Report - leaktape.com

Report Overview

Visited public
2025-05-10 16:59:32
Tags
URL
leaktape.com
Finishing URL
www.leaktape.com/
IP / ASN
172.67.205.116
#13335 CLOUDFLARENET
Title
BanFlix - Unscripted Scandal Amateur Porn. Incest, Rape & more

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.googleapis.com	8877	2005-01-25	2012-05-23	2025-05-07	2.7 kB	12 kB	142.250.178.106
static.bookmsg.com	47495	2020-09-15	2020-11-24	2025-05-09	985 B	2.3 kB	45.133.44.24
accounts.google.com	81	1997-09-15	2012-05-23	2025-05-07	1.8 kB	6.7 kB	173.194.73.84
storage.multstorage.com	unknown	2023-09-22	2023-09-22	2025-05-08	540 B	1.6 kB	104.21.30.242
fp.metricswpsh.com	unknown	2021-10-29	2022-04-22	2025-05-08	1.1 kB	825 B	157.90.84.242
na.nawpush.com	38563	2020-12-21	2020-12-23	2025-05-09	484 B	2.8 kB	45.133.44.24
www.leaktape.com	unknown	2022-06-25	2022-06-26	2025-04-21	2.0 kB	132 kB	104.21.52.236
onclckip.com	unknown	2023-11-28	2024-01-03	2025-05-03	611 B	322 B	116.202.249.56
s3t3d2y9.afcdn.net	unknown	2022-06-27	2025-05-07	2025-05-07	452 B	12 kB	95.173.205.14
i.postimg.cc	23840	2016-06-11	2018-04-11	2025-05-07	443 B	27 kB	46.105.222.161
cdn.tailwindcss.com	422202	2017-07-20	2018-07-09	2025-05-10	824 B	815 kB	172.67.41.16
renamereptiliantrance.com	unknown	2025-03-12	2025-04-21	2025-04-21	3.6 kB	161 kB	94.242.247.35
5cb5ab828f.f5e52969d7.com	unknown	2025-04-10	2025-05-10	2025-05-10	2.4 kB	1.0 MB	45.133.44.53
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-05-07	1.0 kB	208 kB	104.16.174.226
elites-womanflirting.com	unknown	2024-12-13	2025-04-21	2025-04-21	428 B	1.7 kB	185.155.184.44
code.jquery.com	634	2005-12-10	2012-05-21	2025-05-07	451 B	286 kB	151.101.194.137
js.capndr.com	316718	2021-08-30	2021-08-30	2025-05-08	417 B	399 B	45.133.44.53
s.optvz.com	unknown	2020-03-25	2024-10-14	2025-05-09	1.5 kB	12 kB	95.211.229.246
onclckinp.com	unknown	2023-11-28	2024-01-03	2025-05-03	9.4 kB	60 kB	116.202.249.56
nereserv.com	40015	2020-12-21	2020-12-21	2025-05-09	1.1 kB	644 B	94.130.198.6
static.cloudflareinsights.com	1294	2019-08-30	2019-09-24	2025-05-07	510 B	20 kB	104.16.79.73
8e688aab72.d162882c98.com	unknown	2025-04-10	2025-05-10	2025-05-10	847 B	345 B	45.133.44.53
bid.onclckpop.com	unknown	2023-11-28	2023-12-14	2025-05-09	504 B	7.1 kB	94.130.197.240
fonts.gstatic.com	unknown	2008-02-11	2014-04-02	2025-05-07	1.6 kB	58 kB	142.250.178.99
js.wpadmngr.com	25762	2021-06-02	2021-06-02	2025-05-09	850 B	127 kB	45.133.44.52
leaktape.com	unknown	2022-06-25	2022-06-26	2025-04-21	481 B	95 kB	104.21.52.236

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-05-10	medium	f5e52969d7.com	Sinkholed
2025-05-10	medium	d162882c98.com	Sinkholed
2025-05-10	medium	f5e52969d7.com	Sinkholed
2025-05-10	medium	elites-womanflirting.com	Sinkholed
2025-05-10	medium	f5e52969d7.com	Sinkholed
2025-05-10	medium	f5e52969d7.com	Sinkholed
2025-05-10	medium	f5e52969d7.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (18)

	URL	From	Size	First Seen	Last Seen
	cdn.tailwindcss.com/	ScriptElement	407 kB	2024-12-07	2025-05-14
Pretty URL cdn.tailwindcss.com/ IP 172.67.41.16 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-07 03:18 Last Seen2025-05-14 03:44 Times Seen1797 Hash 2697bf25afb0982dfa17c73536f934c1 7d7db122d0639cd1f1a53eb6018d6d713d312679 fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea Loading...

	www.leaktape.com/	ScriptElement	6.5 kB	2025-05-10	2025-05-10
Pretty URL www.leaktape.com/ IP 104.21.52.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 17:03 Times Seen2 Hash e2cd9d76c6d4dfbf5c70d83364bb2c26 c882a0ae934fd8403818add8484043aa6f6fa66b 314b6a9bfca34425f21d5ecc6fd46d97913070261412a12eae15db103c144e0a Loading...

	storage.multstorage.com/log/count.html	ScriptElement	693 B	2025-03-03	2025-05-14
Pretty URL storage.multstorage.com/log/count.html IP 104.21.30.242 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-03-03 17:07 Last Seen2025-05-14 00:26 Times Seen1995 Hash 16e1f9022fa537a6a2ec170949397376 341d27b7ac1bb5f22f032ab4c14f7589e452bea9 440204bc5125e5ffb0fa553c188a3640f1d0f6779bd0a11076133b1d20f1926b Loading...

	static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015	ScriptElement	20 kB	2024-06-07	2025-05-14
Pretty URL static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 IP 104.16.79.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-06-07 09:21 Last Seen2025-05-14 04:45 Times Seen50143 Hash ec18af6d41f6f278b6aed3bdabffa7bc 62c9e2cab76b888829f3c5335e91c320b22329ae 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Loading...

	5cb5ab828f.f5e52969d7.com/f44ead0e3fb415db18cfee67af1413b6.js	ScriptElement	124 kB	2025-04-18	2025-05-13
Pretty URL 5cb5ab828f.f5e52969d7.com/f44ead0e3fb415db18cfee67af1413b6.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-18 10:43 Last Seen2025-05-13 18:18 Times Seen152 Hash d4509232ee9a95dc5431a18b2069468d b0e22da458b657fbe8caa54b0124a64698bdf36b fb472b8299627873a3a0d4a9c26703190f8346ba23e173b00fef456d1b7ff8a7 Loading...

	elites-womanflirting.com/js/popunder.js	ScriptElement	812 B	2023-03-07	2025-05-11
Pretty URL elites-womanflirting.com/js/popunder.js IP 185.155.184.44 ASN #6898 AS5398 SA Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:09 Last Seen2025-05-11 05:55 Times Seen186 Hash 1112c3e266341e6062a9ba705458138a 5d135d537aea600ccfe8f5a9d5ad999ecf8ae97a e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa Loading...

	renamereptiliantrance.com/aas/r45d/vki/2000378/84717108.js	ScriptElement	153 kB	2025-05-10	2025-05-10
Pretty URL renamereptiliantrance.com/aas/r45d/vki/2000378/84717108.js IP 94.242.247.35 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 17:03 Times Seen2 Hash 067b8b07ae37c780342fd968214e1ad3 e0350e08930a22b3e98fb7baf6f33983d226e90f cb0f12817dfd5613a21cad35abbdea648a1a0a3fc7ce3a2d48de7a9427c26eef Loading...

	js.wpadmngr.com/static/adManager.m.js	ScriptElement	124 kB	2025-04-18	2025-05-13
Pretty URL js.wpadmngr.com/static/adManager.m.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-18 10:43 Last Seen2025-05-13 18:18 Times Seen152 Hash d4509232ee9a95dc5431a18b2069468d b0e22da458b657fbe8caa54b0124a64698bdf36b fb472b8299627873a3a0d4a9c26703190f8346ba23e173b00fef456d1b7ff8a7 Loading...

	5cb5ab828f.f5e52969d7.com/51408888d1820b5948457e2c082269a6.js	ScriptElement	206 kB	2025-05-07	2025-05-13
Pretty URL 5cb5ab828f.f5e52969d7.com/51408888d1820b5948457e2c082269a6.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-07 07:37 Last Seen2025-05-13 08:01 Times Seen44 Hash eb6aea211d5871efd91f116252d04244 3762b5a1bfd2aefece6e7ba5b3259f998cb52346 b4568b829dbd869a7bd40a2ac28a48037ee13fd5983a18903dad7782244ade54 Loading...

	www.leaktape.com/	ScriptElement	6.4 kB	2025-05-10	2025-05-10
Pretty URL www.leaktape.com/ IP 104.21.52.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 17:03 Times Seen2 Hash 954c856c0fddd78f917b810f7bbcad04 43602f9bbdbc17cd85fd3d60e31712c27e7bfe1a 956bc9a228d88e4b1c7eb2be1d72b5da9e557443190ebd12d50d09ad92a135af Loading...

	www.leaktape.com/	ScriptElement	57 B	2025-05-10	2025-05-10
Pretty URL www.leaktape.com/ IP 104.21.52.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 84da2e3dd915400e4e9c8f6e95711289 7576c1f83b94e6ccd27620869a2708e1dff58760 90c4769f7f2b3e23380b54a1fb45b088fbac26808a18a638421957a95e68592a Loading...

	js.wpadmngr.com/static/adManager.js	ScriptElement	1.7 kB	2024-04-09	2025-05-13
Pretty URL js.wpadmngr.com/static/adManager.js IP 45.133.44.52 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-09 16:57 Last Seen2025-05-13 18:18 Times Seen3320 Hash 1e936cad37e18ba5bc2f07acd57447d6 f55969248208bb6871e28b9478761ffb25207c35 e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8 Loading...

	renamereptiliantrance.com/get/2000378?zoneid=2000378&jp=_clwwcmkgkcabosttxfnmyr&dr=49&nojs=0&abvar=0&febuild=1.0.541&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=5jdyNIsLJZpiDVI9zBd4zUHg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=79Y60H3aHR0cHM6Ly93d3cubGVha3RhcGUuY29tLw&afid=7995783947553792&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&uf=0	ScriptElement	3.3 kB	2025-05-10	2025-05-10
Pretty URL renamereptiliantrance.com/get/2000378?zoneid=2000378&jp=_clwwcmkgkcabosttxfnmyr&dr=49&nojs=0&abvar=0&febuild=1.0.541&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=5jdyNIsLJZpiDVI9zBd4zUHg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=79Y60H3aHR0cHM6Ly93d3cubGVha3RhcGUuY29tLw&afid=7995783947553792&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&uf=0 IP 94.242.247.35 ASN #7979 SERVERS-COM Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-10 16:59 Last Seen2025-05-10 16:59 Times Seen1 Hash 2f84c469dc3f2005a7592c734e3ba0ac 7abc6ffca25e3f3b9aab14895c0b64bd4ab330a0 e87277fadb30b86510edaacaf55d91686cdbbceb54ece45db8b594b709c51ac6 Loading...

	5cb5ab828f.f5e52969d7.com/800ade0f04b1b1649b32cfe38f4f8e45.js	ScriptElement	115 kB	2025-05-09	2025-05-14
Pretty URL 5cb5ab828f.f5e52969d7.com/800ade0f04b1b1649b32cfe38f4f8e45.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-05-09 12:49 Last Seen2025-05-14 00:26 Times Seen17 Hash 8db5617c1644c2c95102c8438e81a6c2 b160d22d8f91851cbbfda90187c2b168b7f8c2b9 7c9210b93a73ed7e163295764fee5f417240b63272c4721259f3d832886252eb Loading...

	5cb5ab828f.f5e52969d7.com/c2430929551194bda84ad6487085224c.js	ScriptElement	562 kB	2025-04-28	2025-05-14
Pretty URL 5cb5ab828f.f5e52969d7.com/c2430929551194bda84ad6487085224c.js IP 45.133.44.53 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2025-04-28 22:49 Last Seen2025-05-14 00:26 Times Seen59 Hash f9bb8f785f473be065ed7dd43597ee81 4eb68caba6dfb87f504adb36234bed2e1947fe0e d91a99d6e095ec295badd90e1bfb73366bbdb749b90061d8d44246709a138624 Loading...

	www.leaktape.com/	ScriptElement	251 B	2024-01-26	2025-05-10
Pretty URL www.leaktape.com/ IP 104.21.52.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 19:51 Last Seen2025-05-10 17:03 Times Seen4 Hash 3d5434f243a622be6ee31c43cae056b0 24a6018147ae2c17791acd00b221a0e96e012cab 0710b77bfe14cc23e215130fbfb4c0b8e40909898ea3ea6a2ebc2c78f3b90e5c Loading...

	www.leaktape.com/	ScriptElement	109 B	2024-01-26	2025-05-10
Pretty URL www.leaktape.com/ IP 104.21.52.236 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-01-26 19:51 Last Seen2025-05-10 17:03 Times Seen85 Hash abd3eda1d5f4b0fe7f9c99f43eb150b1 284cfcd4d397568f57e7119072af359d0e9690a0 fa9aeea174a0931635c6509c1484d92671e2adbd83146b79ddce59040cc32760 Loading...

	code.jquery.com/jquery-3.7.1.js	ScriptElement	285 kB	2023-09-15	2025-05-13
Pretty URL code.jquery.com/jquery-3.7.1.js IP 151.101.194.137 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-15 16:51 Last Seen2025-05-13 15:15 Times Seen1946 Hash 12e87d2f3a4c8b347ab13a0764d420a3 4be715e11048c057fdf2ee0fbbfad4dbf3504c55 78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe Loading...

HTTP Transactions (55)

URL IP Response Size

onclckip.com/in/dip?site=native-push&wl=1&event_id=ce4f9a79-c1e9-46c9-91bd-fec859fb5681&subid=1413013301&sid=2001760978&spot_id=6048361&created_at=2025-05-10&timezone=0&ver=8.225.1&is_native=1

116.202.249.56

200 OK

0 B

URL GET
onclckip.com/in/dip?site=native-push&wl=1&event_id=ce4f9a79-c1e9-46c9-91bd-fec859fb5681&subid=1413013301&sid=2001760978&spot_id=6048361&created_at=2025-05-10&timezone=0&ver=8.225.1&is_native=1
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?site=native-push&wl=1&event_id=ce4f9a79-c1e9-46c9-91bd-fec859fb5681&subid=1413013301&sid=2001760978&spot_id=6048361&created_at=2025-05-10&timezone=0&ver=8.225.1&is_native=1 HTTP/1.1
Host: onclckip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 10 May 2025 16:59:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

leaktape.com/

104.21.52.236

301 Moved Permanently

94 kB

URL User Request GET
leaktape.com/
IP
104.21.52.236:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectleaktape.com
FingerprintAC:0A:59:38:68:93:5C:87:C4:65:B7:DC:49:94:04:9F:7A:0A:AC:CE
ValidityMon, 21 Apr 2025 12:19:40 GMT - Sun, 20 Jul 2025 13:17:12 GMT

File type

Size
94 kB (93793 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: leaktape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 10 May 2025 16:59:10 GMT
content-type: text/html
location: https://www.leaktape.com/
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93dafc4e981462e4-HAM
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UB6%2FUPx4EH7GD5LomgKDlQ8xhahf0RO8bns6nIT0py%2BPthM4CPbciPDeLdKvTkYfCeH5H764w%2BweL0lyFhA2dXF70cad5YZE7wSXSUjdobWeRu87VE67I2th67DYdNo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=14642&min_rtt=14587&rtt_var=2401&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3179&recv_bytes=1123&delivery_rate=295088&cwnd=253&unsent_bytes=0&cid=81c9a7f2968c1f0d&ts=352&x=0"
X-Firefox-Spdy: h2

renamereptiliantrance.com/aas/r45d/vki/2000378/84717108.js

94.242.247.35

200 OK

153 kB

URL GET
renamereptiliantrance.com/aas/r45d/vki/2000378/84717108.js
IP
94.242.247.35:443
ASN
#7979 SERVERS-COM

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectrenamereptiliantrance.com
FingerprintC5:24:B1:2C:AE:4F:4C:18:19:12:4B:73:29:C6:20:12:CF:37:4B:FA
ValidityWed, 12 Mar 2025 15:15:23 GMT - Tue, 10 Jun 2025 15:15:22 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
153 kB (153167 bytes)
Hash
067b8b07ae37c780342fd968214e1ad3
e0350e08930a22b3e98fb7baf6f33983d226e90f
cb0f12817dfd5613a21cad35abbdea648a1a0a3fc7ce3a2d48de7a9427c26eef

HTTP Headers

GET /aas/r45d/vki/2000378/84717108.js HTTP/1.1
Host: renamereptiliantrance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:16 GMT
content-type: application/javascript; charset=utf-8
last-modified: Mon, 05 May 2025 08:59:21 GMT
vary: Accept-Encoding
etag: W/"68187de9-256f7"
x-js-ab2: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

nereserv.com/in/dip?event_id=af6b3cae-7f1b-4358-a61a-4ca90e822808&subid=1414531219&spot_id=6048362&created_at=2025-05-10&timezone=0&ver=1.162.0

94.130.198.6

200 OK

0 B

URL GET
nereserv.com/in/dip?event_id=af6b3cae-7f1b-4358-a61a-4ca90e822808&subid=1414531219&spot_id=6048362&created_at=2025-05-10&timezone=0&ver=1.162.0
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=af6b3cae-7f1b-4358-a61a-4ca90e822808&subid=1414531219&spot_id=6048362&created_at=2025-05-10&timezone=0&ver=1.162.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 10 May 2025 16:59:25 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Alatsi&display=swap

142.250.178.106

200 OK

1.5 kB

URL GET
fonts.googleapis.com/css2?family=Alatsi&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
1.5 kB (1532 bytes)
Hash
7baa19e1ab795f579416510213060647
8cc1303d96558aace1de785b3735c8ca848db364
2eb665ece2f7d0aa0fa8d9baec45906c7a8c1636c3ea1094ac269386b286bb8d

HTTP Headers

GET /css2?family=Alatsi&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 May 2025 16:59:17 GMT
date: Sat, 10 May 2025 16:59:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp

45.133.44.24

200 OK

486 B

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint46:49:C4:E5:B9:C8:3E:19:BB:32:C2:7C:3D:22:F3:C4:80:2D:EB:DE
ValidityMon, 31 Mar 2025 02:32:21 GMT - Sun, 29 Jun 2025 02:32:20 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 100x100, Scaling: [none]x[none], YUV color, decoders should clamp
Size
486 B (486 bytes)
Hash
ceeb4e8840c24621c0e0352b42b38a5b
03cbceb0134a39267014595938705e2916580644
50cb77ae9715629235f102dd53a68559df1b64416f71179dbb4aa942725790b3

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790_icon.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:20 GMT
content-type: image/webp
content-length: 486
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-1e6"
expires: Sun, 10 May 2026 16:59:20 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp

45.133.44.24

200 OK

1.1 kB

URL GET
static.bookmsg.com/creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectstatic.bookmsg.com
Fingerprint46:49:C4:E5:B9:C8:3E:19:BB:32:C2:7C:3D:22:F3:C4:80:2D:EB:DE
ValidityMon, 31 Mar 2025 02:32:21 GMT - Sun, 29 Jun 2025 02:32:20 GMT

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 360x240, Scaling: [none]x[none], YUV color, decoders should clamp
Size
1.1 kB (1066 bytes)
Hash
2a11e13b2bd67bb9a6cb347d7c73df13
b85460a33f9b229f42c08a6a94ae433a4d5c32ab
1d0d6b5176d6a48b3042a107f929bbfcefd4a057273ac488bbb7f7affd909b56

HTTP Headers

GET /creatives/SG/SG_083be47dfc3e28c9a68305b76181a5033bc45790.webp HTTP/1.1
Host: static.bookmsg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:20 GMT
content-type: image/webp
content-length: 1066
server: nginx/1.24.0
last-modified: Fri, 31 May 2024 10:56:43 GMT
etag: "6659aceb-42a"
expires: Sun, 10 May 2026 16:59:20 GMT
cache-control: max-age=31536000
x-cdn-host-id: ds5058
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

onclckinp.com/in/show/?tag_ab=c&site_id=316048361&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.leaktape.com%2F&refdom=www.leaktape.com&auction_time=1746896360&subid=1413013301&sid=2001760978&tcid=0&ver=8.225.1&ver_c=&spot_id=6048361&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-05-10&iabcat=IAB25-3&user_fp=806881371544743028&score=83.73806651471521&kubik_score=90.28105991301206&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1413013301%26spot_id%3D6048361%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.leaktape.com%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=865890_96489542&crtid=492d3e8c7dae0a2eb3ae43dfc985659c&url=https%3A%2F%2Fs.optvz.com%2Fclick.php%3Fd%3DH4sIAAAAAAAAA01Qy07EMAz8lVy4VknsJPWRCxckkFb8QJzHUmi3aJuFRfLHkyJAeGxpLI9t2d5hAG9FD16eW3vbbuD2xt5156kN82cnOB3ezZMT0WIC.pE8eC3LJ095mFYhM5Ae0A7GoZDHkRxacYDgyQoFETQCglp2GLLXHmI6JKdaqoVq0KPxGIljZMJcYCQMNYjtY1Aqk9fJYtJjSaZWH8YcbILROYKI3EdpmUt8bfGtDGldekoEzovVDsCK4ukYt03xesrxWNRxPRcVl9jK5ayWaa4q5svcFPOH4nn9eFlZcd4W1Uo5bapc27ksRU2nVLam5HvfDjAIth_7y1D2J1ktP_Ud.MfG7z6xKAD7J_ZEHh4P_8T_2uCP7sJ9x7nxUK5rmqf0.nNlt3dD8ngvhjXliqOpFLg4HXUoQDlx4JR04i8dt0pU6AEAAA--%26cb%3De2e_681f85e844cae9.20587731&icons=DPI-LG2IIcwGm0kBSVQc_tg-8U8kaFGCY2rhZDHUjYDAf9ghilx9T4o0g3DuffptpEgdoNixT5aVLSbV_Ulw2w66XZJ8CyaF5yjTEAK1aHIJ6z3LtjP3rWLOAVdsWtREKntNwG0zqgIEeM84SA83aCIgKDrB_FIvVF_zf4QrfP_AuEX6na5kcxmK-0as4bk4N1Y2phgxqppbgFczacF3tycj_EjA_9_hqE49j_tAQMUwWPXAgrXR30gMWL3tXYw6ByCOEt6toUDbfXYGkZaJyumKnyXzCdCluitH3ebLxrOXoZapLA2ya33AsJ1Pi96o6wzGdj5H1ARgr2mQ4xD6LJCI6_6KZs2vf1wSD7yKD1k2uMDxtQeWk4rKdZAbBfOaNJbmEYEwOyuiOkVxfm8r3s5fZSl8zq2O-BN3sIyAWpFhPOuPG5w5BXaFZ6N0_p3G3Zzv71Pxb7UsrixqoQgf0o_MJikDcs4sX8Z5EXpSoIdqAMe_TxhRdadlNK5UoNA4lfKiksy9SJ4uiIHU0PRI5z1YAGukTNb_kFlI93reS44A1unY5-5PppcItFqjB3lmBX2V5OXIUZ7dcnnPoWYgJlZCC8pH4DyY4xmQmFs1t59iCfIZm2Ow5S2RY9uVC_4wfxw5nJqotW24GnfDheh8VGgpTxO2VKF3W65VBWxRDW6-Vw-G2WvNihkQaImSzuFD7Tu8150JbAg7yjfyepN42FNIyqNCFyJrblG4VlUsroA2jl-nQcuASscWR2nznkv6Rl19wQgpKNIv_-TGupl0t-0qJi2uq_thpiSttYALeYLYyKAMzxZaHX0ahirSpd8GFxi0ZIMT8tDwZyyWQXWWZ9kP1E07pcVNptVQPkhcDvVIVG82A29V-MHleUdt61KVIcSaLBtANGrHWzdczR37j3ra-zV3VocxKX9LUAaieMW7p_vZwVKVt0SxEU94OPqawJk7qjBnMHufXetuUX-P3-83kbicWaBHinm40o1KJ61uhazNmIVWM5h896YVCDdIh-zJj4ljeyZQAGFlv_C9-F7H40mbQra_HaitVYU7hFXzG2uixXu3y5x1w9q10OXcylAE8rwpsHS1i95EDUBs161j4lK7GfYNuY5cxq2STiFoopUPgqi85s50ZvdiFEsxRoB4pv6iKDphaKA8ARSGp2ZSB5WpgIhZXU7SSx_1K9XzWHetOJSIFEJJD7IBjNlNbTul4VVDmNb0q0jBhPrXoPBRqRimZrWp_dFOBqfhfdzu_9qAKrfafqIAkZTczfAqUC9HEbG-pyRTLVheaHDyLhJPV73HDGCDHYeN_J5WnPbAHmio_jh1giq--4dTAa2UOjq5W44Ogblenk3VQ79GFGUEAKxA0M8yYix6cybkPwtj5IFYCdmS1g0H93ur7EfV8XnTBGHdCfUnsYZ_wrClCJg1GMXooyNlXKdD7f_Q31PwKQ2V64lP_Sfi71HHpUJQJf1X5I6-2MvU_4xz9nue8pTtJc43ZvlVYVmHZUX7C0AvaudlAMIcOnwzGsNndpiDs0UkOIIXXgDd&ext_cid=6547362&px_id=736048361&min_cpm=0.0006003119561835885&out_id=0&campaign_type=hq&aid=120&cid=18641&uniq=&mid=1243024059449524833&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.004083659970760356&cpm=0.0042&verify_hash=4b352de8742032e4276a20e5f0cde5bf&verify_hash_v2=f85bb09953d28b6eefaa08c5ddca60b1c47306d8a907440b6375bebaaef85cc6&is_native=1&real_bid=0.004083659970760356&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=98,129,148,5,4,90,95&need_redirect_show=0&applied_features=main-skins-settings,coef_095&show_count=1&expiration_timestamp=1746982760&image_url=&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=6547362&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=basic&script_type=antiadblock&tma_wallet_balance=0&processed_keywords=bigass%2Cbondage%2Cgore%2Camateur%2Cmilf%2Cadult%2Cbbw%2Cblowjob%2Cbdsm%2Cteens%2Cextreme%2Cincest&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.05&cpa=731669cf-07fe-4156-bff2-6089fce5046e&prev_step_diff=616

116.202.249.56

200 OK

0 B

URL GET
onclckinp.com/in/show/?tag_ab=c&site_id=316048361&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.leaktape.com%2F&refdom=www.leaktape.com&auction_time=1746896360&subid=1413013301&sid=2001760978&tcid=0&ver=8.225.1&ver_c=&spot_id=6048361&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-05-10&iabcat=IAB25-3&user_fp=806881371544743028&score=83.73806651471521&kubik_score=90.28105991301206&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1413013301%26spot_id%3D6048361%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.leaktape.com%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=865890_96489542&crtid=492d3e8c7dae0a2eb3ae43dfc985659c&url=https%3A%2F%2Fs.optvz.com%2Fclick.php%3Fd%3DH4sIAAAAAAAAA01Qy07EMAz8lVy4VknsJPWRCxckkFb8QJzHUmi3aJuFRfLHkyJAeGxpLI9t2d5hAG9FD16eW3vbbuD2xt5156kN82cnOB3ezZMT0WIC.pE8eC3LJ095mFYhM5Ae0A7GoZDHkRxacYDgyQoFETQCglp2GLLXHmI6JKdaqoVq0KPxGIljZMJcYCQMNYjtY1Aqk9fJYtJjSaZWH8YcbILROYKI3EdpmUt8bfGtDGldekoEzovVDsCK4ukYt03xesrxWNRxPRcVl9jK5ayWaa4q5svcFPOH4nn9eFlZcd4W1Uo5bapc27ksRU2nVLam5HvfDjAIth_7y1D2J1ktP_Ud.MfG7z6xKAD7J_ZEHh4P_8T_2uCP7sJ9x7nxUK5rmqf0.nNlt3dD8ngvhjXliqOpFLg4HXUoQDlx4JR04i8dt0pU6AEAAA--%26cb%3De2e_681f85e844cae9.20587731&icons=DPI-LG2IIcwGm0kBSVQc_tg-8U8kaFGCY2rhZDHUjYDAf9ghilx9T4o0g3DuffptpEgdoNixT5aVLSbV_Ulw2w66XZJ8CyaF5yjTEAK1aHIJ6z3LtjP3rWLOAVdsWtREKntNwG0zqgIEeM84SA83aCIgKDrB_FIvVF_zf4QrfP_AuEX6na5kcxmK-0as4bk4N1Y2phgxqppbgFczacF3tycj_EjA_9_hqE49j_tAQMUwWPXAgrXR30gMWL3tXYw6ByCOEt6toUDbfXYGkZaJyumKnyXzCdCluitH3ebLxrOXoZapLA2ya33AsJ1Pi96o6wzGdj5H1ARgr2mQ4xD6LJCI6_6KZs2vf1wSD7yKD1k2uMDxtQeWk4rKdZAbBfOaNJbmEYEwOyuiOkVxfm8r3s5fZSl8zq2O-BN3sIyAWpFhPOuPG5w5BXaFZ6N0_p3G3Zzv71Pxb7UsrixqoQgf0o_MJikDcs4sX8Z5EXpSoIdqAMe_TxhRdadlNK5UoNA4lfKiksy9SJ4uiIHU0PRI5z1YAGukTNb_kFlI93reS44A1unY5-5PppcItFqjB3lmBX2V5OXIUZ7dcnnPoWYgJlZCC8pH4DyY4xmQmFs1t59iCfIZm2Ow5S2RY9uVC_4wfxw5nJqotW24GnfDheh8VGgpTxO2VKF3W65VBWxRDW6-Vw-G2WvNihkQaImSzuFD7Tu8150JbAg7yjfyepN42FNIyqNCFyJrblG4VlUsroA2jl-nQcuASscWR2nznkv6Rl19wQgpKNIv_-TGupl0t-0qJi2uq_thpiSttYALeYLYyKAMzxZaHX0ahirSpd8GFxi0ZIMT8tDwZyyWQXWWZ9kP1E07pcVNptVQPkhcDvVIVG82A29V-MHleUdt61KVIcSaLBtANGrHWzdczR37j3ra-zV3VocxKX9LUAaieMW7p_vZwVKVt0SxEU94OPqawJk7qjBnMHufXetuUX-P3-83kbicWaBHinm40o1KJ61uhazNmIVWM5h896YVCDdIh-zJj4ljeyZQAGFlv_C9-F7H40mbQra_HaitVYU7hFXzG2uixXu3y5x1w9q10OXcylAE8rwpsHS1i95EDUBs161j4lK7GfYNuY5cxq2STiFoopUPgqi85s50ZvdiFEsxRoB4pv6iKDphaKA8ARSGp2ZSB5WpgIhZXU7SSx_1K9XzWHetOJSIFEJJD7IBjNlNbTul4VVDmNb0q0jBhPrXoPBRqRimZrWp_dFOBqfhfdzu_9qAKrfafqIAkZTczfAqUC9HEbG-pyRTLVheaHDyLhJPV73HDGCDHYeN_J5WnPbAHmio_jh1giq--4dTAa2UOjq5W44Ogblenk3VQ79GFGUEAKxA0M8yYix6cybkPwtj5IFYCdmS1g0H93ur7EfV8XnTBGHdCfUnsYZ_wrClCJg1GMXooyNlXKdD7f_Q31PwKQ2V64lP_Sfi71HHpUJQJf1X5I6-2MvU_4xz9nue8pTtJc43ZvlVYVmHZUX7C0AvaudlAMIcOnwzGsNndpiDs0UkOIIXXgDd&ext_cid=6547362&px_id=736048361&min_cpm=0.0006003119561835885&out_id=0&campaign_type=hq&aid=120&cid=18641&uniq=&mid=1243024059449524833&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.004083659970760356&cpm=0.0042&verify_hash=4b352de8742032e4276a20e5f0cde5bf&verify_hash_v2=f85bb09953d28b6eefaa08c5ddca60b1c47306d8a907440b6375bebaaef85cc6&is_native=1&real_bid=0.004083659970760356&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=98,129,148,5,4,90,95&need_redirect_show=0&applied_features=main-skins-settings,coef_095&show_count=1&expiration_timestamp=1746982760&image_url=&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=6547362&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=basic&script_type=antiadblock&tma_wallet_balance=0&processed_keywords=bigass%2Cbondage%2Cgore%2Camateur%2Cmilf%2Cadult%2Cbbw%2Cblowjob%2Cbdsm%2Cteens%2Cextreme%2Cincest&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.05&cpa=731669cf-07fe-4156-bff2-6089fce5046e&prev_step_diff=616
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=316048361&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.leaktape.com%2F&refdom=www.leaktape.com&auction_time=1746896360&subid=1413013301&sid=2001760978&tcid=0&ver=8.225.1&ver_c=&spot_id=6048361&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-05-10&iabcat=IAB25-3&user_fp=806881371544743028&score=83.73806651471521&kubik_score=90.28105991301206&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1413013301%26spot_id%3D6048361%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.leaktape.com%252F%26idzone%3D0%26sid%3D1886&is_cpm=1&resp_type=&crid=865890_96489542&crtid=492d3e8c7dae0a2eb3ae43dfc985659c&url=https%3A%2F%2Fs.optvz.com%2Fclick.php%3Fd%3DH4sIAAAAAAAAA01Qy07EMAz8lVy4VknsJPWRCxckkFb8QJzHUmi3aJuFRfLHkyJAeGxpLI9t2d5hAG9FD16eW3vbbuD2xt5156kN82cnOB3ezZMT0WIC.pE8eC3LJ095mFYhM5Ae0A7GoZDHkRxacYDgyQoFETQCglp2GLLXHmI6JKdaqoVq0KPxGIljZMJcYCQMNYjtY1Aqk9fJYtJjSaZWH8YcbILROYKI3EdpmUt8bfGtDGldekoEzovVDsCK4ukYt03xesrxWNRxPRcVl9jK5ayWaa4q5svcFPOH4nn9eFlZcd4W1Uo5bapc27ksRU2nVLam5HvfDjAIth_7y1D2J1ktP_Ud.MfG7z6xKAD7J_ZEHh4P_8T_2uCP7sJ9x7nxUK5rmqf0.nNlt3dD8ngvhjXliqOpFLg4HXUoQDlx4JR04i8dt0pU6AEAAA--%26cb%3De2e_681f85e844cae9.20587731&icons=DPI-LG2IIcwGm0kBSVQc_tg-8U8kaFGCY2rhZDHUjYDAf9ghilx9T4o0g3DuffptpEgdoNixT5aVLSbV_Ulw2w66XZJ8CyaF5yjTEAK1aHIJ6z3LtjP3rWLOAVdsWtREKntNwG0zqgIEeM84SA83aCIgKDrB_FIvVF_zf4QrfP_AuEX6na5kcxmK-0as4bk4N1Y2phgxqppbgFczacF3tycj_EjA_9_hqE49j_tAQMUwWPXAgrXR30gMWL3tXYw6ByCOEt6toUDbfXYGkZaJyumKnyXzCdCluitH3ebLxrOXoZapLA2ya33AsJ1Pi96o6wzGdj5H1ARgr2mQ4xD6LJCI6_6KZs2vf1wSD7yKD1k2uMDxtQeWk4rKdZAbBfOaNJbmEYEwOyuiOkVxfm8r3s5fZSl8zq2O-BN3sIyAWpFhPOuPG5w5BXaFZ6N0_p3G3Zzv71Pxb7UsrixqoQgf0o_MJikDcs4sX8Z5EXpSoIdqAMe_TxhRdadlNK5UoNA4lfKiksy9SJ4uiIHU0PRI5z1YAGukTNb_kFlI93reS44A1unY5-5PppcItFqjB3lmBX2V5OXIUZ7dcnnPoWYgJlZCC8pH4DyY4xmQmFs1t59iCfIZm2Ow5S2RY9uVC_4wfxw5nJqotW24GnfDheh8VGgpTxO2VKF3W65VBWxRDW6-Vw-G2WvNihkQaImSzuFD7Tu8150JbAg7yjfyepN42FNIyqNCFyJrblG4VlUsroA2jl-nQcuASscWR2nznkv6Rl19wQgpKNIv_-TGupl0t-0qJi2uq_thpiSttYALeYLYyKAMzxZaHX0ahirSpd8GFxi0ZIMT8tDwZyyWQXWWZ9kP1E07pcVNptVQPkhcDvVIVG82A29V-MHleUdt61KVIcSaLBtANGrHWzdczR37j3ra-zV3VocxKX9LUAaieMW7p_vZwVKVt0SxEU94OPqawJk7qjBnMHufXetuUX-P3-83kbicWaBHinm40o1KJ61uhazNmIVWM5h896YVCDdIh-zJj4ljeyZQAGFlv_C9-F7H40mbQra_HaitVYU7hFXzG2uixXu3y5x1w9q10OXcylAE8rwpsHS1i95EDUBs161j4lK7GfYNuY5cxq2STiFoopUPgqi85s50ZvdiFEsxRoB4pv6iKDphaKA8ARSGp2ZSB5WpgIhZXU7SSx_1K9XzWHetOJSIFEJJD7IBjNlNbTul4VVDmNb0q0jBhPrXoPBRqRimZrWp_dFOBqfhfdzu_9qAKrfafqIAkZTczfAqUC9HEbG-pyRTLVheaHDyLhJPV73HDGCDHYeN_J5WnPbAHmio_jh1giq--4dTAa2UOjq5W44Ogblenk3VQ79GFGUEAKxA0M8yYix6cybkPwtj5IFYCdmS1g0H93ur7EfV8XnTBGHdCfUnsYZ_wrClCJg1GMXooyNlXKdD7f_Q31PwKQ2V64lP_Sfi71HHpUJQJf1X5I6-2MvU_4xz9nue8pTtJc43ZvlVYVmHZUX7C0AvaudlAMIcOnwzGsNndpiDs0UkOIIXXgDd&ext_cid=6547362&px_id=736048361&min_cpm=0.0006003119561835885&out_id=0&campaign_type=hq&aid=120&cid=18641&uniq=&mid=1243024059449524833&skin_id=71&vertical_id=5&skin_test=0&from_cache=0&ecpm=0.004083659970760356&cpm=0.0042&verify_hash=4b352de8742032e4276a20e5f0cde5bf&verify_hash_v2=f85bb09953d28b6eefaa08c5ddca60b1c47306d8a907440b6375bebaaef85cc6&is_native=1&real_bid=0.004083659970760356&original_bid_usd=0&original_bid=0&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=98,129,148,5,4,90,95&need_redirect_show=0&applied_features=main-skins-settings,coef_095&show_count=1&expiration_timestamp=1746982760&image_url=&site=native-push-adult&price=0&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0&ext_campaign_id_str=6547362&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=basic&script_type=antiadblock&tma_wallet_balance=0&processed_keywords=bigass%2Cbondage%2Cgore%2Camateur%2Cmilf%2Cadult%2Cbbw%2Cblowjob%2Cbdsm%2Cteens%2Cextreme%2Cincest&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&st=0.05&cpa=731669cf-07fe-4156-bff2-6089fce5046e&prev_step_diff=616 HTTP/1.1
Host: onclckinp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 10 May 2025 16:59:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

s3t3d2y9.afcdn.net/library/865890/13061f272d1c8fd5d4d362494376b09ec7102de3.jpg

95.173.205.14

200 OK

11 kB

URL GET
s3t3d2y9.afcdn.net/library/865890/13061f272d1c8fd5d4d362494376b09ec7102de3.jpg
IP
95.173.205.14:443
ASN
#60068 Datacamp Limited

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectafcdn.net
Fingerprint09:6B:0D:DC:68:0C:D9:4E:28:77:AF:B4:72:29:92:D2:61:5D:A8:D8
ValiditySat, 26 Apr 2025 10:22:13 GMT - Fri, 25 Jul 2025 10:22:12 GMT

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90", baseline, precision 8, 192x192, components 3
Size
11 kB (11064 bytes)
Hash
5f4a273f32563afc7381866cabcd0fcd
13061f272d1c8fd5d4d362494376b09ec7102de3
8d9bebd14b55c38197580a94916dc87c8f34d2db77a74e5fc54f5c1a3cd958b8

HTTP Headers

GET /library/865890/13061f272d1c8fd5d4d362494376b09ec7102de3.jpg HTTP/1.1
Host: s3t3d2y9.afcdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:21 GMT
content-type: image/jpeg
content-length: 11064
last-modified: Fri, 12 Apr 2024 18:06:17 GMT
etag: "66197819-2b38"
expires: Thu, 17 Jul 2025 20:06:57 GMT
cache-control: max-age=31536000
access-control-allow-origin: *
x-robots-tag: noindex, follow
x-77-nzt: EwwBX63NDQH3RPy5AAwBuUwKCQH3/wICAAwB1GY4EQG3RWLLAA
x-77-nzt-ray: 2a494a159a422e8a0e861f68c25e7f08
x-77-cache: HIT
x-77-age: 12188740
server: CDN77-Turbo
x-77-pop: osloNO
accept-ranges: bytes
X-Firefox-Spdy: h2

accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MgYYMqRGidlUF4XwvwCXeblhoje-7c8ozr1a80h6RghOLPQDEX6TgDi3U7EGIbmkW7W6ykRZg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S773633150%3A1746896364927520

173.194.73.84

403 Forbidden

0 B

URL GET
accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MgYYMqRGidlUF4XwvwCXeblhoje-7c8ozr1a80h6RghOLPQDEX6TgDi3U7EGIbmkW7W6ykRZg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S773633150%3A1746896364927520
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint59:74:47:4D:79:55:0E:D6:C9:C5:58:53:27:7B:B5:9B:F6:02:63:84
ValidityMon, 21 Apr 2025 08:42:44 GMT - Mon, 14 Jul 2025 08:42:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MgYYMqRGidlUF4XwvwCXeblhoje-7c8ozr1a80h6RghOLPQDEX6TgDi3U7EGIbmkW7W6ykRZg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S773633150%3A1746896364927520 HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 403 Forbidden
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:24 GMT
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
report-to: {"group":"AccountsSignInUi","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/AccountsSignInUi"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /v3/signin/_/AccountsSignInUi/cspreport, script-src 'nonce-dULWr4SMEW26KkcpWMEI4w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /v3/signin/_/AccountsSignInUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://support.google.com/inapp/ https://www.google.com/tools/feedback/ https://www.gstatic.com/inproduct_help/ https://www.gstatic.com/support/content/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/allowlist
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://ajax.googleapis.com/ajax/libs/jquery/3.6.4/jquery.min.js https://translate.google.com/translate_a/element.js https://www.google.com/recaptcha/api.js https://www.google.com/tools/feedback/load.js https://www.google.com/tools/feedback/open.js https://www.google.com/tools/feedback/open_to_help_guide_lazy.js https://www.google.com/tools/feedback/help_api.js https://www.gstatic.com/inproduct_help/service/lazy.min.js https://www.gstatic.com/inproduct_help/api/main.min.js https://www.gstatic.com/inproduct_help/chatsupport/chatsupport_button_v2.js https://www.gstatic.com/feedback/js/help/prod/service/lazy.min.js https://www.gstatic.com/uservoice/feedback/client/web/live/ https://www.google.com/tools/feedback/chat_load.js https://www.gstatic.com/uservoice/surveys/resources/prod/js/survey/ https://www.gstatic.com/feedback/js/ghelp/ https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.AccountsSignInUi.en.8x8cbXFxqmQ.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/ https://translate.googleapis.com/_/translate_http/_/js/ https://www.gstatic.com/recaptcha/releases/;report-uri /v3/signin/_/AccountsSignInUi/cspreport/fine-allowlist
cross-origin-opener-policy-report-only: same-origin; report-to="AccountsSignInUi"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

renamereptiliantrance.com/get/2000378?zoneid=2000378&jp=_clwwcmkgkcabosttxfnmyr&dr=49&nojs=0&abvar=0&febuild=1.0.541&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=5jdyNIsLJZpiDVI9zBd4zUHg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=79Y60H3aHR0cHM6Ly93d3cubGVha3RhcGUuY29tLw&afid=7995783947553792&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&uf=0

94.242.247.35

200 OK

3.3 kB

URL GET
renamereptiliantrance.com/get/2000378?zoneid=2000378&jp=_clwwcmkgkcabosttxfnmyr&dr=49&nojs=0&abvar=0&febuild=1.0.541&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=5jdyNIsLJZpiDVI9zBd4zUHg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=79Y60H3aHR0cHM6Ly93d3cubGVha3RhcGUuY29tLw&afid=7995783947553792&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&uf=0
IP
94.242.247.35:443
ASN
#7979 SERVERS-COM

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectrenamereptiliantrance.com
FingerprintC5:24:B1:2C:AE:4F:4C:18:19:12:4B:73:29:C6:20:12:CF:37:4B:FA
ValidityWed, 12 Mar 2025 15:15:23 GMT - Tue, 10 Jun 2025 15:15:22 GMT

File type
ASCII text, with very long lines (3286), with no line terminators
Size
3.3 kB (3286 bytes)
Hash
2f84c469dc3f2005a7592c734e3ba0ac
7abc6ffca25e3f3b9aab14895c0b64bd4ab330a0
e87277fadb30b86510edaacaf55d91686cdbbceb54ece45db8b594b709c51ac6

HTTP Headers

GET /get/2000378?zoneid=2000378&jp=_clwwcmkgkcabosttxfnmyr&dr=49&nojs=0&abvar=0&febuild=1.0.541&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=5jdyNIsLJZpiDVI9zBd4zUHg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=79Y60H3aHR0cHM6Ly93d3cubGVha3RhcGUuY29tLw&afid=7995783947553792&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5&uf=0 HTTP/1.1
Host: renamereptiliantrance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:17 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
x-route-id: config
set-cookie: CHCK=1; Path=/; Expires=Sat, 13 Jun 2026 16:59:17 GMT; Secure; SameSite=None
UID=250510115948cfad2a260d496c9a3437f542; Path=/; Expires=Sat, 13 Jun 2026 16:59:17 GMT; Secure; SameSite=None
content-encoding: gzip
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

storage.multstorage.com/log/count.html

104.21.30.242

200 OK

882 B

URL GET
storage.multstorage.com/log/count.html
IP
104.21.30.242:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectmultstorage.com
FingerprintAB:89:C2:3D:3B:E4:DD:0A:32:44:EC:41:65:9E:53:44:11:61:AB:F3
ValiditySun, 04 May 2025 05:28:22 GMT - Sat, 02 Aug 2025 06:26:59 GMT

File type
HTML document, ASCII text, with very long lines (700)
Size
882 B (882 bytes)
Hash
b728ca9cd183d1b7c3f72116b19b22a3
c1fd73f6b02cf00b8bc60b09cc99495e8494b739
8a7b1ca4bbf273b32ea865d4785a1944d1b2b133678d9b5fe7ee0406f6fd64b2

HTTP Headers

GET /log/count.html HTTP/1.1
Host: storage.multstorage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:19 GMT
content-type: text/html
server: cloudflare
last-modified: Mon, 18 Sep 2023 14:39:06 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hk1orHex50WWap9tNysgYQAse5u7peYLWAbThjY3jvr9CJ0f%2BOMOvbLCUqt6VnVRmYDCRc8RtOx0UqDXC9PQjZbla8zXkruZjc%2FcyUiSIyV7UlJIoDRq%2Bx8TZvhAbNuM6uDTgjgFJyPf7w%3D%3D"}]}
vary: Accept-Encoding
x-request-id: 70f9be8fbe3f6ce319857dc1100100de
cf-cache-status: DYNAMIC
content-encoding: br
cf-ray: 93dafc896ba262e4-HAM
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

5cb5ab828f.f5e52969d7.com/800ade0f04b1b1649b32cfe38f4f8e45.js

45.133.44.53

200 OK

115 kB

URL GET
5cb5ab828f.f5e52969d7.com/800ade0f04b1b1649b32cfe38f4f8e45.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subject5cb5ab828f.f5e52969d7.com
FingerprintEF:B8:F5:0C:4B:DC:86:4C:D9:CA:67:0B:B6:6D:09:ED:03:B3:7B:0C
ValidityWed, 07 May 2025 02:15:07 GMT - Tue, 05 Aug 2025 02:15:06 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
115 kB (115371 bytes)
Hash
8db5617c1644c2c95102c8438e81a6c2
b160d22d8f91851cbbfda90187c2b168b7f8c2b9
7c9210b93a73ed7e163295764fee5f417240b63272c4721259f3d832886252eb

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /800ade0f04b1b1649b32cfe38f4f8e45.js HTTP/1.1
Host: 5cb5ab828f.f5e52969d7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:19 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 06 May 2025 08:18:30 GMT
etag: W/"6819c5d6-1c2ab"
content-encoding: gzip
expires: Sat, 10 May 2025 17:04:19 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015

104.16.79.73

200 OK

20 kB

URL GET
static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015
IP
104.16.79.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectcloudflareinsights.com
FingerprintEA:C7:0D:68:3A:45:CB:AD:C5:33:41:B6:DF:F1:60:64:E1:0F:52:6A
ValiditySun, 27 Apr 2025 18:18:02 GMT - Sat, 26 Jul 2025 19:17:55 GMT

File type
JavaScript source, ASCII text, with very long lines (19948), with no line terminators
Size
20 kB (19948 bytes)
Hash
ec18af6d41f6f278b6aed3bdabffa7bc
62c9e2cab76b888829f3c5335e91c320b22329ae
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f

HTTP Headers

GET /beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 HTTP/1.1
Host: static.cloudflareinsights.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:16 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2024.6.1"
last-modified: Thu, 06 Jun 2024 15:52:56 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 93dafc75eb965693-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

renamereptiliantrance.com/solid.gif?z=2000378&nojs=0&abvar=0&febuild=1.0.541&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=5jdyNIsLJZpiDVI9zBd4zUHg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=79Y60H3aHR0cHM6Ly93d3cubGVha3RhcGUuY29tLw&afid=7995783947553792&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5

94.242.247.35

200 OK

43 B

URL POST
renamereptiliantrance.com/solid.gif?z=2000378&nojs=0&abvar=0&febuild=1.0.541&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=5jdyNIsLJZpiDVI9zBd4zUHg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=79Y60H3aHR0cHM6Ly93d3cubGVha3RhcGUuY29tLw&afid=7995783947553792&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5
IP
94.242.247.35:443
ASN
#7979 SERVERS-COM

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectrenamereptiliantrance.com
FingerprintC5:24:B1:2C:AE:4F:4C:18:19:12:4B:73:29:C6:20:12:CF:37:4B:FA
ValidityWed, 12 Mar 2025 15:15:23 GMT - Tue, 10 Jun 2025 15:15:22 GMT

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
28e463819a210071de3b45ebe7633613
6dccd571828ec0912629119cf7eabfea9f33ddbc
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

HTTP Headers

POST /solid.gif?z=2000378&nojs=0&abvar=0&febuild=1.0.541&t=0&wcks=1&wgl=1&cnvs=1&os=0&tz=UTC&ss=1&ls=1&bb=0&cti=0&fn=3&es=13&ge=2&th=5jdyNIsLJZpiDVI9zBd4zUHg&plu=PDF%20Viewer::Chrome%20PDF%20Viewer::Chromium%20PDF%20Viewer::Microsoft%20Edge%20PDF%20Viewer::WebKit%20built-in%20PDF&lang=en-US&pf=Linux%20x86_64&cd=24&vcv=Mesa&vcn=llvmpipe&ix=0&x=1280&y=1024&md=0&psu=79Y60H3aHR0cHM6Ly93d3cubGVha3RhcGUuY29tLw&afid=7995783947553792&eclog=0&snc=0&ssc=1&vp=0&dto=2&im=1&noch=1&de=0&cs=5 HTTP/1.1
Host: renamereptiliantrance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Cookie: cart=1; cart_p=2
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:17 GMT
content-type: image/gif
content-length: 43
x-route-id: stats.tag.loaded
set-cookie: UID=25051011598137d14f26724cffbf040b3b85; Path=/; Expires=Sat, 13 Jun 2026 16:59:17 GMT; Secure; SameSite=None
CHCK=1; Path=/; Expires=Sat, 13 Jun 2026 16:59:17 GMT; Secure; SameSite=None
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Oswald&display=swap

142.250.178.106

200 OK

1.9 kB

URL GET
fonts.googleapis.com/css2?family=Oswald&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
1.9 kB (1907 bytes)
Hash
cab717b9461cf89ec830378e8bd8635c
d238f9da6e9fe1b4a2181fa196e9f46532df0d57
cac8b9784ba1bb5d7a7b66f0cec55d996907b73ce993138ab998d8b05b11ffea

HTTP Headers

GET /css2?family=Oswald&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 May 2025 16:59:17 GMT
date: Sat, 10 May 2025 16:59:17 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

8e688aab72.d162882c98.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTEzMDgwMTk0NjU1NDMzNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEzOC4zIiwidGFnX2lkIjoyNjg1MDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40MiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==

45.133.44.53

200 OK

0 B

URL GET
8e688aab72.d162882c98.com/in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTEzMDgwMTk0NjU1NDMzNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEzOC4zIiwidGFnX2lkIjoyNjg1MDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40MiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ==
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subject8e688aab72.d162882c98.com
Fingerprint92:82:A6:7E:B5:00:E2:8B:C1:EC:8A:CC:BD:0A:DF:60:8E:7E:72:DF
ValidityWed, 07 May 2025 02:48:10 GMT - Tue, 05 Aug 2025 02:48:09 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /in/track?data=eyJ3bCI6MSwic3ViaWQiOjAsInVzZXJfaWQiOiIxNTEzMDgwMTk0NjU1NDMzNTAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIzLjEzOC4zIiwidGFnX2lkIjoyNjg1MDUsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTI4MHgxMDI0IiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJVVEMiLCJ1dG1fc291cmNlIjoiIiwidXRtX21lZGl1bSI6IiIsInV0bV9jYW1wYWlnbiI6IiIsInV0bV9jb250ZW50IjoiIiwibW0iOjAsImluaXRfc3RhcnRfbGF0ZW5jeSI6MC40MiwiaXNfdjIiOjAsImlzX3YyX2VtcHR5IjowfQ== HTTP/1.1
Host: 8e688aab72.d162882c98.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:19 GMT
content-length: 0
server: nginx/1.18.0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
x-cdn-host-id: ah1747
X-Firefox-Spdy: h2

onclckinp.com/in/multy

116.202.249.56

200 OK

58 kB

URL POST
onclckinp.com/in/multy
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type
JSON text data
Size
58 kB (58116 bytes)
Hash
c9acfaa96c829d17a516a24794f3ea08
316976883ffe3561d8133ece1f0c273f266c12b8
034fc08e921b6ec5d28759f8396411378913ee3f5c3ab18e9274a0f3a01cc533

HTTP Headers

POST /in/multy HTTP/1.1
Host: onclckinp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 2575
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 10 May 2025 16:59:20 GMT
content-type: application/json
content-length: 6832
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
content-encoding: gzip
X-Firefox-Spdy: h2

bid.onclckpop.com/get/

94.130.197.240

200 OK

6.7 kB

URL POST
bid.onclckpop.com/get/
IP
94.130.197.240:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectpuwpush.com
Fingerprint49:57:21:F4:8A:CC:66:3C:81:D7:E7:B5:2A:0F:8C:EC:C5:DD:12:26
ValidityFri, 28 Feb 2025 01:57:16 GMT - Thu, 29 May 2025 01:57:15 GMT

File type
JSON text data
Size
6.7 kB (6711 bytes)
Hash
67b636827a70efdf2f07d097a7d69cca
9e948ebc5c898162acb188ab9df4ea5fd7bd581f
20e4f7f162f13ce4488df3394b798d6a72019727c2f5b58d5b56397b18738f7a

HTTP Headers

POST /get/ HTTP/1.1
Host: bid.onclckpop.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.leaktape.com/
Content-Type: text/plain;charset=UTF-8
Content-Length: 1710
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.16.0
date: Sat, 10 May 2025 16:59:26 GMT
content-type: application/json
content-length: 6711
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

i.postimg.cc/vZMqTbsq/Heading.png

46.105.222.161

200 OK

26 kB

URL GET
i.postimg.cc/vZMqTbsq/Heading.png
IP
46.105.222.161:443
ASN
#16276 OVH SAS

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectpostimg.cc
Fingerprint7D:8B:50:1B:4B:4B:5F:B6:A2:6A:C8:12:15:6D:D7:1C:E9:31:F0:C2
ValiditySat, 19 Apr 2025 07:11:53 GMT - Fri, 18 Jul 2025 07:11:52 GMT

File type
PNG image data, 800 x 100, 8-bit/color RGBA, non-interlaced
Size
26 kB (26484 bytes)
Hash
f6674ada7011a47c8360e7f2a723da68
7c2162c02084869e9eeb51f6843005d258e265da
0543da676318350ade2276d688615ff1f9d9203ba0418f8331e1475c8cbad7d4

HTTP Headers

GET /vZMqTbsq/Heading.png HTTP/1.1
Host: i.postimg.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:16 GMT
content-type: image/png
content-length: 26484
last-modified: Mon, 14 Apr 2025 13:26:38 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000, public
access-control-allow-origin: *
access-control-allow-methods: GET, OPTIONS
accept-ranges: bytes
X-Firefox-Spdy: h2

5cb5ab828f.f5e52969d7.com/c2430929551194bda84ad6487085224c.js

45.133.44.53

200 OK

562 kB

URL GET
5cb5ab828f.f5e52969d7.com/c2430929551194bda84ad6487085224c.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subject5cb5ab828f.f5e52969d7.com
FingerprintEF:B8:F5:0C:4B:DC:86:4C:D9:CA:67:0B:B6:6D:09:ED:03:B3:7B:0C
ValidityWed, 07 May 2025 02:15:07 GMT - Tue, 05 Aug 2025 02:15:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Size
562 kB (562291 bytes)
Hash
f9bb8f785f473be065ed7dd43597ee81
4eb68caba6dfb87f504adb36234bed2e1947fe0e
d91a99d6e095ec295badd90e1bfb73366bbdb749b90061d8d44246709a138624

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /c2430929551194bda84ad6487085224c.js HTTP/1.1
Host: 5cb5ab828f.f5e52969d7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:20 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 06 May 2025 14:45:59 GMT
etag: W/"681a20a7-89473"
content-encoding: gzip
expires: Sat, 10 May 2025 17:04:20 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.tailwindcss.com/

172.67.41.16

302 Found

407 kB

URL GET
cdn.tailwindcss.com/
IP
172.67.41.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjecttailwindcss.com
Fingerprint9B:3A:86:B2:34:9A:76:BF:85:6D:3A:86:E6:A9:39:2E:80:33:60:CF
ValidityTue, 01 Apr 2025 02:17:40 GMT - Mon, 30 Jun 2025 03:17:37 GMT

File type

Size
407 kB (407279 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 10 May 2025 16:59:16 GMT
cache-control: max-age=14400
location: /3.4.16
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::6xn52-1746895860046-3d592731fc62
cf-cache-status: HIT
age: 95
vary: Accept-Encoding
server: cloudflare
cf-ray: 93dafc755900b505-OSL
X-Firefox-Spdy: h2

fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2

142.250.178.99

200 OK

12 kB

URL GET
fonts.gstatic.com/s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 12276, version 1.0
Size
12 kB (12276 bytes)
Hash
964d69dfad99321462c6e739d5f71072
ab289c874c8a211c17b539f1161aec43e853c4a5
24df88e7e15c4b0b11eccc139235e04384513c803b5221485375b7acee755bac

HTTP Headers

GET /s/oswald/v53/TK3_WkUHHAIjg75cFRf3bXL8LICs1_FvsUZiZQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12276
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 May 2025 18:19:29 GMT
expires: Fri, 08 May 2026 18:19:29 GMT
cache-control: public, max-age=31536000
age: 167989
last-modified: Tue, 15 Aug 2023 18:49:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=268505

157.90.84.242

204 No Content

0 B

URL OPTIONS
fp.metricswpsh.com/fp?tag_id=268505
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /fp?tag_id=268505 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.leaktape.com/
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx/1.20.1
Date: Sat, 10 May 2025 16:59:19 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: https://www.leaktape.com
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

cdn.jsdelivr.net/npm/remixicon@2.2.0/fonts/remixicon.css

104.16.174.226

200 OK

96 kB

URL GET
cdn.jsdelivr.net/npm/remixicon@2.2.0/fonts/remixicon.css
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
ASCII text
Size
96 kB (96055 bytes)
Hash
1939459b72b0ceaf936b3fe4bb93dbcd
94bc31c3689b0f9822b7be12adce7f71b75b9a23
f26c326343b9e44c1c900f270c2689b2ab2df25f8ba6f817ef8bd48cfe8a471b

HTTP Headers

GET /npm/remixicon@2.2.0/fonts/remixicon.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:16 GMT
content-type: text/css; charset=utf-8
content-length: 11918
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.2.0
x-jsd-version-type: version
etag: W/"17737-lLwxw2ibD5git74Src5/cbdbmiM"
content-encoding: br
x-served-by: cache-fra-etou8220061-FRA, cache-lga21921-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 14375149
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NfwdHVrFlhQt1Ik9kBDmmWYrqpqPTF87VSeTTMjvj%2BnQJB5jJOZHz55gPW9upmPJX%2F4v%2Bta%2FsSM2UokMu1mDEBYA8j7i2Eywr0YzqkyVKXXVKiVQ07EZ5dIoKLjKrvdxl%2FE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93dafc755e6b712e-OSL
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.m.js

45.133.44.52

200 OK

124 kB

URL GET
js.wpadmngr.com/static/adManager.m.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
124 kB (124274 bytes)
Hash
d4509232ee9a95dc5431a18b2069468d
b0e22da458b657fbe8caa54b0124a64698bdf36b
fb472b8299627873a3a0d4a9c26703190f8346ba23e173b00fef456d1b7ff8a7

HTTP Headers

GET /static/adManager.m.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 18 Apr 2025 08:26:59 GMT
etag: W/"68020cd3-1e572"
content-encoding: gzip
expires: Sat, 10 May 2025 17:04:17 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

renamereptiliantrance.com/jserror?type=onclick&abvar=0&build=1.0.541&zoneid=2000378&e=TypeError&m=can%27t%20access%20property%20%22addEventListener%22%2C%20i_d%5Ba4W.T2U(...)%5D%5Ba4W.T2U(...)%5D%20is%20null&aa=0&trid=7502862722824020135&url=https%3A%2F%2Fwww.leaktape.com%2F

94.242.247.35

200 OK

0 B

URL GET
renamereptiliantrance.com/jserror?type=onclick&abvar=0&build=1.0.541&zoneid=2000378&e=TypeError&m=can%27t%20access%20property%20%22addEventListener%22%2C%20i_d%5Ba4W.T2U(...)%5D%5Ba4W.T2U(...)%5D%20is%20null&aa=0&trid=7502862722824020135&url=https%3A%2F%2Fwww.leaktape.com%2F
IP
94.242.247.35:443
ASN
#7979 SERVERS-COM

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectrenamereptiliantrance.com
FingerprintC5:24:B1:2C:AE:4F:4C:18:19:12:4B:73:29:C6:20:12:CF:37:4B:FA
ValidityWed, 12 Mar 2025 15:15:23 GMT - Tue, 10 Jun 2025 15:15:22 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /jserror?type=onclick&abvar=0&build=1.0.541&zoneid=2000378&e=TypeError&m=can%27t%20access%20property%20%22addEventListener%22%2C%20i_d%5Ba4W.T2U(...)%5D%5Ba4W.T2U(...)%5D%20is%20null&aa=0&trid=7502862722824020135&url=https%3A%2F%2Fwww.leaktape.com%2F HTTP/1.1
Host: renamereptiliantrance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Cookie: cart=1; cart_p=2; UID=250510115948cfad2a260d496c9a3437f542; CHCK=1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:17 GMT
content-type: application/octet-stream
content-length: 0
X-Firefox-Spdy: h2

elites-womanflirting.com/js/popunder.js

185.155.184.44

200 OK

812 B

URL GET
elites-womanflirting.com/js/popunder.js
IP
185.155.184.44:443
ASN
#6898 AS5398 SA

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectelites-womanflirting.com
FingerprintC7:55:14:4C:9B:7A:A7:F0:B1:80:D2:AA:93:D5:43:89:84:DB:36:47
ValiditySun, 13 Apr 2025 23:22:25 GMT - Sat, 12 Jul 2025 23:22:24 GMT

File type
ASCII text, with very long lines (318), with CRLF line terminators
Size
812 B (812 bytes)
Hash
1112c3e266341e6062a9ba705458138a
5d135d537aea600ccfe8f5a9d5ad999ecf8ae97a
e2ba34d1b1dcbbecb347fbfd6cdc7dc3ce039a10480def8b371fad59fc6e4caa

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /js/popunder.js HTTP/1.1
Host: elites-womanflirting.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: openresty
date: Sat, 10 May 2025 16:59:17 GMT
content-type: application/javascript
content-length: 812
etag: "1112c3e266341e6062a9ba705458138a"
last-modified: Wed, 20 Sep 2023 15:19:53 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin, Accept-Encoding
x-amz-id-2: dd9025bab4ad464b049177c95eb6ebf374d3b3fd1af9251148b658df7ac2e3e8
x-amz-request-id: 183E3862B6D320A9
x-content-type-options: nosniff
x-ratelimit-limit: 2060
x-ratelimit-remaining: 2060
x-xss-protection: 1; mode=block
x-amz-meta-mc-attrs: atime:1693134513#248036972/gid:0/gname:root/mode:33279/mtime:1655386273#132014000/uid:0/uname:root
x-amz-meta-mm-source-mtime: 2022-06-16T13:31:13.132014Z
expires: Sun, 10 May 2026 16:59:17 GMT
cache-control: max-age=31536000, no-transform
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Comic+Neue&display=swap

142.250.178.106

200 OK

412 B

URL GET
fonts.googleapis.com/css2?family=Comic+Neue&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
412 B (412 bytes)
Hash
cb398807e940588319dd48a08ea61515
d7f359b119eb05521e8cb6a4ab19f8a1f2da0803
8e552d52baf123e24df4390d85195290d92bd7d5b30119a831d4d727603552bd

HTTP Headers

GET /css2?family=Comic+Neue&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 May 2025 16:59:17 GMT
date: Sat, 10 May 2025 16:59:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2

142.250.178.99

200 OK

13 kB

URL GET
fonts.gstatic.com/s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13184, version 1.0
Size
13 kB (13184 bytes)
Hash
37b12babb3bd0f9d9587cc8ca89a19b9
49cfe5b31144493cec4f21dc63fb2f1051061b45
73351bb42cb7827d0cd08c5d5832140700139b86eb6dd9a49047017924cb3ed0

HTTP Headers

GET /s/karla/v31/qkBIXvYC6trAT55ZBi1ueQVIjQTD-JqaE0lK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 13184
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 May 2025 19:31:55 GMT
expires: Fri, 08 May 2026 19:31:55 GMT
cache-control: public, max-age=31536000
age: 163643
last-modified: Wed, 27 Sep 2023 15:40:27 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

5cb5ab828f.f5e52969d7.com/1db32389ebba63c1361cbf7d17c6147d/268505?version_name=c&domain=www.leaktape.com

45.133.44.53

200 OK

2.5 kB

URL GET
5cb5ab828f.f5e52969d7.com/1db32389ebba63c1361cbf7d17c6147d/268505?version_name=c&domain=www.leaktape.com
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subject5cb5ab828f.f5e52969d7.com
FingerprintEF:B8:F5:0C:4B:DC:86:4C:D9:CA:67:0B:B6:6D:09:ED:03:B3:7B:0C
ValidityWed, 07 May 2025 02:15:07 GMT - Tue, 05 Aug 2025 02:15:06 GMT

File type
JSON text data
Size
2.5 kB (2517 bytes)
Hash
983499d950b5d4bb781dcbc538839bab
605e14a6726553f43a070d3a5360e50fe48cfcd4
d6a221bf1612f143cad5ef32c2912d2e182be2a5174f24c89ae24dbe7a26227f

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /1db32389ebba63c1361cbf7d17c6147d/268505?version_name=c&domain=www.leaktape.com HTTP/1.1
Host: 5cb5ab828f.f5e52969d7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:19 GMT
content-type: application/json
server: nginx/1.18.0
cache-control: max-age=300
expires: Sat, 10 May 2025 17:04:19 GMT
x-cdn-host-id: ah1742
x-proxy-cache: MISS
access-control-allow-origin: *
X-Firefox-Spdy: h2

js.wpadmngr.com/static/adManager.js

45.133.44.52

200 OK

1.7 kB

URL GET
js.wpadmngr.com/static/adManager.js
IP
45.133.44.52:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectjs.wpadmngr.com
FingerprintC2:1D:FE:73:5C:BA:B1:47:5A:00:42:F2:A9:E3:F3:AB:A9:D1:CB:81
ValidityMon, 05 May 2025 02:34:34 GMT - Sun, 03 Aug 2025 02:34:33 GMT

File type
JavaScript source, ASCII text, with very long lines (1735), with no line terminators
Size
1.7 kB (1735 bytes)
Hash
1e936cad37e18ba5bc2f07acd57447d6
f55969248208bb6871e28b9478761ffb25207c35
e98e6a93ea15df4d4fe1e38c890f29512d739f493428436defb914775df550f8

HTTP Headers

GET /static/adManager.js HTTP/1.1
Host: js.wpadmngr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:17 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 18 Apr 2025 08:26:54 GMT
etag: W/"68020cce-6c7"
content-encoding: gzip
expires: Sat, 10 May 2025 17:04:17 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Karla&display=swap

142.250.178.106

200 OK

859 B

URL GET
fonts.googleapis.com/css2?family=Karla&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
859 B (859 bytes)
Hash
5a5277e17e50494cd63b0bed904334be
b7a8a7d5fa1b8030abda5b8d627991c71e4e6396
8b5d42c86138f56bad79fa29cfdbf186f9cffdda7647ead080509a4385252c69

HTTP Headers

GET /css2?family=Karla&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 May 2025 16:59:17 GMT
date: Sat, 10 May 2025 16:59:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.googleapis.com/css2?family=Ubuntu:wght@700&display=swap

142.250.178.106

200 OK

2.0 kB

URL GET
fonts.googleapis.com/css2?family=Ubuntu:wght@700&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
2.0 kB (2007 bytes)
Hash
17bf9b0057d54a2df532c9e7771c338a
312518efbebf0bf10320825e82533f78e12311e5
5d5a0a4b5fb9112dc4281d96a6603480457dd4c21f023517f19c418b8d348f6d

HTTP Headers

GET /css2?family=Ubuntu:wght@700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 May 2025 16:59:17 GMT
date: Sat, 10 May 2025 16:59:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

na.nawpush.com/tags/273203?version_name=c&domain=www.leaktape.com

45.133.44.24

200 OK

2.5 kB

URL GET
na.nawpush.com/tags/273203?version_name=c&domain=www.leaktape.com
IP
45.133.44.24:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectna.nawpush.com
Fingerprint7A:F7:A6:E1:8B:BC:41:03:27:9E:00:97:D7:FE:3B:27:BA:1F:ED:00
ValiditySun, 23 Mar 2025 02:31:50 GMT - Sat, 21 Jun 2025 02:31:49 GMT

File type
JSON text data
Size
2.5 kB (2523 bytes)
Hash
dca5f4e063b079c641d66bd3d06b94b4
202edb5bc38943ea6e20c0e64af0cc00a69fb819
aba4f6b9821f1a8a9848686052343506e11170cedd91c09f8e7766f1c4b8000c

HTTP Headers

GET /tags/273203?version_name=c&domain=www.leaktape.com HTTP/1.1
Host: na.nawpush.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:17 GMT
content-type: application/json
server: nginx/1.24.0
cache-control: max-age=300, public
x-cdn-host-id: ds5058
x-proxy-cache: EXPIRED
access-control-allow-origin: *
X-Firefox-Spdy: h2

code.jquery.com/jquery-3.7.1.js

151.101.194.137

200 OK

285 kB

URL GET
code.jquery.com/jquery-3.7.1.js
IP
151.101.194.137:443
ASN
#54113 FASTLY

Requested by
https://www.leaktape.com/
Certificate
IssuerSectigo Limited
Subject*.jquery.com
FingerprintCD:B5:6E:05:85:0C:5A:AE:47:12:80:2A:5B:C6:E5:8F:11:72:E2:B5
ValidityTue, 25 Jun 2024 00:00:00 GMT - Wed, 25 Jun 2025 23:59:59 GMT

File type
JavaScript source, ASCII text
Size
285 kB (285314 bytes)
Hash
12e87d2f3a4c8b347ab13a0764d420a3
4be715e11048c057fdf2ee0fbbfad4dbf3504c55
78a85aca2f0b110c29e0d2b137e09f0a1fb7a8e554b499f740d6744dc8962cfe

HTTP Headers

GET /jquery-3.7.1.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
etag: W/"28feccc0-45a82"
cache-control: public, max-age=31536000, stale-while-revalidate=604800
access-control-allow-origin: *
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sat, 10 May 2025 16:59:16 GMT
age: 4615899
x-served-by: cache-lga21929-LGA, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 14, 14389
x-timer: S1746896357.787722,VS0,VE0
vary: Accept-Encoding
content-length: 83619
X-Firefox-Spdy: h2

renamereptiliantrance.com/check.html

94.242.247.35

200 OK

926 B

URL GET
renamereptiliantrance.com/check.html
IP
94.242.247.35:443
ASN
#7979 SERVERS-COM

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectrenamereptiliantrance.com
FingerprintC5:24:B1:2C:AE:4F:4C:18:19:12:4B:73:29:C6:20:12:CF:37:4B:FA
ValidityWed, 12 Mar 2025 15:15:23 GMT - Tue, 10 Jun 2025 15:15:22 GMT

File type
HTML document, ASCII text
Size
926 B (926 bytes)
Hash
088dba8e97eede53134c93219f7ebbae
adb707654d1fe0af7d0d7a9f55660d22bd3625e4
6da0120b4c7bc45b63fcbb87595c3c1ea2cdca482b0c48d4d2ab434f9e897aff

HTTP Headers

GET /check.html HTTP/1.1
Host: renamereptiliantrance.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 10 May 2025 16:59:17 GMT
content-type: text/html; charset=utf-8
last-modified: Wed, 16 Apr 2025 07:53:28 GMT
vary: Accept-Encoding
etag: W/"67ff61f8-39e"
x-js-ab: current
timing-allow-origin: *
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
X-Firefox-Spdy: h2

onclckinp.com/in/show/?tag_ab=c&site_id=316048361&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.leaktape.com%2F&refdom=www.leaktape.com&auction_time=1746896360&subid=1413013301&sid=2001760978&tcid=0&ver=8.225.1&ver_c=&spot_id=6048361&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-05-10&iabcat=IAB25-3&user_fp=806881371544743028&score=83.73806651471521&kubik_score=90.28105991301206&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1413013301%26spot_id%3D6048361%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.leaktape.com%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=3617056&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3D2dQnln610anYKV2IpxRlBCbyHUTiDHVRewSMPbkUUoX1960h99PoQy9uJ6TMO5QOl5fq5Corjlp1ZQS5L27j_1l_RtSKDRICfFUoQbcmP5gGaUdSOdbGVYmS77-5YT8JpjakLta61KT2Fk79iPhS4gm3pyHhrldrlBBxAHw5sCw4C_Mf9QmJ1ctgx253yOlnKcpgg4D_N0MW8agi-KZ29pQ-CCZcNLk1oU4nexbO5gh3mtNTAYMwopG8AF7D_wlIRnlMCO0q1JlEhDzhPAFJBein-IJ1L4lFfqHSoI8GJb5Y7lj_lirpP-MoeD5yJ5BCHdUz47DSekNPr6oTLsmGXVvDE8r6BSgGiVctFt2vdpzniWxVuvDT6DSq-wInwR98abEYuWrxHlh4AxNzGFwbok3QGWarTS_7gyKimyhB8jg5oCP4OQqFuecN-DaPcw0QkXGyVHD6U2LWTvsO1bRD22Exn96C0HrT9Pcx22rEsVjoUiZHGNzPFpgBI7yU4zBHepOi-hl3vmFNH2kxWZx3rm9NZZVNK72vzNnHkywzj7g4OgkvddJoski4B30&icons=wE37twMdwgnTJXL8bivsZ5l3Noek4qLzy5jH1K9eO_DTbZ16-ZmKxNh4JF30r31tUll1O8aJOeNxvAJ9oF75giAu69bXxpWiXUgimCL2_qmepPFoU5Pm67wcToS74C1Qhl7qNOMIy4UkL54aWxSkmWZ8oSh2fdaxvFaXeDTCa8hcyCRMXA&ext_cid=17056&px_id=536048361&min_cpm=0.011709623209092865&out_id=1&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=1243024059449524833&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.09422128626105947&cpm=0.043109063468107084&verify_hash=9a3f027148c48db16aeb6a81382d5f4d&verify_hash_v2=48d52e05b5e53674827fe71388c834372f4d05b3c314fbbaf937d790cdb4483d&is_native=2&real_bid=0.002232359969615928&original_bid_usd=0.0027&original_bid=0.0027&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,89,75,83,150,70,4,20,27,108&need_redirect_show=0&applied_features=main-skins-settings,coef_095&show_count=1&expiration_timestamp=1747069160&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027&ext_campaign_id_str=17056&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=basic&script_type=antiadblock&tma_wallet_balance=0&processed_keywords=bigass%2Cbondage%2Cgore%2Camateur%2Cmilf%2Cadult%2Cbbw%2Cblowjob%2Cbdsm%2Cteens%2Cextreme%2Cincest&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.05&cpa=f1d901c8-386d-4756-ab67-4dcece8ae654&prev_step_diff=616

116.202.249.56

200 OK

0 B

URL GET
onclckinp.com/in/show/?tag_ab=c&site_id=316048361&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.leaktape.com%2F&refdom=www.leaktape.com&auction_time=1746896360&subid=1413013301&sid=2001760978&tcid=0&ver=8.225.1&ver_c=&spot_id=6048361&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-05-10&iabcat=IAB25-3&user_fp=806881371544743028&score=83.73806651471521&kubik_score=90.28105991301206&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1413013301%26spot_id%3D6048361%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.leaktape.com%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=3617056&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3D2dQnln610anYKV2IpxRlBCbyHUTiDHVRewSMPbkUUoX1960h99PoQy9uJ6TMO5QOl5fq5Corjlp1ZQS5L27j_1l_RtSKDRICfFUoQbcmP5gGaUdSOdbGVYmS77-5YT8JpjakLta61KT2Fk79iPhS4gm3pyHhrldrlBBxAHw5sCw4C_Mf9QmJ1ctgx253yOlnKcpgg4D_N0MW8agi-KZ29pQ-CCZcNLk1oU4nexbO5gh3mtNTAYMwopG8AF7D_wlIRnlMCO0q1JlEhDzhPAFJBein-IJ1L4lFfqHSoI8GJb5Y7lj_lirpP-MoeD5yJ5BCHdUz47DSekNPr6oTLsmGXVvDE8r6BSgGiVctFt2vdpzniWxVuvDT6DSq-wInwR98abEYuWrxHlh4AxNzGFwbok3QGWarTS_7gyKimyhB8jg5oCP4OQqFuecN-DaPcw0QkXGyVHD6U2LWTvsO1bRD22Exn96C0HrT9Pcx22rEsVjoUiZHGNzPFpgBI7yU4zBHepOi-hl3vmFNH2kxWZx3rm9NZZVNK72vzNnHkywzj7g4OgkvddJoski4B30&icons=wE37twMdwgnTJXL8bivsZ5l3Noek4qLzy5jH1K9eO_DTbZ16-ZmKxNh4JF30r31tUll1O8aJOeNxvAJ9oF75giAu69bXxpWiXUgimCL2_qmepPFoU5Pm67wcToS74C1Qhl7qNOMIy4UkL54aWxSkmWZ8oSh2fdaxvFaXeDTCa8hcyCRMXA&ext_cid=17056&px_id=536048361&min_cpm=0.011709623209092865&out_id=1&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=1243024059449524833&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.09422128626105947&cpm=0.043109063468107084&verify_hash=9a3f027148c48db16aeb6a81382d5f4d&verify_hash_v2=48d52e05b5e53674827fe71388c834372f4d05b3c314fbbaf937d790cdb4483d&is_native=2&real_bid=0.002232359969615928&original_bid_usd=0.0027&original_bid=0.0027&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,89,75,83,150,70,4,20,27,108&need_redirect_show=0&applied_features=main-skins-settings,coef_095&show_count=1&expiration_timestamp=1747069160&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027&ext_campaign_id_str=17056&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=basic&script_type=antiadblock&tma_wallet_balance=0&processed_keywords=bigass%2Cbondage%2Cgore%2Camateur%2Cmilf%2Cadult%2Cbbw%2Cblowjob%2Cbdsm%2Cteens%2Cextreme%2Cincest&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.05&cpa=f1d901c8-386d-4756-ab67-4dcece8ae654&prev_step_diff=616
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/show/?tag_ab=c&site_id=316048361&adblock=0&testab=0&auction_host=&mm=0&yc=0&render_type=hq&pr=&user_keywords=&device_theme=light&v2_track=0&v2=0&conditions=dch_ip,tz_offset&ssp=3964&page=https%3A%2F%2Fwww.leaktape.com%2F&refdom=www.leaktape.com&auction_time=1746896360&subid=1413013301&sid=2001760978&tcid=0&ver=8.225.1&ver_c=&spot_id=6048361&utm_source=&utm_medium=&utm_campaign=&utm_content=&created_at=2025-05-10&iabcat=IAB25-3&user_fp=806881371544743028&score=83.73806651471521&kubik_score=90.28105991301206&durl=https%3A%2F%2Fkts.dasdaily.com%2Fin%2F1546%2F%3Fad_sub%3D1413013301%26spot_id%3D6048361%26is_adult%3D1%26p%3Dhttps%253A%252F%252Fwww.leaktape.com%252F%26idzone%3D0%26sid%3D1886&is_cpm=0&resp_type=&crid=3617056&crtid=b0681ff5c1739e7f8bdbb8527f77d810&url=https%3A%2F%2Ftrack-eu.trackingtraffo.com%2Fpop%2Fimp%3Fauth%3D9e2uqx%26c%3D2dQnln610anYKV2IpxRlBCbyHUTiDHVRewSMPbkUUoX1960h99PoQy9uJ6TMO5QOl5fq5Corjlp1ZQS5L27j_1l_RtSKDRICfFUoQbcmP5gGaUdSOdbGVYmS77-5YT8JpjakLta61KT2Fk79iPhS4gm3pyHhrldrlBBxAHw5sCw4C_Mf9QmJ1ctgx253yOlnKcpgg4D_N0MW8agi-KZ29pQ-CCZcNLk1oU4nexbO5gh3mtNTAYMwopG8AF7D_wlIRnlMCO0q1JlEhDzhPAFJBein-IJ1L4lFfqHSoI8GJb5Y7lj_lirpP-MoeD5yJ5BCHdUz47DSekNPr6oTLsmGXVvDE8r6BSgGiVctFt2vdpzniWxVuvDT6DSq-wInwR98abEYuWrxHlh4AxNzGFwbok3QGWarTS_7gyKimyhB8jg5oCP4OQqFuecN-DaPcw0QkXGyVHD6U2LWTvsO1bRD22Exn96C0HrT9Pcx22rEsVjoUiZHGNzPFpgBI7yU4zBHepOi-hl3vmFNH2kxWZx3rm9NZZVNK72vzNnHkywzj7g4OgkvddJoski4B30&icons=wE37twMdwgnTJXL8bivsZ5l3Noek4qLzy5jH1K9eO_DTbZ16-ZmKxNh4JF30r31tUll1O8aJOeNxvAJ9oF75giAu69bXxpWiXUgimCL2_qmepPFoU5Pm67wcToS74C1Qhl7qNOMIy4UkL54aWxSkmWZ8oSh2fdaxvFaXeDTCa8hcyCRMXA&ext_cid=17056&px_id=536048361&min_cpm=0.011709623209092865&out_id=1&campaign_type=lq-pop&aid=3335&cid=13433&uniq=&mid=1243024059449524833&skin_id=71&vertical_id=0&skin_test=0&from_cache=0&ecpm=0.09422128626105947&cpm=0.043109063468107084&verify_hash=9a3f027148c48db16aeb6a81382d5f4d&verify_hash_v2=48d52e05b5e53674827fe71388c834372f4d05b3c314fbbaf937d790cdb4483d&is_native=2&real_bid=0.002232359969615928&original_bid_usd=0.0027&original_bid=0.0027&show_type=0&exp=0&placement_type_id=0&ua_mismatch=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%3B%20rv%3A134.0%29%20Gecko%2F20100101%20Firefox%2F134.0&ip_mismatch=91.90.42.154&geo=NO&carrier=-&label_ids=0,89,75,83,150,70,4,20,27,108&need_redirect_show=0&applied_features=main-skins-settings,coef_095&show_count=1&expiration_timestamp=1747069160&image_url=https%3A%2F%2Fstatic.bookmsg.com%2Fcreatives%2FSG%2FSG_083be47dfc3e28c9a68305b76181a5033bc45790.webp&site=native-push-adult&price=0.0027&hostname=auc-inpage-hz-2-b&auc_type=1&pop_type=1&site_id64=&interest_vertical_ids=&mo=&ve=&timezone_olson=UTC&topics=&historical_keywords=&pop_cpc=0.0000027&ext_campaign_id_str=17056&is_webview=0&client_price=0&direct_client_price=0&priority=0&client_payment_model=&is_in_app=0&auc_domain_type=basic&script_type=antiadblock&tma_wallet_balance=0&processed_keywords=bigass%2Cbondage%2Cgore%2Camateur%2Cmilf%2Cadult%2Cbbw%2Cblowjob%2Cbdsm%2Cteens%2Cextreme%2Cincest&pattern1=0&pattern2=0&pattern3=0&pattern4=0&pattern5=0&format=gamblingBlueMessage-view-b_r-body&mlf=1&mlc=1&st=0.05&cpa=f1d901c8-386d-4756-ab67-4dcece8ae654&prev_step_diff=616 HTTP/1.1
Host: onclckinp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.24.0
date: Sat, 10 May 2025 16:59:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

www.leaktape.com/css/root.css

104.21.52.236

200 OK

4.5 kB

URL GET
www.leaktape.com/css/root.css
IP
104.21.52.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectleaktape.com
FingerprintAC:0A:59:38:68:93:5C:87:C4:65:B7:DC:49:94:04:9F:7A:0A:AC:CE
ValidityMon, 21 Apr 2025 12:19:40 GMT - Sun, 20 Jul 2025 13:17:12 GMT

File type
ASCII text, with CRLF line terminators
Size
4.5 kB (4503 bytes)
Hash
9c460336a8ebcabb26df92e24e6b71f5
a0b9051772b0fb290d0eca958b32a78ef46fecd2
2d5d2c914bc9cae43aae672ed0ab8953aaeb03e7064509e2c9490bd811686816

HTTP Headers

GET /css/root.css HTTP/1.1
Host: www.leaktape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Cookie: PHPSESSID=e3h23ev9mci3p9jlh03a7jo1s3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:16 GMT
content-type: text/css
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VLQfuaF5EoP6%2FDkRag%2BMQDduqwQIQjOnCcJlVeYYYqMSfqXOvGJX0kxswVAcIazfTURB0Yc9jsoH3sfynDa7AllT1SQcnhPEKi5Cf3OmlmAc4vJVNMaibfsLll3E8Q%2BjfEHi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
last-modified: Tue, 07 Nov 2023 01:01:58 GMT
etag: W/"65498c86-1197"
age: 4914
cache-control: max-age=14400
cf-cache-status: HIT
content-encoding: br
cf-ray: 93dafc750e2262c8-HAM
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54272&min_rtt=46645&rtt_var=21008&sent=58&recv=61&lost=4&retrans=7&sent_bytes=17264&recv_bytes=10922&delivery_rate=5966&cwnd=8400&unsent_bytes=0&cid=c6593dc3b3ec1e2a&ts=5859&x=16"

accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube

173.194.73.84

302 Found

0 B

URL GET
accounts.google.com/ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint59:74:47:4D:79:55:0E:D6:C9:C5:58:53:27:7B:B5:9B:F6:02:63:84
ValidityMon, 21 Apr 2025 08:42:44 GMT - Mon, 14 Jul 2025 08:42:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ServiceLogin?passive=true&continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&uilel=3&hl=en&service=youtube HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: application/binary
set-cookie: __Host-GAPS=1:8c04x1uBBT1A-exsZjq0knoETLr1wQ:kK05nFZXMFKJizad; Expires=Mon, 10-May-2027 16:59:24 GMT; Path=/; Secure; HttpOnly; Priority=HIGH
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:24 GMT
location: https://accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5Mhv08-X7KRofifdqtSgOHDFqLzqC7n1iENi0rTHGjNrAfPu32O2CYKjoQNlArAvUKrbmTKiOw
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-opener-policy: unsafe-none
content-security-policy: require-trusted-types-for 'script';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport, script-src 'nonce-mIuJZ-mBLjWEeOC1aFcHog' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/AccountsSigninPassiveLoginHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/AccountsSigninPassiveLoginHttp/cspreport/allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
server: ESF
content-length: 0
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.tailwindcss.com/3.4.16

172.67.41.16

200 OK

407 kB

URL GET
cdn.tailwindcss.com/3.4.16
IP
172.67.41.16:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjecttailwindcss.com
Fingerprint9B:3A:86:B2:34:9A:76:BF:85:6D:3A:86:E6:A9:39:2E:80:33:60:CF
ValidityTue, 01 Apr 2025 02:17:40 GMT - Mon, 30 Jun 2025 03:17:37 GMT

File type
JavaScript source, ASCII text, with very long lines (52853)
Size
407 kB (407279 bytes)
Hash
2697bf25afb0982dfa17c73536f934c1
7d7db122d0639cd1f1a53eb6018d6d713d312679
fb798bb21731986940cf3a9950fbca386e03633e9a45497701e71f9b87d132ea

HTTP Headers

GET /3.4.16 HTTP/1.1
Host: cdn.tailwindcss.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.leaktape.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:17 GMT
content-type: text/javascript
cache-control: max-age=31536000
content-encoding: br
strict-transport-security: max-age=63072000
x-vercel-cache: MISS
x-vercel-id: cle1::iad1::ztsdf-1745310158256-531401b3f1ac
last-modified: Tue, 22 Apr 2025 08:22:38 GMT
cf-cache-status: HIT
age: 133289
vary: Accept-Encoding
server: cloudflare
cf-ray: 93dafc783e17b505-OSL
X-Firefox-Spdy: h2

js.capndr.com/advertising.js

45.133.44.53

200 OK

0 B

URL GET
js.capndr.com/advertising.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectjs.capndr.com
Fingerprint36:80:C9:74:A8:03:5E:A6:42:15:13:F1:12:1D:CE:69:66:FD:BF:09
ValidityWed, 16 Apr 2025 02:32:06 GMT - Tue, 15 Jul 2025 02:32:05 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertising.js HTTP/1.1
Host: js.capndr.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 0
server: nginx/1.18.0
last-modified: Fri, 14 Jul 2023 08:23:25 GMT
etag: "64b105fd-0"
expires: Sat, 10 May 2025 17:04:19 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

5cb5ab828f.f5e52969d7.com/51408888d1820b5948457e2c082269a6.js

45.133.44.53

200 OK

206 kB

URL GET
5cb5ab828f.f5e52969d7.com/51408888d1820b5948457e2c082269a6.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subject5cb5ab828f.f5e52969d7.com
FingerprintEF:B8:F5:0C:4B:DC:86:4C:D9:CA:67:0B:B6:6D:09:ED:03:B3:7B:0C
ValidityWed, 07 May 2025 02:15:07 GMT - Tue, 05 Aug 2025 02:15:06 GMT

File type
JavaScript source, ASCII text, with very long lines (65536), with no line terminators
Size
206 kB (206162 bytes)
Hash
eb6aea211d5871efd91f116252d04244
3762b5a1bfd2aefece6e7ba5b3259f998cb52346
b4568b829dbd869a7bd40a2ac28a48037ee13fd5983a18903dad7782244ade54

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /51408888d1820b5948457e2c082269a6.js HTTP/1.1
Host: 5cb5ab828f.f5e52969d7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:19 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Tue, 06 May 2025 14:46:06 GMT
etag: W/"681a20ae-32552"
content-encoding: gzip
expires: Sat, 10 May 2025 17:04:19 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

fp.metricswpsh.com/fp?tag_id=268505

157.90.84.242

200 OK

60 B

URL POST
fp.metricswpsh.com/fp?tag_id=268505
IP
157.90.84.242:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectnotification.tubecup.net
Fingerprint6A:AF:05:21:7E:87:22:9C:BB:20:DB:34:F6:0A:88:06:79:E3:A0:78
ValidityThu, 17 Apr 2025 02:58:33 GMT - Wed, 16 Jul 2025 02:58:32 GMT

File type
JSON text data
Size
60 B (60 bytes)
Hash
c299c16d2a75cca379ee02b91ce3946e
e58df1b020a6bf0ac909bb601940a3f923411092
8bf0b1b1c9dafd5f12dc26bba4b403182bd063cf26ac422af22352a06e83819e

HTTP Headers

POST /fp?tag_id=268505 HTTP/1.1
Host: fp.metricswpsh.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
Content-Length: 1978
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Sat, 10 May 2025 16:59:19 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 60
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://www.leaktape.com
Set-Cookie: id=10667125201824672926; Expires=Sun, 10 May 2026 16:59:19 GMT; Secure; SameSite=None
Vary: Origin

nereserv.com/in/dip?event_id=af6b3cae-7f1b-4358-a61a-4ca90e822808&subid=1414531219&spot_id=6048362&created_at=2025-05-10&timezone=0&ver=1.162.0

94.130.198.6

200 OK

0 B

URL GET
nereserv.com/in/dip?event_id=af6b3cae-7f1b-4358-a61a-4ca90e822808&subid=1414531219&spot_id=6048362&created_at=2025-05-10&timezone=0&ver=1.162.0
IP
94.130.198.6:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/dip?event_id=af6b3cae-7f1b-4358-a61a-4ca90e822808&subid=1414531219&spot_id=6048362&created_at=2025-05-10&timezone=0&ver=1.162.0 HTTP/1.1
Host: nereserv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx/1.20.1
date: Sat, 10 May 2025 16:59:20 GMT
content-length: 0
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

www.leaktape.com/media/logo.png

104.21.52.236

200 OK

24 kB

URL GET
www.leaktape.com/media/logo.png
IP
104.21.52.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectleaktape.com
FingerprintAC:0A:59:38:68:93:5C:87:C4:65:B7:DC:49:94:04:9F:7A:0A:AC:CE
ValidityMon, 21 Apr 2025 12:19:40 GMT - Sun, 20 Jul 2025 13:17:12 GMT

File type
PNG image data, 217 x 62, 16-bit gray+alpha, non-interlaced
Size
24 kB (23815 bytes)
Hash
fdcad846a7c41e94c84834ea742aa2fb
936abe07f8ba5e0aa4e24ffe35e5455dbc8be446
c91936643404ff7c56e9cdccf5e7fda27e33b9b1c464451f7ece04938569f870

HTTP Headers

GET /media/logo.png HTTP/1.1
Host: www.leaktape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Cookie: PHPSESSID=e3h23ev9mci3p9jlh03a7jo1s3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:16 GMT
content-type: image/png
content-length: 23815
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=65YTuvtdwoWlcs8bE9zdV1rM7wViDVCqbyEXWipDV1sDvDD9uOLTIUjwSFGuhaqTto%2B7l39nELbEsvVvXJyZvNQ65vboIv%2BGmdcUx0qLtmWfDYPsJTlVL%2FwVWUdahBi%2FbFXY"}],"group":"cf-nel","max_age":604800}
last-modified: Wed, 30 Aug 2023 01:48:26 GMT
etag: "64ee9fea-5d07"
accept-ranges: bytes
age: 4914
cache-control: max-age=14400
cf-cache-status: HIT
cf-ray: 93dafc750e2462c8-HAM
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54272&min_rtt=46645&rtt_var=21008&sent=58&recv=61&lost=4&retrans=7&sent_bytes=17264&recv_bytes=10922&delivery_rate=5966&cwnd=8400&unsent_bytes=0&cid=c6593dc3b3ec1e2a&ts=5858&x=16"

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

142.250.178.99

200 OK

30 kB

URL GET
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
142.250.178.99:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subject*.gstatic.com
Fingerprint15:8B:D4:EA:7E:CB:34:1B:6F:2E:20:9E:39:44:7A:D6:D7:30:26:AB
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 08 May 2025 18:21:04 GMT
expires: Fri, 08 May 2026 18:21:04 GMT
cache-control: public, max-age=31536000
age: 167894
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

5cb5ab828f.f5e52969d7.com/f44ead0e3fb415db18cfee67af1413b6.js

45.133.44.53

200 OK

124 kB

URL GET
5cb5ab828f.f5e52969d7.com/f44ead0e3fb415db18cfee67af1413b6.js
IP
45.133.44.53:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subject5cb5ab828f.f5e52969d7.com
FingerprintEF:B8:F5:0C:4B:DC:86:4C:D9:CA:67:0B:B6:6D:09:ED:03:B3:7B:0C
ValidityWed, 07 May 2025 02:15:07 GMT - Tue, 05 Aug 2025 02:15:06 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size
124 kB (124274 bytes)
Hash
d4509232ee9a95dc5431a18b2069468d
b0e22da458b657fbe8caa54b0124a64698bdf36b
fb472b8299627873a3a0d4a9c26703190f8346ba23e173b00fef456d1b7ff8a7

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /f44ead0e3fb415db18cfee67af1413b6.js HTTP/1.1
Host: 5cb5ab828f.f5e52969d7.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:19 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.18.0
last-modified: Fri, 18 Apr 2025 08:26:59 GMT
etag: W/"68020cd3-1e572"
content-encoding: gzip
expires: Sat, 10 May 2025 17:04:19 GMT
cache-control: max-age=300
x-cdn-host-id: ah1742
x-proxy-cache: HIT
access-control-allow-origin: *
X-Firefox-Spdy: h2

onclckinp.com/in/multy

116.202.249.56

204 No Content

0 B

URL OPTIONS
onclckinp.com/in/multy
IP
116.202.249.56:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectinpage.infrapu.sh
Fingerprint53:32:5A:78:97:D4:AD:CF:41:C6:08:3E:D5:02:8C:C6:22:50:E8:35
ValidityTue, 01 Apr 2025 08:22:50 GMT - Mon, 30 Jun 2025 08:22:49 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /in/multy HTTP/1.1
Host: onclckinp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.leaktape.com/
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: nginx/1.24.0
date: Sat, 10 May 2025 16:59:20 GMT
vary: Origin
cache-control: no-transform, no-cache, no-store, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: *
X-Firefox-Spdy: h2

www.leaktape.com/

104.21.52.236

200 OK

94 kB

URL User Request GET
www.leaktape.com/
IP
104.21.52.236:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectleaktape.com
FingerprintAC:0A:59:38:68:93:5C:87:C4:65:B7:DC:49:94:04:9F:7A:0A:AC:CE
ValidityMon, 21 Apr 2025 12:19:40 GMT - Sun, 20 Jul 2025 13:17:12 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (6551), with CRLF, LF line terminators
Size
94 kB (93793 bytes)
Hash
e245390240d3c274dbad1e5c4d470f79
15a75d22dd1b0584be9abd0adb0ff823664e5a24
e3f1db865794a86049a4ab98e824d5e21110f8c827330c20a7973faac85d5914

HTTP Headers

GET / HTTP/1.1
Host: www.leaktape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 10 May 2025 16:59:16 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
cf-ray: 93dafc50fb8a62e4-HAM
content-encoding: br
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
vary: accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lSRIGReNjzkD84TI3ujWAprFM7UOfm6RUgG4T8rRE4Mc80TEEI7BjRO3XgbxgAEWHk5tdfybBM%2FWRyFoBbMF3FBhWSFljXI4Z2DKtdxR1WZaghGd%2Bc7pTTaYU6kNZyJaO5Tv"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
set-cookie: PHPSESSID=e3h23ev9mci3p9jlh03a7jo1s3; Path=/
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=14864&min_rtt=14587&rtt_var=2244&sent=11&recv=12&lost=0&retrans=0&sent_bytes=4556&recv_bytes=1204&delivery_rate=295088&cwnd=256&unsent_bytes=0&cid=81c9a7f2968c1f0d&ts=5750&x=0"
X-Firefox-Spdy: h2

www.leaktape.com/thumbnails/681ed34559a9c.jpeg

104.21.52.236

200 OK

6.2 kB

URL GET
www.leaktape.com/thumbnails/681ed34559a9c.jpeg
IP
104.21.52.236:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectleaktape.com
FingerprintAC:0A:59:38:68:93:5C:87:C4:65:B7:DC:49:94:04:9F:7A:0A:AC:CE
ValidityMon, 21 Apr 2025 12:19:40 GMT - Sun, 20 Jul 2025 13:17:12 GMT

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 292x172, components 3
Size
6.2 kB (6234 bytes)
Hash
fa33586a1e00f109168877fea2e2ec6c
295f66c2cd37c664f2d55d75fcd8e8f0f4a81e58
64d123da22283481dd4efbd14a26b452d084cdb8f8e74e0b82165fabb4112ec9

HTTP Headers

GET /thumbnails/681ed34559a9c.jpeg HTTP/1.1
Host: www.leaktape.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Cookie: PHPSESSID=e3h23ev9mci3p9jlh03a7jo1s3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:16 GMT
content-type: image/jpeg
content-length: 6234
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=yX%2BWm1Y9xqJ40SHBYll%2FG0lKEHecDWn%2BZ9Tce7FCbZRHQB6ByK4%2BWcEbNpqqnyGdlWGt6X7ZKVWeOxA0sS04wjz3iSDmZqbEs28toLfxOsY3iHF5k8oxWg%2BODHI9P43FnrFt"}],"group":"cf-nel","max_age":604800}
last-modified: Sat, 10 May 2025 04:17:09 GMT
etag: "681ed345-185a"
cache-control: max-age=14400
cf-cache-status: HIT
age: 4913
accept-ranges: bytes
cf-ray: 93dafc750e2562c8-HAM
server: cloudflare
speculation-rules: "/cdn-cgi/speculation"
vary: Accept-Encoding
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=54272&min_rtt=46645&rtt_var=21008&sent=59&recv=62&lost=4&retrans=7&sent_bytes=17290&recv_bytes=11247&delivery_rate=5966&cwnd=8400&unsent_bytes=0&cid=c6593dc3b3ec1e2a&ts=5864&x=16"

fonts.googleapis.com/css2?family=Lilita+One&display=swap

142.250.178.106

200 OK

856 B

URL GET
fonts.googleapis.com/css2?family=Lilita+One&display=swap
IP
142.250.178.106:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectupload.video.google.com
Fingerprint7A:29:E6:A8:BE:59:2C:AE:82:2D:CA:8E:15:89:41:BE:EC:D2:0D:EA
ValidityMon, 21 Apr 2025 08:41:49 GMT - Mon, 14 Jul 2025 08:41:48 GMT

File type
ASCII text
Size
856 B (856 bytes)
Hash
ca4070ae27abe83af0238a9c74d1ba83
5117e3bc5d155f99df9dc63b238315a634a3f001
cc4dc84d370038be42050e9b25006f71285ef9dbe45faf0a3377475165e5ef1c

HTTP Headers

GET /css2?family=Lilita+One&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.leaktape.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 10 May 2025 16:59:17 GMT
date: Sat, 10 May 2025 16:59:17 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/remixicon@2.2.0/fonts/remixicon.woff2?t=1578671877458

104.16.174.226

200 OK

110 kB

URL GET
cdn.jsdelivr.net/npm/remixicon@2.2.0/fonts/remixicon.woff2?t=1578671877458
IP
104.16.174.226:443
ASN
#13335 CLOUDFLARENET

Requested by
https://www.leaktape.com/
Certificate
IssuerSectigo Limited
Subject*.jsdelivr.net
FingerprintA6:DD:A1:61:65:41:D0:8F:18:9A:2F:B3:5C:A4:20:AA:B2:8C:AD:1F
ValidityFri, 25 Apr 2025 00:00:00 GMT - Mon, 04 May 2026 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 110228, version 1.0
Size
110 kB (110228 bytes)
Hash
34ab8e4b8fd2447a24f20b64f06f0dc1
545c8ab0794a0221711e0047af3e4032c14d4a75
1b187ff075581862a025d0b32df2256c582440f7863564d5de7c2a96c66cc2df

HTTP Headers

GET /npm/remixicon@2.2.0/fonts/remixicon.woff2?t=1578671877458 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.leaktape.com
DNT: 1
Connection: keep-alive
Referer: https://cdn.jsdelivr.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 10 May 2025 16:59:19 GMT
content-type: font/woff2
content-length: 110228
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 2.2.0
x-jsd-version-type: version
etag: W/"1ae94-VFyKsHlKAiFxHgBHrz5AMsFNSnU"
x-served-by: cache-fra-etou8220045-FRA, cache-lga21922-LGA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 17171145
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K2xLoCE0jm%2FkV%2Fct8moajKWlUovkj4gOx%2B2MCDi%2F4qNJocVHxuI6LYhGeXK0nvJwRgZf1lPPX5aoM9xv8mYia5bFTUS05DSiOdeXiTl0xFNrA4O7t4VKl8tg2SMg53LqQLY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 93dafc822fd256ab-OSL
server-timing: cfExtPri

s.optvz.com/cimp.php?data=TVRjME5qZzVOak0yTUh3M05UZ3hNelpqT1RJM05ESTVaRE0yTmpFeU16VTBPRFUwTUdJelptUTNNUS0tfC9saWJyYXJ5Lzg2NTg5MC8xMzA2MWYyNzJkMWM4ZmQ1ZDRkMzYyNDk0Mzc2YjA5ZWM3MTAyZGUzLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfG15YmlkLmlvfDg2NTg5MHw1OTk5MTh8MTAxMTYzNnw1MzQzNjkyfDk3fDY1NDczNjJ8OTY0ODk1NDJ8NDB8M3wwfDB8MjUzNDR8MHwwLjZ8NzB8VVNEfFVTRHwxfDF8NDN8MTkyeDE5MnwxfE5PUnx8MjB8NHwxfHxkY2ZlZjIzZjE0NjQxNjRhOWJhYWI5NGRlMzg5NDdmN3xmYjk2MGMyNGMwOGVjMWZmNjc4ZDcyYzM4NTU5M2E0YnwxfDB8bGVha3RhcGUuY29tfDB8OTkzNTZ8MjA1MzMyfDAuMDF8MXwwfGV4Y2hhbmdlX2luX3BhZ2VfcHVzaF9ub3RpZmljYXRpb258MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8MXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8MjR8MzN8MHwxfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDR8MC4zNTEzNzkzMXwwLjAwMXwwLjAwMXwwLjAwNnwxfDJ8MHxydGIuZXhvY2xpY2suY29tfHx8fE9LfGIyZjI5YWNlY2VhYmU0MjRjMzgxNTBmYjJlNmM5Zjgy&bs=TVRjME5qZzVOak0yTUh3M05UZ3hNelpqT1RJM05ESTVaRE0yTmpFeU16VTBPRFUwTUdJelptUTNNUS0tfDR8MC4xfDAuNnwwLjZ8MHxPS3w0MmU0ZjVlNmU3ODE5MDM0Yjg3NmJjMDEwYWE4Mzg5Nw--&cb=e2e_681f85e844cc48.18014124

95.211.229.246

302 Found

11 kB

URL GET
s.optvz.com/cimp.php?data=TVRjME5qZzVOak0yTUh3M05UZ3hNelpqT1RJM05ESTVaRE0yTmpFeU16VTBPRFUwTUdJelptUTNNUS0tfC9saWJyYXJ5Lzg2NTg5MC8xMzA2MWYyNzJkMWM4ZmQ1ZDRkMzYyNDk0Mzc2YjA5ZWM3MTAyZGUzLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfG15YmlkLmlvfDg2NTg5MHw1OTk5MTh8MTAxMTYzNnw1MzQzNjkyfDk3fDY1NDczNjJ8OTY0ODk1NDJ8NDB8M3wwfDB8MjUzNDR8MHwwLjZ8NzB8VVNEfFVTRHwxfDF8NDN8MTkyeDE5MnwxfE5PUnx8MjB8NHwxfHxkY2ZlZjIzZjE0NjQxNjRhOWJhYWI5NGRlMzg5NDdmN3xmYjk2MGMyNGMwOGVjMWZmNjc4ZDcyYzM4NTU5M2E0YnwxfDB8bGVha3RhcGUuY29tfDB8OTkzNTZ8MjA1MzMyfDAuMDF8MXwwfGV4Y2hhbmdlX2luX3BhZ2VfcHVzaF9ub3RpZmljYXRpb258MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8MXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8MjR8MzN8MHwxfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDR8MC4zNTEzNzkzMXwwLjAwMXwwLjAwMXwwLjAwNnwxfDJ8MHxydGIuZXhvY2xpY2suY29tfHx8fE9LfGIyZjI5YWNlY2VhYmU0MjRjMzgxNTBmYjJlNmM5Zjgy&bs=TVRjME5qZzVOak0yTUh3M05UZ3hNelpqT1RJM05ESTVaRE0yTmpFeU16VTBPRFUwTUdJelptUTNNUS0tfDR8MC4xfDAuNnwwLjZ8MHxPS3w0MmU0ZjVlNmU3ODE5MDM0Yjg3NmJjMDEwYWE4Mzg5Nw--&cb=e2e_681f85e844cc48.18014124
IP
95.211.229.246:443
ASN
#60781 LeaseWeb Netherlands B.V.

Requested by
https://www.leaktape.com/
Certificate
IssuerLet's Encrypt
Subjectoptvz.com
FingerprintFD:78:F4:5D:F9:BF:D6:97:F7:35:39:54:A8:24:79:F5:C6:BC:4A:83
ValiditySun, 06 Apr 2025 13:39:50 GMT - Sat, 05 Jul 2025 13:39:49 GMT

File type

Size
11 kB (11064 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cimp.php?data=TVRjME5qZzVOak0yTUh3M05UZ3hNelpqT1RJM05ESTVaRE0yTmpFeU16VTBPRFUwTUdJelptUTNNUS0tfC9saWJyYXJ5Lzg2NTg5MC8xMzA2MWYyNzJkMWM4ZmQ1ZDRkMzYyNDk0Mzc2YjA5ZWM3MTAyZGUzLmpwZ3xodHRwc3w5MS45MC40Mi4xNTR8Tk9SfDQxfG15YmlkLmlvfDg2NTg5MHw1OTk5MTh8MTAxMTYzNnw1MzQzNjkyfDk3fDY1NDczNjJ8OTY0ODk1NDJ8NDB8M3wwfDB8MjUzNDR8MHwwLjZ8NzB8VVNEfFVTRHwxfDF8NDN8MTkyeDE5MnwxfE5PUnx8MjB8NHwxfHxkY2ZlZjIzZjE0NjQxNjRhOWJhYWI5NGRlMzg5NDdmN3xmYjk2MGMyNGMwOGVjMWZmNjc4ZDcyYzM4NTU5M2E0YnwxfDB8bGVha3RhcGUuY29tfDB8OTkzNTZ8MjA1MzMyfDAuMDF8MXwwfGV4Y2hhbmdlX2luX3BhZ2VfcHVzaF9ub3RpZmljYXRpb258MHwwfDMxNDMyNDJ8LTF8MHwzMTQzMjQ0fHx8MXwxNDQwfHwwfDB8MHwwfDB8MHwxfDB8fDh8MXxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0OyBydjoxMzQuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMzQuMHx8MjR8MzN8MHwxfDB8fHwwfDB8MHwwfDB8MHwwfDB8MHwwfDR8MC4zNTEzNzkzMXwwLjAwMXwwLjAwMXwwLjAwNnwxfDJ8MHxydGIuZXhvY2xpY2suY29tfHx8fE9LfGIyZjI5YWNlY2VhYmU0MjRjMzgxNTBmYjJlNmM5Zjgy&bs=TVRjME5qZzVOak0yTUh3M05UZ3hNelpqT1RJM05ESTVaRE0yTmpFeU16VTBPRFUwTUdJelptUTNNUS0tfDR8MC4xfDAuNnwwLjZ8MHxPS3w0MmU0ZjVlNmU3ODE5MDM0Yjg3NmJjMDEwYWE4Mzg5Nw--&cb=e2e_681f85e844cc48.18014124 HTTP/1.1
Host: s.optvz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 10 May 2025 16:59:21 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: __uvt=a%3A1%3A%7Bi%3A0%3Bs%3A32%3A%221d062dac0e8dabcf6a8307594a8d9671%22%3B%7D; expires=Mon, 10 May 2027 16:59:20 GMT; path=; domain=.optvz.com; Secure; SameSite=none
Location: https://s3t3d2y9.afcdn.net/library/865890/13061f272d1c8fd5d4d362494376b09ec7102de3.jpg
X-Robots-Tag: noindex, follow

accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5Mhv08-X7KRofifdqtSgOHDFqLzqC7n1iENi0rTHGjNrAfPu32O2CYKjoQNlArAvUKrbmTKiOw

173.194.73.84

302 Found

0 B

URL GET
accounts.google.com/InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5Mhv08-X7KRofifdqtSgOHDFqLzqC7n1iENi0rTHGjNrAfPu32O2CYKjoQNlArAvUKrbmTKiOw
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://www.leaktape.com/
Certificate
IssuerGoogle Trust Services
Subjectaccounts.google.com
Fingerprint59:74:47:4D:79:55:0E:D6:C9:C5:58:53:27:7B:B5:9B:F6:02:63:84
ValidityMon, 21 Apr 2025 08:42:44 GMT - Mon, 14 Jul 2025 08:42:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /InteractiveLogin?continue=https://m.youtube.com/favicon.ico&hl=en&passive=true&service=youtube&uilel=3&ifkv=ASKV5Mhv08-X7KRofifdqtSgOHDFqLzqC7n1iENi0rTHGjNrAfPu32O2CYKjoQNlArAvUKrbmTKiOw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
content-type: text/html; charset=UTF-8
set-cookie: __Host-GAPS=1:bpewBqVVYDZibUOST084-54eyYEqGQ:aZVW0hA2Fi6FUfWV;Path=/;Expires=Mon, 10-May-2027 16:59:24 GMT;Secure;HttpOnly;Priority=HIGH
x-frame-options: DENY
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Sat, 10 May 2025 16:59:24 GMT
location: https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fm.youtube.com%2Ffavicon.ico&hl=en&ifkv=ASKV5MgYYMqRGidlUF4XwvwCXeblhoje-7c8ozr1a80h6RghOLPQDEX6TgDi3U7EGIbmkW7W6ykRZg&passive=true&service=youtube&uilel=3&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S773633150%3A1746896364927520
strict-transport-security: max-age=31536000; includeSubDomains
report-to: {"group":"coop_gse_qebhlk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gse_qebhlk"}]}
content-security-policy: require-trusted-types-for 'script';report-uri /cspreport, script-src 'nonce-i0bdXGlHahnR9iqbAV4X0Q' 'unsafe-inline' 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /cspreport
cross-origin-opener-policy-report-only: same-origin; report-to="coop_gse_qebhlk"
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 414
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML