Report - login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ

Report Overview

Visited public
2024-06-30 16:29:15
Tags
Submit Tags
URL
login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=https://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ
Finishing URL
leakers.net/
IP / ASN
188.114.96.1
#13335 CLOUDFLARENET
Title
Leakers.net - The #1 Leaks Shop

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
assets-global.website-files.com	14027	2019-01-23	2020-11-01 16:14:58	2024-06-29 08:06:08	4.9 kB	212 kB	13.33.141.39
login.nsfwcum.xyz	unknown	unknown	No data	No data	7.0 kB	137 kB	188.114.96.1
leakers.net	unknown	2024-05-01	2016-08-08 11:30:40	2023-08-13 20:32:12	486 B	3.7 kB	52.58.254.253
e6.o.lencr.org	unknown	2020-06-29	2024-06-07 08:35:09	2024-06-29 19:24:06	326 B	730 B	23.36.77.32
uploads-ssl.webflow.com	16637	2003-03-31	2018-01-28 09:50:30	2024-06-29 21:44:47	2.2 kB	567 kB	108.157.229.79
cdn.sellix.io	unknown	2020-02-01	2020-06-19 21:36:56	2024-05-28 09:13:12	824 B	13 kB	104.18.1.146
d3e54v103j8qbb.cloudfront.net	unknown	2008-04-25	2016-03-11 23:08:14	2024-06-30 12:30:07	491 B	90 kB	18.173.1.220
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-06-29 18:13:04	1.6 kB	4.4 kB	23.36.77.32
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20 07:02:03	2024-06-29 19:26:02	2.7 kB	254 kB	104.17.2.184

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-06-30	medium	nsfwcum.xyz	Sinkholed
2024-06-30	medium	nsfwcum.xyz	Sinkholed
2024-06-30	medium	nsfwcum.xyz	Sinkholed
2024-06-30	medium	nsfwcum.xyz	Sinkholed
2024-06-30	medium	nsfwcum.xyz	Sinkholed
2024-06-30	medium	nsfwcum.xyz	Sinkholed
2024-06-30	medium	nsfwcum.xyz	Sinkholed

ThreatFox

No alerts detected

JavaScript (30)

	URL	From	Size	First Seen	Last Seen
	assets-global.website-files.com/65423581310e2018e009b88f/js/webflow.718107e01.js	ScriptElement	514 kB	2024-05-03	2024-08-20
Pretty URL assets-global.website-files.com/65423581310e2018e009b88f/js/webflow.718107e01.js IP 13.33.141.39 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-05-03 19:52 Last Seen2024-08-20 00:54 Times Seen160 Hash 718107e0102a9ba2d17710631eb5a36e 4b04c7428c0f5b4de8a67eae9c4b048afb80bf68 b4099c07deb2d63f2bc67a16cd4ef449c593180da66e3c6143e9a59941451f01 Loading...

	leakers.net/	ScriptElement	308 B	2023-04-06	2025-02-18
Pretty URL leakers.net/ IP 52.58.254.253 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-04-06 12:09 Last Seen2025-02-18 22:43 Times Seen167 Hash 274fa8afd8b4b0543646f5e54077580c 28cf57f94380a8ea9f6e9f2c536b22c306025851 88842fbf729e5ed2201ef06dece3fa24e8d41c25c87fb623ab7659612d2ae08e Loading...

	d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65423581310e2018e009b88f	ScriptElement	90 kB	2023-03-07	2025-07-05
Pretty URL d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65423581310e2018e009b88f IP 18.173.1.220 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02 Last Seen2025-07-05 04:41 Times Seen120873 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	cdn.sellix.io/static/js/embed.js	ScriptElement	11 kB	2024-06-28	2024-08-19
Pretty URL cdn.sellix.io/static/js/embed.js IP 104.18.1.146 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-28 14:45 Last Seen2024-08-19 18:55 Times Seen53 Hash 1035694e77116547ba0e1abaaa30925a e1ca4a1babd781f416f3e31749c08791919a72e9 3e565a8ad5b2f2defb7ce9578c685df941e6547346e786acf1f6e3fc503928e4 Loading...

		Size	First Seen	Last Seen
	#1 Eval - f2be6e9afd6abc73f959f707c713388f	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash f2be6e9afd6abc73f959f707c713388f e40e4316b1c850d80d3cc8bf65b61750c7f0c69a 4281f3b6dfb80e89b4172fe29179bb5fe7d84bd445bfb13d10cbe2bae9391815 Loading...

	#2 Eval - 9e925e9341b490bfd3b4c4ca3b0c1ef2	4 B	2023-03-07 01:03	2025-07-05 04:32
Pretty Observations First Seen2023-03-07 01:03 Last Seen2025-07-05 04:32 Times Seen400251 Hash 9e925e9341b490bfd3b4c4ca3b0c1ef2 c2543fff3bfa6f144c2f06a7de6cd10c0b650cae 1eb79602411ef02cf6fe117897015fff89f80face4eccd50425c45149b148408 Loading...

	#3 Eval - facab190c757916ecf1bc393c81169e3	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash facab190c757916ecf1bc393c81169e3 57e58a0742db6dcd646c6c18403663151116e842 7dfcb8862cab8fbfb468eab97c2a810add30cd0953e8ca9aab0214c2c3b7aad4 Loading...

	#4 Eval - 7fb819055d3a6dec613533b9af32a424	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 7fb819055d3a6dec613533b9af32a424 d072e14c43533b4ee4bb0d4b944ea76c7b98c408 1f226ee00dd0ca2921e7bfe6ea9d6297b9560d9a7355562c49f07fe9aeccfa11 Loading...

	#5 Eval - e8ccfc4904f89ecfed57035aa8dd9bcc	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash e8ccfc4904f89ecfed57035aa8dd9bcc d1325a680558998445e8831dd12b3db42beea6e8 8a2c007a438d2e5ecf6bf03d2225206e3bc141f1c7568722b3984ba897bb82f6 Loading...

	#6 Eval - 5dff9d060e2ba10a24c7c2b0af991305	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 5dff9d060e2ba10a24c7c2b0af991305 5ebaf939283e476da0aceb825d7d559bed089763 81a0076f44676308ac05c2970f9ada4fb67472a3c00a897d2807c7733f9fa7c9 Loading...

	#7 Eval - 58e16fbf3cbf25c4065c63732343c1af	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 58e16fbf3cbf25c4065c63732343c1af 3f64bc2f207b7309d13affb3f53de9c5c8856d95 dbd9de3212ec0da3fe8fe6ce19eba57551b0d65ecd0b5fde9930d1c51f1975bd Loading...

	#8 Eval - c72fad11ecb2c63ed4d6c3834d130ba6	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash c72fad11ecb2c63ed4d6c3834d130ba6 dab0ed6873eaec5ccb301f343ff6413b12f80600 607785ae3d85e27bc3a0a4def78be029c0bce9676f4b8cdd05c5bbebfe04eda6 Loading...

	#9 Eval - 5abedc115bf67d3937ad9fb86f56b7f9	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 5abedc115bf67d3937ad9fb86f56b7f9 5ef04e22bdf00275ab8f2c44b6899fe4fac166d3 6afcad4995178b740935f9af6dac3935767c0fd20d7d96f24e81105ede5fb073 Loading...

	#10 Eval - 55bbb20c5d1a555f1b96ab2132824983	60 B	2024-06-28 15:47	2024-08-19 18:55
Pretty Observations First Seen2024-06-28 15:47 Last Seen2024-08-19 18:55 Times Seen4122 Hash 55bbb20c5d1a555f1b96ab2132824983 921f1981099c302f394624c5ca69d663787e4f56 8c8ff76d793309e056599214596e3026bf8e2aabf9db4e55a0c63957c3071966 Loading...

	#11 Eval - 4e1846a260259365a144d762202f28cb	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 4e1846a260259365a144d762202f28cb efac9ad2c048eef737b47a0418dc62a74aa2cf34 8a6d62788bdeb8818a9550e4fe1e2487b0f573d980d30fea8714f92567116ad2 Loading...

	#12 Eval - a21fd2d24b14f163902dd55ffd7c7543	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash a21fd2d24b14f163902dd55ffd7c7543 93db06dbef2d2066943c0e5612b2c9c47bebf550 e4ea578e5ad6d0f7c441adefa83a7af5e41a1f0973f75f7f4e57e756becc051b Loading...

	#13 Eval - 99af8fbf3df642d1c94c008bdcb694ef	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 99af8fbf3df642d1c94c008bdcb694ef 2e20351aed75006e7b1f7069a22a7565b20af1f4 e4f8dbcfd3c2a73b28eaf285ce8df41f39ff60ce9f2dcde5c0ffc9fb8060d0b6 Loading...

	#14 Eval - 436cb1eca688e6423d072a9cc4aaa195	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 436cb1eca688e6423d072a9cc4aaa195 d6cc29b8352be9624a535e7f979de29c874f8d68 ee47cde2c05d03f030e8c30419de5d00225f0158ebb91ef760ec52a8bb9194d0 Loading...

	#15 Eval - 5ddf76d9f094bf0eb9191880107424ba	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 5ddf76d9f094bf0eb9191880107424ba 9babb8a88ed1cf16ae453c46a7d18c026c6018d2 6d60ce1e7115301271a512304eeac1d0f5434854322ec31252c052f8b4ea469b Loading...

	#16 Eval - 4fcfd072f6b7f7f4183e214cad834f7a	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 4fcfd072f6b7f7f4183e214cad834f7a 5e24eb91966e7987de51da9ddb3a31279dc56430 5279c00535f2174d5d9df8622f30b8bc63bb9da2b045e34c9bd3ab6b709e2634 Loading...

	#17 Eval - 7c9594b7d592e363ebd2a98bc08eb980	2.8 kB	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 7c9594b7d592e363ebd2a98bc08eb980 661985025cefc55599cf8ee0f768a1e084c6f9db a2776fdbe40bf9eee287c21011eff42176f0d12296f8433f081e593d36798d83 Loading...

	#18 Eval - 5081a8ccd5727b5db8bf2fb9a723dca2	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 5081a8ccd5727b5db8bf2fb9a723dca2 8df58d8c4e1a2bbcac3cde143a89471eaa9ce032 1c498a3b04878c2bf64a24ab8dc35088fd8e831ef0ede1b87091938864626c93 Loading...

	#19 Eval - f9b09dd67ab068bc37066bf4411adc8e	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash f9b09dd67ab068bc37066bf4411adc8e e9e4b4337631317c4ed405cdfdee6bc2b750008b 7268d950cd4c5284f103994cc14e44da17586acd30eb84c2526599a890b421b2 Loading...

	#20 Eval - e6bfe4da4e2f051f444ffaa59266d02a	159 B	2024-06-28 16:00	2024-08-19 18:55
Pretty Observations First Seen2024-06-28 16:00 Last Seen2024-08-19 18:55 Times Seen140 Hash e6bfe4da4e2f051f444ffaa59266d02a ce56205e4f226611693f86422466040d823dd33f a86aca40b30e3efc760f7827266db22159a45b56e27bf418fec8042971c7f0cb Loading...

	#21 Eval - 07ee8724e0e1f92bf2fe686789421dc3	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 07ee8724e0e1f92bf2fe686789421dc3 00612aafa8735da98bd7dd367bac43066882b1e5 a87c090a03b855db29581dcb18016af26c820914659e2b3b1498969d402f12a7 Loading...

	#22 Eval - f55bd574414a678a31330b84ab68af69	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash f55bd574414a678a31330b84ab68af69 d04ddd6ecd7cf5a4fe786d244cdcc6ef71a2a1a7 baa29abe916619e5f512da2ba2bfa970c22948f98fd7a85fe38e98a3dce05cda Loading...

	#23 Eval - 8b767695bd925b019a4fca19470607c9	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 8b767695bd925b019a4fca19470607c9 f32dcd5bfac6dcb3fc1c5d5bf8dacee93f1cd356 d5424d32677686ad78177e56b0caa5a34a63586ce28aad2c4921b1cfef4c34b6 Loading...

	#24 Eval - 41e3175fab203cc9ba80db8d46b10ba7	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 41e3175fab203cc9ba80db8d46b10ba7 8f4191521cf1e20cada4d460c83b91f5fc70c0fc 82cdca7ab447b237b00165399ad193d914ca1fdbfa545c1df778ed6ae3886859 Loading...

	#25 Eval - 2d4f8e38ac2f223d7e0d9a786b5f5d43	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash 2d4f8e38ac2f223d7e0d9a786b5f5d43 27550f2104b7a7dea15af67eb75352102890f6b6 0d2944a2528bff304851cc986fb268b47b2b191d7cba31d5a4a6d8ad5193ee2b Loading...

	#26 Eval - c67fa693648c46d0376afa339b5bc0cf	28 B	2024-08-19 18:42	2024-08-19 18:42
Pretty Observations First Seen2024-08-19 18:42 Last Seen2024-08-19 18:42 Times Seen1 Hash c67fa693648c46d0376afa339b5bc0cf b2c5d912d90ca2ae07ebc2e872ded9581fc9e07c 608a799432a982b092beb9f11598a1b941306ffe39919345f667249f9d8d7e0b Loading...

HTTP Transactions (35)

URL IP Response Size

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
b7dbdd91e33b4b40b990affe38907ed8
8c1dc814dfd071e0c4dcfc0f5429eb7c221d609a
842512e65717b866647d52bc726c962cc42c7e2027c53a2b5b79d7b86d2e50fc

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "842512E65717B866647D52BC726C962CC42C7E2027C53A2B5B79D7B86D2E50FC"
Last-Modified: Sun, 30 Jun 2024 13:53:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19495
Expires: Sun, 30 Jun 2024 21:53:42 GMT
Date: Sun, 30 Jun 2024 16:28:47 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
f6d043d7b5e98906db1fe2695e98859c
154db889ef567d2839bb7eaa15818cd546495b4f
f4fcc79261acda8e1cb81b9fc6524ee560b60740b0cf8107308dc82750dc079a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "F4FCC79261ACDA8E1CB81B9FC6524EE560B60740B0CF8107308DC82750DC079A"
Last-Modified: Sat, 29 Jun 2024 23:47:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5089
Expires: Sun, 30 Jun 2024 17:53:37 GMT
Date: Sun, 30 Jun 2024 16:28:48 GMT
Connection: keep-alive

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
cbf18fc0b8495e9002d75d18377ee564
26efedcb55b771589d559b798261c86a87c0b313
3358d5f916c82bb4d1a67b717d2a280302e3f54a687893b0c2556c93616cbdfb

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "3358D5F916C82BB4D1A67B717D2A280302E3F54A687893B0C2556C93616CBDFB"
Last-Modified: Sat, 29 Jun 2024 16:21:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9482
Expires: Sun, 30 Jun 2024 19:06:50 GMT
Date: Sun, 30 Jun 2024 16:28:48 GMT
Connection: keep-alive

POST login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ

188.114.96.1

302 Found

7.6 kB

URL User Request POST HTTP/1.1
login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ
IP
188.114.96.1:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (17350), with no line terminators
Size
7.6 kB (7586 bytes)
Hash
e43b8b7c121cad42121dbae861c89a08
5358257f710bbd2d426d1fd3fa396168abd45f1b
314fed284a51914fce628272ad8ee6e0240a86a3be7ea823539f014bba269c36

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ HTTP/1.1
Host: login.nsfwcum.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 403 Forbidden
Date: Sun, 30 Jun 2024 16:28:48 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Accept-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Critical-CH: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
Cross-Origin-Embedder-Policy: require-corp
Cross-Origin-Opener-Policy: same-origin
Cross-Origin-Resource-Policy: same-origin
Origin-Agent-Cluster: ?1
Permissions-Policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
Referrer-Policy: same-origin
X-Content-Options: nosniff
X-Frame-Options: SAMEORIGIN
cf-mitigated: challenge
cf-chl-out: bSL+9fh4lZLFmyEt5OjbY2ZHhIrYDZfHA0rt/+apDfct9o8IUTE3d7kVBsw/zejC6AGRe75h2aS7ybYwK/iEbWcMI6YNnZi2tmIUrmRQ9ZM=$014nG1OzgR2BwLX6/L1AVA==
Cache-Control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CXizzzmMT14U4HFaiXGFYkJdwS2kRiMzc9MOscE%2FjYYsfipOknTut867J0gyMjdjUUWD%2FoJlWPttg6qPpf6uf73QXOBGI7KkzRkhsZwTwf05aIVjy8DrsD1YZHmJ27FoM7rS0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89bf88145d9492ca-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

188.114.96.1

107 kB

URL
login.nsfwcum.xyz/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89bf88145d9492ca
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
107 kB (106637 bytes)
Hash
918e3d5f3bdc3e4d41d9268ab0d4e5e0
174117714d0278a21791c8ece676924d68b83a25
2084c3b0f0a9bd7337f5fb3a22dca7d2718c6fc9bbaa3beff35191574ea24412

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=89bf88145d9492ca HTTP/1.1
Host: login.nsfwcum.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ&__cf_chl_rt_tk=4D.57rgsh_nNluisF5cZ_QiFMdWwhHH2kUrt3c17_qA-1719764928-0.0.1.1-3519
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 30 Jun 2024 16:28:49 GMT
Content-Type: application/javascript; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J4L0oEvobGpiBMDDFv%2BCZ66ZhdGX7%2B84gmHY2bO%2BY388xUyJi3hUrOTHaskzHdZIuK5v7dJPODxJ8gH3qe%2F6c47cIQosvKdVLrHzoKm1qWRO3d3dzGzZ8A6bNExDSJjGTqqJ0g%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89bf88164a106a9b-DUS
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

login.nsfwcum.xyz/cdn-cgi/challenge-platform/h/g/flow/ov1/201022043:1719763994:Z8dazUi27piw_kH4_g7JNsRMpPdULQBBp2NR7UDv_Ns/89bf88145d9492ca/695d8ccbae316a4

188.114.96.1

12 kB

URL
login.nsfwcum.xyz/cdn-cgi/challenge-platform/h/g/flow/ov1/201022043:1719763994:Z8dazUi27piw_kH4_g7JNsRMpPdULQBBp2NR7UDv_Ns/89bf88145d9492ca/695d8ccbae316a4
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (16444), with no line terminators
Size
12 kB (12396 bytes)
Hash
271277da0b907bfa2a7c21be7658d667
73dfc709d535bcf9bbef3ff3cafb3675d8c39fc6
5a38d71edcafcb7100a2cf73c05da4aa6743a1719da8a12a2265422b641ba834

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/201022043:1719763994:Z8dazUi27piw_kH4_g7JNsRMpPdULQBBp2NR7UDv_Ns/89bf88145d9492ca/695d8ccbae316a4 HTTP/1.1
Host: login.nsfwcum.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ
Content-type: application/x-www-form-urlencoded
CF-Challenge: 695d8ccbae316a4
Content-Length: 2406
Origin: http://login.nsfwcum.xyz
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 30 Jun 2024 16:28:49 GMT
Content-Type: text/plain; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cf-chl-gen: zdwxaLuwNHRHHj8ViSSENsHus72w1l6rRRZlRFv7mz5XpGP4VITDyCOEW0OI/lnl$Z4ZVyr+/ZFhTB6/p8sIVqg==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9c9yoOrihjaSx2Dmp5p7lFni68EHTHCsKmXV2Qf9CgvEPKtSYu2U%2ByNYFD4DL5ex3mvXS1FzLDzWLV3KVFldwcGpAn4s7uSmQS3ziSZKUxXCWwikgQOYv4i9aDnC%2F%2Bliq7V%2FrQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89bf88188af5930e-CPH
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

188.114.96.1

0 B

URL
login.nsfwcum.xyz/favicon.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: login.nsfwcum.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ&__cf_chl_rt_tk=4D.57rgsh_nNluisF5cZ_QiFMdWwhHH2kUrt3c17_qA-1719764928-0.0.1.1-3519
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sun, 30 Jun 2024 16:28:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Nrsqiw4gtXnvsDdbOCPyMoAsIfx50A7sYUbSGATQp7dERx2i2Yy4VkDuTxvjK%2FgImFMGbIenspX6QfLwihPbAkOiJAC5n%2FHtl%2BFGvYBB4TP7X9zaShxDd97pzsersPsIB9KvYw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89bf8816db296a9b-DUS
alt-svc: h2=":443"; ma=60

188.114.96.1

0 B

URL
login.nsfwcum.xyz/favicon.ico
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: login.nsfwcum.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 404 Not Found
Date: Sun, 30 Jun 2024 16:28:49 GMT
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tFjOjCTjkWK9z%2F%2Bdl%2BHGFygYeM8WBxMS4xdk8fBDa2nPj5QAnUFhpqzHOPGIVjrff3Na7%2FFksv239cIY1M1EJIHFyuKd1UVZ9uJbHRiI7DcRoKp3R5ddJPpnlKC9wbltqmr36A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 89bf88173f8692b5-CPH
alt-svc: h2=":443"; ma=60

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 2 x 2, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
9246cca8fc3c00f50035f28e9f6b7f7d
3aa538440f70873b574f40cd793060f53ec17a5d
c07d7d29e3c20fa6ca4c5d20663688d52bad13e129ad82ce06b80eb187d9dc84

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/cmg/1/GLhOioXg0bs57t4qPrORXFsL1%2BWig2mIKbgpVPMu7ZQ%3D HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/flogm/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Jun 2024 16:28:49 GMT
content-type: image/png
content-length: 61
cache-control: max-age=2629800, public
server: cloudflare
cf-ray: 89bf881a6b7c92a3-CPH
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0c22b10a118098f2cdc4b186e6f8e9a8
cfe8b247d843f42d2205bb16a48cefe38c78526e
1208b1961307dfb3c91a337dfa900f9be57f91cab6a7dd3d7c5e38d2399d5d10

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1208B1961307DFB3C91A337DFA900F9BE57F91CAB6A7DD3D7C5E38D2399D5D10"
Last-Modified: Fri, 28 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12699
Expires: Sun, 30 Jun 2024 20:00:29 GMT
Date: Sun, 30 Jun 2024 16:28:50 GMT
Connection: keep-alive

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/flogm/0x4AAAAAAADnPIDROrmt1Wwj/light/normal

104.17.2.184

19 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/flogm/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with very long lines (42151)
Size
19 kB (18783 bytes)
Hash
3bf5a6b56e4fc1ff2939481f325bbb9e
a24e2bb3d5ea7e46a423d7ce23d40c00351448ab
df2b1768e8299f4c70334e4f2e23c0da8c6be08006ec5d9d1a4bc47399a01c38

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/flogm/0x4AAAAAAADnPIDROrmt1Wwj/light/normal HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Jun 2024 16:28:49 GMT
content-type: text/html; charset=UTF-8
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
critical-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
permissions-policy: accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
content-security-policy: frame-src https://challenges.cloudflare.com/; base-uri 'self'
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy: require-corp
origin-agent-cluster: ?1
referrer-policy: same-origin
cross-origin-resource-policy: cross-origin
document-policy: js-profiling
cross-origin-opener-policy: same-origin
server: cloudflare
cf-ray: 89bf88199a0a92a3-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

r10.o.lencr.org/

23.36.77.32

504 B

URL
r10.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
504 B (504 bytes)
Hash
0c22b10a118098f2cdc4b186e6f8e9a8
cfe8b247d843f42d2205bb16a48cefe38c78526e
1208b1961307dfb3c91a337dfa900f9be57f91cab6a7dd3d7c5e38d2399d5d10

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "1208B1961307DFB3C91A337DFA900F9BE57F91CAB6A7DD3D7C5E38D2399D5D10"
Last-Modified: Fri, 28 Jun 2024 05:32:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12699
Expires: Sun, 30 Jun 2024 20:00:29 GMT
Date: Sun, 30 Jun 2024 16:28:50 GMT
Connection: keep-alive

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/89bf88199a0a92a3/1719764929997/5bOu6xF9LpuGxwW

104.17.2.184

61 B

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/i/89bf88199a0a92a3/1719764929997/5bOu6xF9LpuGxwW
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 91 x 98, 8-bit/color RGB, non-interlaced
Size
61 B (61 bytes)
Hash
221dbc477c6c62af11b4782ff89c8051
a82f0a5c06da995f0cdbb9e6625f285ad9b4aeb4
765db938491daf77f1d7186ff69c9c4fc1836247c4db0ab0e49ef09d3f655721

HTTP Headers

GET /cdn-cgi/challenge-platform/h/g/i/89bf88199a0a92a3/1719764929997/5bOu6xF9LpuGxwW HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/flogm/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Jun 2024 16:28:52 GMT
content-type: image/png
content-length: 61
server: cloudflare
cf-ray: 89bf8828f99592a3-CPH
alt-svc: h3=":443"; ma=86400

login.nsfwcum.xyz/cdn-cgi/challenge-platform/h/g/flow/ov1/201022043:1719763994:Z8dazUi27piw_kH4_g7JNsRMpPdULQBBp2NR7UDv_Ns/89bf88145d9492ca/695d8ccbae316a4

188.114.96.1

3.3 kB

URL
login.nsfwcum.xyz/cdn-cgi/challenge-platform/h/g/flow/ov1/201022043:1719763994:Z8dazUi27piw_kH4_g7JNsRMpPdULQBBp2NR7UDv_Ns/89bf88145d9492ca/695d8ccbae316a4
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4300), with no line terminators
Size
3.3 kB (3308 bytes)
Hash
d438b9a98175f35031ed3f4ff82e6625
8ef61da97d76debb7b0e1c8d0ec113f52c50a2df
32073182d85e83847944fbda6386f87d7528f0c382b3321cb0845238fb3cb052

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/201022043:1719763994:Z8dazUi27piw_kH4_g7JNsRMpPdULQBBp2NR7UDv_Ns/89bf88145d9492ca/695d8ccbae316a4 HTTP/1.1
Host: login.nsfwcum.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ
Content-type: application/x-www-form-urlencoded
CF-Challenge: 695d8ccbae316a4
Content-Length: 3837
Origin: http://login.nsfwcum.xyz
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sun, 30 Jun 2024 16:28:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
set-cookie: cf_chl_rc_m=;Expires=Sat, 29 Jun 2024 16:28:55 GMT;SameSite=Strict
cf-chl-out: 8TYJU0+0hRKqPM41EDMiUImSiti5y4bDOWLOQcVmOy/41nirjC8xSQrzl/PDtIOD2dWla6jeOEiRTW7lhXBBGA==$StXa/dRZxFyH6Om4hi9ZyA==
cf-chl-out-s: VKYF+m6A2a9bZWvz+jGUpOVhSTPEvQsp25SUuFLgaUR4P8W4cjEtSSpuEMDF+PMzsLJE1d9CDZtlWAcvhkgBVA8/076A6kftmGLaeSyxJYsvvxvgaqDAva5FsjZqury/HovJ2AfGgSzC7XLyZN1NGVFYjXS7bnf0+3zx3sBuJBPrrOAKOy3opZQCQ4x3HJGGydGgFO4cZ5vKBy0u6cy3R47ZSWV8mKVEkSW4Ak0C7C01EhMrTP/4CLDJKGlnHRaDXDZfhavGpcX6/o8hUEcV/+YuatJybAGRQrMjlpNXQRy/utneq+dyPvSridzUYt9q51FLviqCrX1l1HCmZnB/QMWheITrTTyHM5tWCJU9eTkZvScdX/1iWOEbxhXIXfZGQ7YSwYlP3fhUnrAGH4b2S+BccNJjflR1zSDxmg2ZNw8JuCXTRhEiwdjipzRUPaNqQq62UjgevM3jR6lgC1lh5Q==$OymkrWYalZwQvtS3fm0dRA==
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bb5PpiK5xu1IY75S%2B4J2LwyCWJbp7eCiZ2iKg5ZffNuiOZ9gf741DpS3oT6V5%2Fo1blXoKblvTJkO9qi9PC8kfGAhtMQY%2Fdj3q%2Bx8D5lPsoJ7HIIZcu%2BSfpWrskp7lhrfihcJIg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89bf8840fc116a9b-DUS
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60

188.114.96.1

302 Found

82 B

URL User Request POST HTTP/1.1
login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ
IP
188.114.96.1:80
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with no line terminators
Size
82 B (82 bytes)
Hash
e8069e264153eaea6fea28c8de36b2d7
1a24510f503ba1aa3236787687628fddf63bdb23
e75d056d16c457d855c63015ec02c70754a818956853326f1721b70a272c04b4

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

POST /login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ HTTP/1.1
Host: login.nsfwcum.xyz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://login.nsfwcum.xyz/login?redirect_to=/oauth2/authorize?client_id=1254885408932757594&redirect_uri=http://restorecord.com/callback&response_type=code&scope=identify%20guilds%20guilds.join&state===QPw4WS2wGSlVHMXRmak5mW6VTbMVHbyold41WS2kUaiBnRXJmdS1WSzl0UNVTVDJFNVlmU1U1QNdkVD1UeVN0T4l0aNxWQq1EbjxmUUVzaJZTSTpFdG1mYpd3UNJTTE9ENJRlTyMGVPh3YU1kNJl3YspEWhdHaYpVa3lWSwsGVONTV65UeNR1T0EEROFzZE9EMVpWT4lUaPlWUXNFM1clWwhnMZl2dplENFR0Tx0keONTQq5EMJpmT1EleOVTSE9UavpWSrxWRaNHbXRmbKlXZ&__cf_chl_tk=4D.57rgsh_nNluisF5cZ_QiFMdWwhHH2kUrt3c17_qA-1719764928-0.0.1.1-3519
Content-Type: application/x-www-form-urlencoded
Content-Length: 3985
Origin: http://login.nsfwcum.xyz
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Date: Sun, 30 Jun 2024 16:28:56 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: cf_clearance=en7yZRXRUeUZEzM3EtrRnpV9Yaa9.Oo9piZ_0yKFrhA-1719764928-1.0.1.1-_OZ0S8_ice8UC4mImAlWXCxKbEc5v0TEddd1qK84Smnh9EGDCErjH3nSmtORIRGvXKmGsN9cJhtc98bSpruKEw; Path=/; Expires=Mon, 30-Jun-25 16:28:56 GMT; Domain=.nsfwcum.xyz; HttpOnly
Access-Control-Allow-Origin: *
Location: https://leakers.net
Vary: Accept
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=acv1XjNXdQ2MLzcsDh4NofNz%2Fq5ydL9q6B2uo5GtqcfqGKo6vRuK%2BhONcaZiPDkCVLWDr%2FvhI9dAh7c%2FjITtLYmU3d4WCBSingXsb4sBb7maRWeCWjqVzOWBK3T7inor20s3WA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 89bf88422e616a9b-DUS
alt-svc: h2=":443"; ma=60

e6.o.lencr.org/

23.36.77.32

346 B

URL
e6.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
346 B (346 bytes)
Hash
6d1fbc8bfa10518bd2534e37772e257a
c9a5b049102fc477149d90f7413870c79bcc429c
343511be568406687aecfe5021e90317155da071a82fe47e0fea8ac2a08edd2c

HTTP Headers

POST / HTTP/1.1
Host: e6.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "343511BE568406687AECFE5021E90317155DA071A82FE47E0FEA8AC2A08EDD2C"
Last-Modified: Sun, 30 Jun 2024 15:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21591
Expires: Sun, 30 Jun 2024 22:28:47 GMT
Date: Sun, 30 Jun 2024 16:28:56 GMT
Connection: keep-alive

GET leakers.net/

52.58.254.253

200 OK

3.3 kB

URL User Request GET HTTP/2
leakers.net/
IP
52.58.254.253:443
ASN
#16509 AMAZON-02

Certificate
IssuerLet's Encrypt
Subject*.leakers.net
FingerprintA7:F1:5F:EF:9D:FA:0D:AD:09:D5:7A:1E:E8:F0:7B:A9:22:7C:88:BB
ValiditySun, 30 Jun 2024 14:02:32 GMT - Sat, 28 Sep 2024 14:02:31 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (1049), with CRLF line terminators
Size
3.3 kB (3274 bytes)
Hash
0834e06797e207f89573ad020552dd11
5d5fa3b7ea77db83d9b17742399468eed057ae9c
7a8447f76be13f96bcb92b5469c18b6ac78e97169cd761a8863dc9e2b6639134

HTTP Headers

GET / HTTP/1.1
Host: leakers.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Sec-Fetch-User: ?1
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
age: 205488
cache-control: public,max-age=0,must-revalidate
cache-status: "Netlify Edge"; hit
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 30 Jun 2024 16:28:56 GMT
etag: "4757c431f5de6531b5f6fbc72e57c36f-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-nf-request-id: 01J1MZMSZJD5KSZ6W597TE42H3
content-length: 3274
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/js/webflow.718107e01.js

13.33.141.39

200 OK

96 kB

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/js/webflow.718107e01.js
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (695)
Size
96 kB (95937 bytes)
Hash
718107e0102a9ba2d17710631eb5a36e
4b04c7428c0f5b4de8a67eae9c4b048afb80bf68
b4099c07deb2d63f2bc67a16cd4ef449c593180da66e3c6143e9a59941451f01

HTTP Headers

GET /65423581310e2018e009b88f/js/webflow.718107e01.js HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
content-length: 95937
last-modified: Mon, 01 Jan 2024 18:35:50 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: GCV6mWzUFGyAVx3P6hUUbGEEjTStm_t.
accept-ranges: bytes
server: AmazonS3
date: Sat, 29 Jun 2024 23:14:35 GMT
cache-control: max-age=84600, must-revalidate
etag: "8418395a044beaa95b9308147c4925ef"
vary: Accept-Encoding
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 62063
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: bV3AqTTr2IajH0YiJoI1zcetZeojcHQZLbSEYcST-5AukY-B0TMUiw==
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8e7_girlsss.png

13.33.141.39

200 OK

48 kB

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8e7_girlsss.png
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
PNG image data, 294 x 98, 8-bit/color RGBA, non-interlaced
Size
48 kB (47736 bytes)
Hash
17abb3ac27e5b49dd563819e67773b6f
78788d5a6e3c2dd5701fd37803753bd9ce0f19e1
991d77df75c4639aa0a418c9a7cb210aa84bb8663ce168bb1a30c7a376d1ee3e

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8e7_girlsss.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 47736
date: Tue, 02 Jan 2024 20:13:00 GMT
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "17abb3ac27e5b49dd563819e67773b6f"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: _XIhFANVspSb8bg8uTXRA2sJcMDxLQSJ
accept-ranges: bytes
server: AmazonS3
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 15538558
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: Wp0Dk84-tr_lrSzwCuJqipd5s7lpIhiapJRROo8cZGL_0CzaSWRyjQ==
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8c0_flash.svg

13.33.141.39

200 OK

493 B

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8c0_flash.svg
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
493 B (493 bytes)
Hash
7dc198237d1b11a8467acde44019b8a8
7cef7a3f4c700cba19abfe4ed025bf81e1215f0c
2072e3db566022d4de126a2b41ded9e07cdae63727aba31c3f0aed29f39d39dc

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8c0_flash.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 493
date: Tue, 23 Jan 2024 19:50:54 GMT
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "7dc198237d1b11a8467acde44019b8a8"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 0SQNulIGuxTQRUjjHy5CkUPubmBzUd5m
accept-ranges: bytes
server: AmazonS3
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 13725484
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 9K4FQifnxNb13SxFgLTXuX3AzePJ67RINDQ7CM4jluSGRNRydja1Ng==
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8ae_folder.svg

13.33.141.39

200 OK

377 B

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8ae_folder.svg
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
377 B (377 bytes)
Hash
87b7c649b0e6400f28071d4b6e9fbb8a
4639523a516f3e6e9e21316e7c4cdfef9f54672c
fc01dd2f1fadb8a427974db851b9d1e6ba5789c81b5c2fd91c45051da85d6636

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8ae_folder.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 377
date: Sun, 28 Apr 2024 02:45:08 GMT
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "87b7c649b0e6400f28071d4b6e9fbb8a"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: cxLA84ARH7MD_ZfiPFttA7atD.4oJiza
accept-ranges: bytes
server: AmazonS3
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 5492630
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 9zfZmn3itoK8-LjJCKH2uXmBXvBzRhUuCazQkaotMRp_AD5zjf5spw==
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/css/miami-44baae-fb1698b24a6dda8dbac1757425.webflow.89d43beef.css

13.33.141.39

200 OK

16 kB

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/css/miami-44baae-fb1698b24a6dda8dbac1757425.webflow.89d43beef.css
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (2587)
Size
16 kB (16122 bytes)
Hash
89d43beef1c95bd1d24e7abcf6ac8fbd
e361ac55c2d2ef5cbbfae99f91d2a1a1c3c7744f
42c4cf605e4757ede9ce9cb409b7127ca255340ddc9bcf156d6ed30c48f33ad8

HTTP Headers

GET /65423581310e2018e009b88f/css/miami-44baae-fb1698b24a6dda8dbac1757425.webflow.89d43beef.css HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css
content-length: 16122
last-modified: Mon, 01 Jan 2024 18:35:50 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: 7I2xyRkYwZ9m.e6_pyrINOfnw324JIx5
accept-ranges: bytes
server: AmazonS3
date: Sat, 29 Jun 2024 21:16:58 GMT
cache-control: max-age=84600, must-revalidate
etag: "b69ea2b21fff5202c1e85687ca3d4cad"
vary: Accept-Encoding
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 69120
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: kDlafh52LQ1h-mK82LCsey6gwAutvjGx9IZf3T94wUn28XlpUSFZ0A==
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8e5_glow-p-500.png

13.33.141.39

200 OK

36 kB

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8e5_glow-p-500.png
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
PNG image data, 500 x 311, 8-bit colormap, non-interlaced
Size
36 kB (36166 bytes)
Hash
e3afe40e8e46a32b242f3090b43eeb83
ff2879317dcf232e0283dbb63b6d4220fad7fa1d
1e789db31f64f12e83b2d0766cdf396dea2dc259041dc542f50adea9125d8885

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8e5_glow-p-500.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 36166
date: Thu, 02 May 2024 18:57:51 GMT
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "e3afe40e8e46a32b242f3090b43eeb83"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: aQ4rTb9bdBUzu9b5BnXrdUM6ttgTKtmp
accept-ranges: bytes
server: AmazonS3
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 5088667
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: oEKdAmGQQ9R6fHeGDTa8P0zqPZWmWd3KxSPq4XprXBVa6lvE7-1zyA==
X-Firefox-Spdy: h2

challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1182374209:1719764015:LShN4YUxohZJLtrLivZOEEg9lCNxpSM_Ud7G9AOIUpk/89bf88199a0a92a3/a55d1b932c90761

104.17.2.184

232 kB

URL
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/flow/ov1/1182374209:1719764015:LShN4YUxohZJLtrLivZOEEg9lCNxpSM_Ud7G9AOIUpk/89bf88199a0a92a3/a55d1b932c90761
IP
104.17.2.184:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
232 kB (232145 bytes)
Hash
5af6485cdf032e8237b42fbe50f67414
7fabdd5707809119252274fed57383432d5fd9d4
d19e5823ab3ba8c4297bc42d8788daf757f746c25405af2ff5909f6f3bdf9319

HTTP Headers

POST /cdn-cgi/challenge-platform/h/g/flow/ov1/1182374209:1719764015:LShN4YUxohZJLtrLivZOEEg9lCNxpSM_Ud7G9AOIUpk/89bf88199a0a92a3/a55d1b932c90761 HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv0/0/flogm/0x4AAAAAAADnPIDROrmt1Wwj/light/normal
Content-type: application/x-www-form-urlencoded
CF-Challenge: a55d1b932c90761
Content-Length: 3982
Origin: https://challenges.cloudflare.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 30 Jun 2024 16:28:50 GMT
content-type: text/plain; charset=UTF-8
cf-chl-gen: +0d0N/Fzl6pTBQZOnXet7Iz73nNPCNOai51PGFLYBYd+QSl15q7K923JpQVqGWsZ2Gl9wGq9/Apj3SNXxmso8LCn0k61Wl/mJe39Q4UdCYqqdg//QAV/NVLP97X+Hekv67wj0hPtXqoMU6hMBHZXBIYgJY0nNTBkoF+NE1tY1fzcK1VlIXiwKIXmSlgnCUYlXoymNrXFJUUejF34E/jnC3xOeKaaIzzaEDq70bxFEsRrI1b38uVJIiNR+ZHrp4DFLOFJmprEGMzMjXc7eYSk8hEQeqX5bjSU4EQw1iyqv4Y9tce11WQ4uWDjKc4m1/KjuofCWcUGZ3fyIBvdksMOYF+AJ7mk9VxpItZe4FBHZoNOAMhL8I3Mj3HDCHu3rN2NnX9uqkzsCryRKP0k88mv5QWdcBjNOTXumSX4BOk00nolCt3M+uyrpXtFNin+ip2cVv34SioMN5kKvvP+VXklUMj79sikNrULpS3KPBUk/TZ8T5V3RUHidBheqlppkLER$f5zvlKKxtBlP/gPgu5bUDQ==
server: cloudflare
cf-ray: 89bf881c5f0292a3-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET uploads-ssl.webflow.com/65423581310e2018e009b88f/65423581310e2018e009b8b7_Inter-Regular.woff

108.157.229.79

200 OK

134 kB

URL GET HTTP/2
uploads-ssl.webflow.com/65423581310e2018e009b88f/65423581310e2018e009b8b7_Inter-Regular.woff
IP
108.157.229.79:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subjectuploads-ssl.webflow.com
Fingerprint2C:D3:A5:3B:18:D3:C9:78:EB:5A:E1:87:23:78:92:D6:3E:75:CB:5A
ValidityFri, 28 Jun 2024 00:00:00 GMT - Sat, 26 Jul 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 134528, version 0.0
Size
134 kB (134528 bytes)
Hash
41cd7069d7f578a69690178b818c0a2c
7f8681f6a0fbaaa4b8582089444cac191a111a72
aac36c022c9d50092fe17df27f1fdaf7f0abf6bb00ba13cf20a54c20edba7f12

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8b7_Inter-Regular.woff HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leakers.net
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 134528
date: Sat, 27 Apr 2024 20:20:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "41cd7069d7f578a69690178b818c0a2c"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: i52BseJ1dzsKAs0WQk3PIUIl6l8f73VJ
accept-ranges: bytes
server: AmazonS3
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
age: 5515724
x-cache: Hit from cloudfront
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 0M86tWKBbZR-RhD7_3OiMCwSzYy58kbOaRXJQTkB0VtL8pgBKQJ9kw==
X-Firefox-Spdy: h2

GET uploads-ssl.webflow.com/65423581310e2018e009b88f/65423581310e2018e009b8d2_Inter-Medium.woff

108.157.229.79

200 OK

143 kB

URL GET HTTP/2
uploads-ssl.webflow.com/65423581310e2018e009b88f/65423581310e2018e009b8d2_Inter-Medium.woff
IP
108.157.229.79:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subjectuploads-ssl.webflow.com
Fingerprint2C:D3:A5:3B:18:D3:C9:78:EB:5A:E1:87:23:78:92:D6:3E:75:CB:5A
ValidityFri, 28 Jun 2024 00:00:00 GMT - Sat, 26 Jul 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 142736, version 0.0
Size
143 kB (142736 bytes)
Hash
592a30dc78f8586ad4149dfdc3f73312
24f62ad563e84aad15e924dffa60c8b20903eb54
266d3f14c5e24b3612020e1d23d90444695be74af597b667a1bdcf80a22e2dc6

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8d2_Inter-Medium.woff HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leakers.net
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 142736
date: Tue, 30 Apr 2024 18:30:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "592a30dc78f8586ad4149dfdc3f73312"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: tAGt1p2whRjxKWAOyu5SfwAjNrONEdPo
accept-ranges: bytes
server: AmazonS3
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
age: 5263138
x-cache: Hit from cloudfront
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: avSxohSQw54IoIYOZhZpbUFBZo3xBJHuTRbcGyzP3iMQY85nKImlrA==
X-Firefox-Spdy: h2

GET uploads-ssl.webflow.com/65423581310e2018e009b88f/65423581310e2018e009b8d1_Inter-SemiBold.woff

108.157.229.79

200 OK

143 kB

URL GET HTTP/2
uploads-ssl.webflow.com/65423581310e2018e009b88f/65423581310e2018e009b8d1_Inter-SemiBold.woff
IP
108.157.229.79:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subjectuploads-ssl.webflow.com
Fingerprint2C:D3:A5:3B:18:D3:C9:78:EB:5A:E1:87:23:78:92:D6:3E:75:CB:5A
ValidityFri, 28 Jun 2024 00:00:00 GMT - Sat, 26 Jul 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 143152, version 0.0
Size
143 kB (143152 bytes)
Hash
8a12c702fa5c5e3ceed33f78e72b9bee
17cac8f92c3e51f13b933f015385043a2158ed2b
2731022e91430f89e0635f6b651f2f95c698a34d1862efd92bfc01db1c6de191

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8d1_Inter-SemiBold.woff HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leakers.net
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 143152
date: Tue, 30 Apr 2024 18:30:00 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "8a12c702fa5c5e3ceed33f78e72b9bee"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: HPYkz2DIRxyTuDe6kLrzUDIJBlT1Uq0E
accept-ranges: bytes
server: AmazonS3
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
age: 5263138
x-cache: Hit from cloudfront
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: GywmI7Cc28UWIITwyANXFHNZwaGRxd5gO4DE4JCKQBLHO_lR22xIUA==
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8ed_256.png

13.33.141.39

200 OK

6.6 kB

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8ed_256.png
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced
Size
6.6 kB (6568 bytes)
Hash
96c3a802cfa08d41e9981ae0314970eb
130dbaa652c242b37a54367729c008f213dc3e06
36c038c73b065bdcdf7cd74aa41249a54820739d52b6554fb6a442c61bff98b3

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8ed_256.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/png
content-length: 6568
date: Sat, 27 Apr 2024 11:17:34 GMT
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "96c3a802cfa08d41e9981ae0314970eb"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: MtImc9mrcVB4GmrHUxpeHtMTvGfkYz_H
accept-ranges: bytes
server: AmazonS3
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 5548284
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 7zGw_ohY8772OoR9xc0Y0hX2mKjxJgqJCT01iZgGPTUXulky3b_Xmg==
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8b0_check.svg

13.33.141.39

200 OK

877 B

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8b0_check.svg
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
877 B (877 bytes)
Hash
2531e57f712b2a4a1b4b18f8f7d3267d
31c6cd217a16fe857bec66abc2dcc80782c35645
f2ddeeaaf04fcfb15522fa40c549d21013c8982736de5e1a154f91b1ec01eb41

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8b0_check.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Sat, 20 Apr 2024 19:22:30 GMT
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: W/"2531e57f712b2a4a1b4b18f8f7d3267d"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: gxNvco.Yw7REGfYTD4IS7D57VMeYMcPr
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 6123988
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: ZmQjpGacjKQohzLFZIxB_5cg3po14hynXjcg8D1vxmbhKrUxwnRulA==
X-Firefox-Spdy: h2

GET cdn.sellix.io/static/js/embed.js

104.18.1.146

200 OK

11 kB

URL GET HTTP/2
cdn.sellix.io/static/js/embed.js
IP
104.18.1.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://leakers.net/
Certificate
IssuerLet's Encrypt
Subjectcdn.sellix.io
FingerprintC1:48:A6:D0:6B:B5:AE:64:34:44:15:CD:85:F1:35:CC:94:05:49:DB
ValiditySun, 19 May 2024 20:44:31 GMT - Sat, 17 Aug 2024 20:44:30 GMT

File type
JavaScript source, ASCII text, with very long lines (2037)
Size
11 kB (11119 bytes)
Hash
1035694e77116547ba0e1abaaa30925a
e1ca4a1babd781f416f3e31749c08791919a72e9
3e565a8ad5b2f2defb7ce9578c685df941e6547346e786acf1f6e3fc503928e4

HTTP Headers

GET /static/js/embed.js HTTP/1.1
Host: cdn.sellix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 30 Jun 2024 16:28:57 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=15800
access-control-allow-origin: *
etag: W/"667ae903-3db8"
expires: Mon, 30 Jun 2025 16:28:56 GMT
last-modified: Tue, 25 Jun 2024 15:57:55 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 252311
set-cookie: __cf_bm=fGw6WOa7KZmaPyr15tdnufJGxiGDajxW5U0ixeFnjdA-1719764936-1.0.1.1-salRKME0lJwxsKsENqPrx7lNTh0gZCuiZW1Lq5.O4641qjyCjmtHhUZSaDkUANsboPEgJcTxMHXA8newQ4CBPg; path=/; expires=Sun, 30-Jun-24 16:58:56 GMT; domain=.sellix.io; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 89bf884819fc92f1-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET uploads-ssl.webflow.com/65423581310e2018e009b88f/65423581310e2018e009b8d3_Inter-Bold.woff

108.157.229.79

200 OK

144 kB

URL GET HTTP/2
uploads-ssl.webflow.com/65423581310e2018e009b88f/65423581310e2018e009b8d3_Inter-Bold.woff
IP
108.157.229.79:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subjectuploads-ssl.webflow.com
Fingerprint2C:D3:A5:3B:18:D3:C9:78:EB:5A:E1:87:23:78:92:D6:3E:75:CB:5A
ValidityFri, 28 Jun 2024 00:00:00 GMT - Sat, 26 Jul 2025 23:59:59 GMT

File type
Web Open Font Format, TrueType, length 143592, version 0.0
Size
144 kB (143592 bytes)
Hash
895ddea987172f5a34a727cb0b559c9d
fc66cf105b40f79a22e3a98465d5495409af1907
c5c7c3cd40865c85a70b44f455d64ad04bf1978627b8afbd3a322ca0cac434ce

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8d3_Inter-Bold.woff HTTP/1.1
Host: uploads-ssl.webflow.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://leakers.net
DNT: 1
Connection: keep-alive
Referer: https://assets-global.website-files.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/x-font-woff
content-length: 143592
date: Sat, 27 Apr 2024 20:20:13 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "895ddea987172f5a34a727cb0b559c9d"
x-amz-storage-class: INTELLIGENT_TIERING
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: 19UCvpBxRCJTNScbpbVmm85ZXPTWBQgc
accept-ranges: bytes
server: AmazonS3
via: 1.1 b301fa8d72072cc0289eb055d8389e68.cloudfront.net (CloudFront)
age: 5515724
x-cache: Hit from cloudfront
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: Aa72wum3BS0T3xNQ5FT7id-ppFzHh42GMiYj1exZfLWSvZcqhx2WWg==
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8ec_gg.png

13.33.141.39

200 OK

476 B

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8ec_gg.png
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced
Size
476 B (476 bytes)
Hash
1125e2bc9d07d617ec5590d7e025c6c5
0fe269e7515b6a201f3d4aeff468380f3166db89
7fba282ea2fd5b2d5b00323b2b03d8aff255c8244d3aa49ed988f4d24ea8112b

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8ec_gg.png HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/png
content-length: 476
date: Sat, 27 Apr 2024 11:17:34 GMT
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: "1125e2bc9d07d617ec5590d7e025c6c5"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: OBfNRGEnSLE9STFz4SGOYduNfVTlprXe
accept-ranges: bytes
server: AmazonS3
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 5548283
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 9HZsnHykhv_v8t84PRm9YvSMOoFywcsi6iagzO574Yu9WOuXYkn35g==
X-Firefox-Spdy: h2

GET cdn.sellix.io/static/css/embed.css

104.18.1.146

200 OK

294 B

URL GET HTTP/2
cdn.sellix.io/static/css/embed.css
IP
104.18.1.146:443
ASN
#13335 CLOUDFLARENET

Requested by
https://leakers.net/
Certificate
IssuerLet's Encrypt
Subjectcdn.sellix.io
FingerprintC1:48:A6:D0:6B:B5:AE:64:34:44:15:CD:85:F1:35:CC:94:05:49:DB
ValiditySun, 19 May 2024 20:44:31 GMT - Sat, 17 Aug 2024 20:44:30 GMT

File type
ASCII text, with no line terminators
Size
294 B (294 bytes)
Hash
2b1bbac5ec763b97f82d2995834d7589
5e1af714cd5ab0ea4c3228053d2e4f05afec4c0d
c8fa0c7e479b3864418662208ba0e8f7bf3494ff2cbe801d0c1332f560e793eb

HTTP Headers

GET /static/css/embed.css HTTP/1.1
Host: cdn.sellix.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 30 Jun 2024 16:28:57 GMT
content-type: text/css
cache-control: public, max-age=31536000
cf-bgj: minify
cf-polished: origSize=431
access-control-allow-origin: *
etag: W/"5f07213c-1af"
expires: Mon, 30 Jun 2025 16:28:57 GMT
last-modified: Thu, 09 Jul 2020 13:53:00 GMT
vary: Accept-Encoding
cf-cache-status: HIT
age: 3035674
set-cookie: __cf_bm=YWXR6Q3M9jBIT5lFBFc0g3gIJa7wxnBZoqw8DdhEP34-1719764937-1.0.1.1-j.O6eZCFCbKADkLmfx3eMW4CNha58u0nk.vn5BuimLY1mtq_jFQhuQIeEM50YDymUkaOkoVBQRojphrZPoGYsQ; path=/; expires=Sun, 30-Jun-24 16:58:57 GMT; domain=.sellix.io; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 89bf884819f892f1-CPH
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8bc_wifi.svg

13.33.141.39

200 OK

1.4 kB

URL GET HTTP/2
assets-global.website-files.com/65423581310e2018e009b88f/65423581310e2018e009b8bc_wifi.svg
IP
13.33.141.39:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.website-files.com
Fingerprint67:3F:4A:7A:30:BF:BC:29:1A:5A:41:A8:54:BB:F4:4A:E7:ED:D9:CF
ValidityMon, 11 Sep 2023 00:00:00 GMT - Tue, 08 Oct 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image
Size
1.4 kB (1350 bytes)
Hash
a4ce988737c0e2c83a615aa9830199c3
175292ad0514b73d2ec40a72639b3b5288542422
c9df8274deeced4997c796962dc9a02f35536a424b28e85a76633caf013e86dc

HTTP Headers

GET /65423581310e2018e009b88f/65423581310e2018e009b8bc_wifi.svg HTTP/1.1
Host: assets-global.website-files.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: image/svg+xml
date: Mon, 11 Dec 2023 08:00:52 GMT
last-modified: Wed, 01 Nov 2023 11:24:50 GMT
etag: W/"a03553036f70c1ff6a970c6aa9deff31"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000, must-revalidate
x-amz-version-id: mqpwv15u1MfzaTZBJ1OoU1X21Cxxc1MH
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
via: 1.1 0561454d7fe07544e19cf11609a0f13a.cloudfront.net (CloudFront)
age: 17483286
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-C2
x-amz-cf-id: 1F1zgEDxBuJegQzReEPmDf0ZT3GA-krmpwdm6UcAFT7otRxbP15F-g==
X-Firefox-Spdy: h2

GET d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65423581310e2018e009b88f

18.173.1.220

200 OK

90 kB

URL GET HTTP/2
d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=65423581310e2018e009b88f
IP
18.173.1.220:443
ASN
#16509 AMAZON-02

Requested by
https://leakers.net/
Certificate
IssuerAmazon
Subject*.cloudfront.net
FingerprintFA:21:45:DC:4D:94:03:A3:09:77:51:78:4A:21:F2:C5:6D:94:BE:52
ValidityTue, 10 Oct 2023 00:00:00 GMT - Thu, 19 Sep 2024 23:59:59 GMT

File type
JavaScript source, ASCII text, with very long lines (65451)
Size
90 kB (89476 bytes)
Hash
dc5e7f18c8d36ac1d3d4753a87c98d0a
c8e1c8b386dc5b7a9184c763c88d19a346eb3342
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

HTTP Headers

GET /js/jquery-3.5.1.min.dc5e7f18c8.js?site=65423581310e2018e009b88f HTTP/1.1
Host: d3e54v103j8qbb.cloudfront.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://leakers.net
DNT: 1
Connection: keep-alive
Referer: https://leakers.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 20 Jul 2020 17:53:02 GMT
server: AmazonS3
content-encoding: br
date: Sat, 29 Jun 2024 22:44:35 GMT
cache-control: max-age=84600, must-revalidate
etag: W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
vary: Accept-Encoding
via: 1.1 74b9d3168ead0de51d41113665a53160.cloudfront.net (CloudFront)
age: 63862
x-cache: Hit from cloudfront
x-amz-cf-pop: CPH50-P1
x-amz-cf-id: GoQaRwqPNq_dHM2SUUKakkDg9HHErqTPo2xZrCVEpFGKGjM2gRh0wg==
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (30)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations

Hash

Observations