147b34a3cb5043c3427652d4575de.js

104.21.48.1

200 OK

11 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/discourse-presence-4936ee7cf92a3f490144a4c6818f17eb70f147b34a3cb5043c3427652d4575de.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (2116)
Size
11 kB (10872 bytes)
Hash
8a7b60e21f2753ac6010f81eac58cecf
3cec843474ffe12ede8cf27ba738fa29e4deee01
4936ee7cf92a3f490144a4c6818f17eb70f147b34a3cb5043c3427652d4575de

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/discourse-presence-4936ee7cf92a3f490144a4c6818f17eb70f147b34a3cb5043c3427652d4575de.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=467asXXoXlQJoS%2Bme67qhLNxnnBAHishvmF26bD%2F8mK4ls7ez5YoVLiLA%2BjQAOlr2YPRAO4149cYdvxVJq6p2BWJXfm9T1Yq0bl%2FXnKqR0zaiKIaR7gOBvzmM2pxU2Vn"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 12 Dec 2024 18:40:03 GMT
vary: Accept-Encoding
expires: Fri, 12 Dec 2025 18:51:00 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 2018375
content-encoding: br
cf-ray: 8fd063fcb97f56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/discourse-details-a19980264e3a6feb20b7e320b03ab0e7a3457105d99b863cd2f62eda09f15507.js

104.21.48.1

200 OK

1.4 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/discourse-details-a19980264e3a6feb20b7e320b03ab0e7a3457105d99b863cd2f62eda09f15507.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (1464), with no line terminators
Size
1.4 kB (1365 bytes)
Hash
b2e0fd25cf405732cc157a3b1ebb46dc
5b52bfc919ef0a9add02c4e4e519c98565f674ee
27773de498d14ed8f6968eaa0c975fe43d7468050264e9e1e5426149bca905f3

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/discourse-details-a19980264e3a6feb20b7e320b03ab0e7a3457105d99b863cd2f62eda09f15507.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JTlU9LhHDrJi6zESU8Xt4m6FtUAhd0yEKJO5eJpxMU2bTElanhPJHLSHQQZjjOmSloGBswHSw83TlHkhBYNKC38WgHBwnFDVVpgVyAIvxxfgKHheKvNB3kO0%2F0E2EXpI"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 25 Nov 2024 20:41:17 GMT
vary: Accept-Encoding
expires: Tue, 25 Nov 2025 21:56:08 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 3476067
content-encoding: br
cf-ray: 8fd063fcb97c56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/discourse-local-dates_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

857 B

URL GET HTTP/3
dankleaks.top/stylesheets/discourse-local-dates_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (860), with no line terminators
Size
857 B (857 bytes)
Hash
8bb7c03d629e7d81dce165b2ed22b1d2
a00eb6dc3be9d5f984cdbd498ae3a23ecafbe48c
7443e01d18a2c32eed04439a0309fea40d1477789371ba1eb2f22c025fd7d8be

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/discourse-local-dates_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dFPSIimqhJVvC3QEmCwD60U5dx3XGht1jGnGwMFhgEh1pBtVdlE8R7UlTroIiFTFkc0lpBj5ajx%2B1Y81WfmxjdsKI3hqcxBdeDjKE9JSUdQulFnw8hlFtlTUa6eNOhi2"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="discourse-local-dates_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''discourse-local-dates_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 03d5a4ec-a0c0-4fb1-a397-97a3406b7786
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099656c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/chunk.c6a0d7f79844e46a5bed.d41d8cd9.js

104.21.48.1

200 OK

5.3 MB

URL GET HTTP/3
dankleaks.top/assets/chunk.c6a0d7f79844e46a5bed.d41d8cd9.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
5.3 MB (5256121 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/chunk.c6a0d7f79844e46a5bed.d41d8cd9.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Xm0UacVYfp2lu6T%2BtROFXzBg5sy8OWqgjsdjrk4WOo34C9RnFOOInEqyXX5lz09uTmkBhGtPM8%2FCWeXlhd0zSRDarPLZSbWC1qZUOSNVUZrGTWPq1eorezDxwr38jmy5"}],"group":"cf-nel","max_age":604800}
last-modified: Fri, 27 Dec 2024 20:09:24 GMT
vary: Accept-Encoding
expires: Sat, 27 Dec 2025 20:24:54 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 716741
content-encoding: br
cf-ray: 8fd063fca97656c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/checklist-f56c22844d8be39217397d68624ee48a0261664604905e36d0b7c8517e35dca6.js

104.21.48.1

200 OK

3.9 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/checklist-f56c22844d8be39217397d68624ee48a0261664604905e36d0b7c8517e35dca6.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (4062), with no line terminators
Size
3.9 kB (3878 bytes)
Hash
aff6cbaf41b265b16c790f6a8c281df4
2772a3f00d437c8e2fad50715644323c680e88fc
12687b4fcf56becbe7eb9b2bc67bdec81b8e5968468ad7b8cd5daaf6942a1c81

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/checklist-f56c22844d8be39217397d68624ee48a0261664604905e36d0b7c8517e35dca6.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yEyjur%2BBQs9Zq0w4VxVFkmfCPbrmjZ0BPO3ElbdQT9u%2BSkHxStndxQH7j3F1TH6tHoa3Dm%2F2vKp3kSWqWbEgrM0ejQZCJkQ5ByhjDBWfLLaRrYgjtpF0mg%2BiP9Abqzdq"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 12 Dec 2024 18:40:02 GMT
vary: Accept-Encoding
expires: Mon, 22 Dec 2025 01:38:46 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 1216309
content-encoding: br
cf-ray: 8fd063fcb97b56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/docker_manager_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

3.3 kB

URL GET HTTP/3
dankleaks.top/stylesheets/docker_manager_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (3284), with no line terminators
Size
3.3 kB (3281 bytes)
Hash
3402f3e779dbc1167019f9a8a083d172
bd52e31e3e6843084ceab0307cf06a917517c474
9689b81db158307f1ecd064f3b34f0abecd5f5325a653f8855d2ee66606e6c56

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/docker_manager_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1cnppzIBGDViVgncsJ4jFdI0hOgQxsH3AhHcZxk3QAhs%2BgSPfYBNetgNFiWjm56bh8UhBRaRvqS90ZUef7nscqpQ6DHEo3pbQJQuMGLubL2EBQXNx4UFBSTYurpl9GWt"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="docker_manager_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''docker_manager_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 4fa0b055-54ea-4a09-aaa4-f15317037a4a
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099956c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/desktop_theme_27_97810173aa568e2ff28a1148de93b676d16851a7.css?__ws=dankleaks.top

104.21.48.1

200 OK

1.6 kB

URL GET HTTP/3
dankleaks.top/stylesheets/desktop_theme_27_97810173aa568e2ff28a1148de93b676d16851a7.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (1560), with no line terminators
Size
1.6 kB (1557 bytes)
Hash
46b2d73ebf04cafe5df0e2bfd4077744
61a6e6f9b2e9ad1bf090bf6e824f241c2320f0b2
c772dbd4311fd03d7eab80619fec96f46e5488349c0c29c6b5bce56bb8458d9f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/desktop_theme_27_97810173aa568e2ff28a1148de93b676d16851a7.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D27SLJ8SA4fFebi97skgRvYgJAqfY%2F8ET%2BtS%2BDWynUlYx2i6e1sVaHmqKdhNLMDfdKErZ0BE4Xw5Z6VGiEMrVuyCSt38lp%2BGRID3SW4PJBWhUnVG4oXNY8Ym3XeDhLLK"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:21 GMT
content-disposition: inline; filename="desktop_theme_27_97810173aa568e2ff28a1148de93b676d16851a7.css"; filename*=UTF-8''desktop_theme_27_97810173aa568e2ff28a1148de93b676d16851a7.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 505f5c77-1c1a-40e9-a679-4bc0e12fa18b
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd19a056c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/spoiler-alert-f248215b3244c267d8dff2d32901afb6d1dd07988eff90c2b4fc794234956de7.js

104.21.48.1

200 OK

3.3 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/spoiler-alert-f248215b3244c267d8dff2d32901afb6d1dd07988eff90c2b4fc794234956de7.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (3562), with no line terminators
Size
3.3 kB (3343 bytes)
Hash
001cd9ff63781265d92b38fc032c22ef
f777ac23d646c508b0b42325a967efcdc5122947
6ae33ffa4f8e22dcff1d7533194baf2a25112908a9882fddf8a8d5c5e4597fb8

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/spoiler-alert-f248215b3244c267d8dff2d32901afb6d1dd07988eff90c2b4fc794234956de7.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=huEvQxFKkIQdZlh6oCySXi37iejAkhkAHc2hVRwKixsGKgijuKmSq2mT4Chsx7pVr8oedyXyqGvEaqIbTUDhiH6SmacHRdQ4NLaxa1Q%2BiuHR215F4ffHHiRks3dNHzQV"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 25 Nov 2024 20:41:19 GMT
vary: Accept-Encoding
expires: Tue, 25 Nov 2025 21:56:08 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 3476067
content-encoding: br
cf-ray: 8fd063fcc98456c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/discourse-presence_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

1.6 kB

URL GET HTTP/3
dankleaks.top/stylesheets/discourse-presence_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (1572), with no line terminators
Size
1.6 kB (1569 bytes)
Hash
a29faffa115bdbe37ef2c7f56d9ea735
4aaa463de6c8ef3e3f7fe891d346ddc9933b8281
5875c3e6c5b0e388b6bbe5485cae81cf1a98c370f701ae4d3f9917c98331583f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/discourse-presence_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Mqqs5JHgxxcNnqU%2BhRidEPuw5hpJABQ0sF8%2BDkqbX2f%2FBuwHUsSyk%2FUrLl5WgKy4g8DvPxwDl7AVV6QahVwhehxgScBzEvqOdCnVK8pCA4m0XKTxnvhd9ejgOKlhIcEj"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="discourse-presence_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''discourse-presence_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 0ac04c11-771f-4741-85f6-cc062281d901
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099856c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/footnote_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

1.7 kB

URL GET HTTP/3
dankleaks.top/stylesheets/footnote_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (1749), with no line terminators
Size
1.7 kB (1744 bytes)
Hash
5e995f0a7aa9d558cdfc3607e81d47b7
44b2a2287b0aa6627d386a442f3a5f90b3787957
a43c141e8ee89091675d5eee55d63d06eeadb05d8abdfb98d8bf8aeed96aefa4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/footnote_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=C55uagOA5ZzpNXbRj218gO02Go21oS71lJYszGAzUZGahbNTIjgRuDhej6QmNu86XuBRswhsl%2FfeJTxMyjmuwxcZDxNq%2FfaiqP%2FsaKQbWsRoVbBkLwJahe7YheJTj6Ux"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="footnote_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''footnote_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 119b3c17-4371-47df-ab39-f0db1e74ac17
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099a56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/theme-javascripts/c30053ba7f4fb4443b65d55cae2b0e6adb7f450a.js?__ws=dankleaks.top

104.21.48.1

200 OK

556 B

URL GET HTTP/3
dankleaks.top/theme-javascripts/c30053ba7f4fb4443b65d55cae2b0e6adb7f450a.js?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (584), with no line terminators
Size
556 B (556 bytes)
Hash
a7c6195cba21d125aed8ae29318936da
4805c85486edad6de24150ce4090e83a0b78538d
2e5fbdd4f592625e30aace2f0402d2c95a94c7ac90219524600d01d3afd1c2db

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /theme-javascripts/c30053ba7f4fb4443b65d55cae2b0e6adb7f450a.js?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BsVfI8weNTMO6F8VqP99trHhZUT8V%2BE8Q%2FIVvg41LBV%2B6NVuUFAYWXJhgscpKlv7pWmnkCxnjUqtpxeiK4Ttw9HeGQoeIN2CmABDbc%2BRP6PbdHkc%2BYzTkkjwoBXN92Oa"}],"group":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: theme_javascripts/show
last-modified: Sun, 28 Apr 2024 20:15:00 GMT
content-disposition: inline; filename="c30053ba7f4fb4443b65d55cae2b0e6adb7f450a.js"; filename*=UTF-8''c30053ba7f4fb4443b65d55cae2b0e6adb7f450a.js
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: eb0dd411-5a8e-489f-acea-91b227d04e2d
cf-cache-status: HIT
age: 3448456
content-encoding: br
cf-ray: 8fd063fd19a356c7-OSL
server: cloudflare
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/checklist_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

5.2 kB

URL GET HTTP/3
dankleaks.top/stylesheets/checklist_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (5225), with no line terminators
Size
5.2 kB (5198 bytes)
Hash
6594aee6170e2d7205a81d77aeb1e5fa
a05f8ad724c23084a80302ccfbe9ebc6398b87a6
8b1cd60f7723e53932b25acf26ed6b0c96ad810ba50b12dbeb7722bdd148c8cf

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/checklist_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3NQvSZSonxjNDPVz%2FwyFkjE4URR547F0%2FoRd40pEbPtc8PTmTAvnzBkT0uq3WB4vaXnYwxaeK%2FkgkajI6s1XVssFd4kNcOohqrXYIfm%2B5aAPU9GbYTOroIyUYYSsD%2BUi"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="checklist_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''checklist_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: bdac5abc-0c78-47e1-a1ff-2f279881fcb6
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099356c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/cdn-cgi/challenge-platform/h/g/jsd/r/8fd063f98bb456a2

104.21.48.1

200 OK

0 B

URL POST HTTP/3
dankleaks.top/cdn-cgi/challenge-platform/h/g/jsd/r/8fd063f98bb456a2
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/jsd/r/8fd063f98bb456a2 HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 12141
Origin: https://dankleaks.top
DNT: 1
Connection: keep-alive
Referer: https://dankleaks.top/login
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:37 GMT
content-type: text/plain; charset=UTF-8
content-length: 0
set-cookie: cf_clearance=; Path=/; Expires=Thu, 01-Jan-70 00:00:00 GMT; Domain=.dankleaks.top; Priority=High; HttpOnly; Secure; SameSite=None
cf_clearance=Mp2fm4hqgd2gfMPz_TXvShJ1_NwN8XXa1E2hFrIatcU-1736047837-1.2.1.1-0Z.jM6c5.eWtWXhYMHB1EtsOCyToSmiTnqO8NvijGx2wYIJkxl83KArANrjqh7qZIfkqRBROg7iUVB3qkINjeJcwznsnIlYY6huEPCuchT1ejdSHj6Y3sZZb_lhejJmdPvg7PgJTV1gfjtqsSTbhs8_j0jf6z77hSno8.SuiRq6mOXC8U78hQG7upvIBfZOxQSevHyE3xURGJAASXsj6rbVJFI2Fq4uiz4rOSmbeumzE5_9ln5iI17kNQ_dRMKQl72IzHB6BETFbuWfZWjsesE75s1touMnzjrb.oxr_Bodg41w9RFSmWFLYRGkrPDlH9c_rmBIYQAjJdxJEjjg2yw; Path=/; Expires=Mon, 05-Jan-26 03:30:37 GMT; Domain=.dankleaks.top; Priority=High; HttpOnly; Secure; SameSite=None; Partitioned
cf-ray: 8fd0640889ad56c7-OSL
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wtBD7AwiXzatrUwHlX1v9qnS9mMfB%2BQ0HxiLz%2B0Cfh7xeS9lf4OC9VpiexkqOGSBfl2iWVjzIEERgWdOhxDBbnEmpYLS67xndgabxbaxV9JI9LVa2PDMiCdKnSQFV9Ct"}],"group":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/discourse-lazy-videos-9aedaec9b360053ab6f08fc1906a26d134f2c3c18220cd09a96549a2067584fb.js

104.21.48.1

200 OK

6.4 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/discourse-lazy-videos-9aedaec9b360053ab6f08fc1906a26d134f2c3c18220cd09a96549a2067584fb.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (6768), with no line terminators
Size
6.4 kB (6378 bytes)
Hash
8c1535a3174b1f1c6e60743b54560fa3
007a7ec249bd3bf75de1618d3234391cedc917aa
63787b3b6694405eb1257ecf6fd83b16f771cd33996f0d18fbadf1caeec83ab7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/discourse-lazy-videos-9aedaec9b360053ab6f08fc1906a26d134f2c3c18220cd09a96549a2067584fb.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lDe399NBmbCfK93BYUXT5x4RGWwv%2F%2Bk%2BcNcOwz%2FZLflFfy2l%2FCzQObU5W%2BJbofDY%2Bsgq8HAjJKF1krroW12raWIK%2FHB8NxQSN55gCiPgUcsVYwVLQsHBd%2FsvpPNA4Osz"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 25 Nov 2024 20:41:17 GMT
vary: Accept-Encoding
expires: Tue, 25 Nov 2025 21:56:08 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 3476067
content-encoding: br
cf-ray: 8fd063fcb97d56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/discourse-local-dates-e622ba3973e1136408d885aa43a8dbf02095f2f9d0165a4954b2ab1b50b5300e.js

104.21.48.1

200 OK

31 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/discourse-local-dates-e622ba3973e1136408d885aa43a8dbf02095f2f9d0165a4954b2ab1b50b5300e.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
31 kB (31040 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/discourse-local-dates-e622ba3973e1136408d885aa43a8dbf02095f2f9d0165a4954b2ab1b50b5300e.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IUZKhjYvfOIKNZ78cVHE5TCqTQjN6f6XxwfaJT7ST47b11Bphlwj1QTLTOCu22fxiSP657IpIhesI2J%2BSlLnOaV4ciY7HP8CrF7WumaWW0F65V%2BgGhkMFFRdyW5ity1j"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 12 Dec 2024 18:40:02 GMT
vary: Accept-Encoding
expires: Fri, 12 Dec 2025 18:51:00 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 2018375
content-encoding: br
cf-ray: 8fd063fcb97e56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/locales/en-db7ca6cd24f86f5b448c9c114e7752f23917aa6544612aaeae6dd70dbff23922.js

104.21.48.1

200 OK

331 kB

URL GET HTTP/3
dankleaks.top/assets/locales/en-db7ca6cd24f86f5b448c9c114e7752f23917aa6544612aaeae6dd70dbff23922.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type

Size
331 kB (331024 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/locales/en-db7ca6cd24f86f5b448c9c114e7752f23917aa6544612aaeae6dd70dbff23922.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cVrOnTtvUMkHOq8WjMWha6Epw9LxfQjXSawAxaR4drROFoyE7XYL552sci6Zym7xoXWvt4QaB0DyWpXR1JMaT4eDHYqQUb2vvPKZiWju8QhyDVDNUuuniNfAy1sTIMyZ"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Dec 2024 21:45:57 GMT
vary: Accept-Encoding
expires: Fri, 19 Dec 2025 21:48:13 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 1402942
content-encoding: br
cf-ray: 8fd063fcc98556c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/discourse-narrative-bot_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top

104.21.48.1

200 OK

172 B

URL GET HTTP/3
dankleaks.top/stylesheets/discourse-narrative-bot_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with no line terminators
Size
172 B (172 bytes)
Hash
9d369d0f9ed0c7262957eaa2cc49574a
256739efe0a76270a01615dff3220c1c3572ce63
cbc84e3b4fe726c806e0eddba88a09dc921ef2e98b0af73213c82aeb5f5d9524

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/discourse-narrative-bot_3b92ead75022939e45d7950055d235cee95554b8.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9ioYYKsgEJ8ykV8Xp%2BpHPkfr0X%2BnvzmT%2Bi7MrvK9UKW%2B1MkCjkMyduwWNr4JpARoOm7MHR74djH%2BbfEaEsma6FGJkfPWWBZ1dwkA6gaiMxOh29gVM4sK3%2Fzs3J3fnvWC"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:16 GMT
content-disposition: inline; filename="discourse-narrative-bot_3b92ead75022939e45d7950055d235cee95554b8.css"; filename*=UTF-8''discourse-narrative-bot_3b92ead75022939e45d7950055d235cee95554b8.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: ab415b32-6104-4fae-9f1d-33114a282977
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd099756c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/stylesheets/desktop_theme_11_eaf232461317d350ec1e16d92f7ec1a376d1f12b.css?__ws=dankleaks.top

104.21.48.1

200 OK

1.9 kB

URL GET HTTP/3
dankleaks.top/stylesheets/desktop_theme_11_eaf232461317d350ec1e16d92f7ec1a376d1f12b.css?__ws=dankleaks.top
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
ASCII text, with very long lines (1882), with no line terminators
Size
1.9 kB (1879 bytes)
Hash
6c1120bf7fafa4a6265508119a4ea31c
473147be03554b56773506155eed7ac6a6029ed8
bb13b7dbcfcd22bf2ffe5bef94d2871503bff1a5e77250d510a3326065d81005

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /stylesheets/desktop_theme_11_eaf232461317d350ec1e16d92f7ec1a376d1f12b.css?__ws=dankleaks.top HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: text/css
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FQ%2BfzJnmqxhTs3tSz7kN8%2FynSWhtuidwzaFB0Vxu7GNKeqcvusU7XyuSDglAMih8rDCcxWPZ6J0m1dI5RYeoa6eRTmbd12dZ%2BYqt6D1NjnBJT00ogseRM%2BBu7RxE%2BIP1"}],"group":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
x-xss-protection: 0
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
x-discourse-route: stylesheets/show
last-modified: Fri, 27 Dec 2024 20:14:21 GMT
content-disposition: inline; filename="desktop_theme_11_eaf232461317d350ec1e16d92f7ec1a376d1f12b.css"; filename*=UTF-8''desktop_theme_11_eaf232461317d350ec1e16d92f7ec1a376d1f12b.css
content-transfer-encoding: binary
cache-control: public, max-age=31556952, immutable
cross-origin-opener-policy: same-origin-allow-popups
discourse-no-onebox: 1
x-request-id: 8d844064-703a-4e4c-bd00-a3d6ca5badc6
content-encoding: gzip
cf-cache-status: HIT
age: 716741
cf-ray: 8fd063fd19a156c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/browser-update-5faeb6403cf1359d9e201f096cc21a2cb3290010f06dac44d3d9c52210a05aac.js

104.21.48.1

200 OK

1.6 kB

URL GET HTTP/3
dankleaks.top/assets/browser-update-5faeb6403cf1359d9e201f096cc21a2cb3290010f06dac44d3d9c52210a05aac.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
HTML document, ASCII text, with very long lines (1641), with no line terminators
Size
1.6 kB (1585 bytes)
Hash
261dde207ac09ed68512757ebc44f4df
c3751fba36aee8aefacf10a502b86b2d79d938fd
a27c03ddb873ac70c47a06a882ebfbd31dc141ed9534c2f0f7d5e468acad3355

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/browser-update-5faeb6403cf1359d9e201f096cc21a2cb3290010f06dac44d3d9c52210a05aac.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=52izpHrEezqI35gKyw%2F8VYFfWl4yq4ju7gEEE8FrO9nDhiOqkUiZNgPIMl1HuL2Iy59l9y71DI7XowBxqtDOaJiOqTBVlIx09qp%2BmqpaZgBdVqwcX52CKXHlj26JYGaV"}],"group":"cf-nel","max_age":604800}
last-modified: Mon, 25 Nov 2024 20:41:00 GMT
vary: Accept-Encoding
expires: Tue, 25 Nov 2025 21:56:08 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 3476067
content-encoding: br
cf-ray: 8fd063fc997356c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

dankleaks.top/assets/plugins/chat_admin-aeb2809a04d368a2854d3ffe709f1c978ded0cea8dd8af709eccb4be4db87784.js

104.21.48.1

200 OK

19 kB

URL GET HTTP/3
dankleaks.top/assets/plugins/chat_admin-aeb2809a04d368a2854d3ffe709f1c978ded0cea8dd8af709eccb4be4db87784.js
IP
104.21.48.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dankleaks.top/login
Certificate
IssuerGoogle Trust Services
Subjectdankleaks.top
Fingerprint19:8B:80:D8:24:DF:3B:8C:A3:6F:57:EC:D6:6B:29:80:A5:14:43:BC
ValidityTue, 10 Dec 2024 14:07:22 GMT - Mon, 10 Mar 2025 14:07:21 GMT

File type
JavaScript source, ASCII text, with very long lines (4338)
Size
19 kB (18883 bytes)
Hash
84ac9100e8010ab23791fb856f549b75
b7d7b20defee8ee50bee0484cd830ee3fcdcc894
aeb2809a04d368a2854d3ffe709f1c978ded0cea8dd8af709eccb4be4db87784

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /assets/plugins/chat_admin-aeb2809a04d368a2854d3ffe709f1c978ded0cea8dd8af709eccb4be4db87784.js HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/login
DNT: 1
Connection: keep-alive
Cookie: destination_url=https%3A%2F%2Fdankleaks.top%2F
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 05 Jan 2025 03:30:35 GMT
content-type: application/javascript
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UCaemV7pypJoJu8YYaU6%2F0DUKjG3urkbYzfOdD0LdWgviMLNenzD9k1ig8PkTsINAqsCs9wicZbQjUyJzeUE51TiBBTaD2ls7GclVyZ%2F%2BEOHAHf4GbQwuiSQ6%2FuamvTu"}],"group":"cf-nel","max_age":604800}
last-modified: Thu, 19 Dec 2024 21:43:23 GMT
vary: Accept-Encoding
expires: Sun, 21 Dec 2025 01:30:17 GMT
cache-control: public, max-age=31536000, immutable
cf-cache-status: HIT
age: 1303217
content-encoding: br
cf-ray: 8fd063fca97a56c7-OSL
server: cloudflare
alt-svc: h3=":443"; ma=86400

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (36)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML