Report - dankleaks.top/

Report Overview

Visitedpublic

2025-07-23 17:48:05

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP	Fingerprints
dankleaks.top	unknown	2024-08-14	2024-08-14	2025-04-27	4.6 kB	46 kB	104.21.16.1

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2025-07-23 17:47:45	medium	Client IP	104.21.48.1	ET INFO HTTP Request to a *.top domain

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-07-23	medium	dankleaks.top	Sinkholed

ThreatFox

No alerts detected

JavaScript (1)

	URL	From	Size	First Seen	Last Seen
	dankleaks.top/	ScriptElement	375 B	2023-03-07	2025-08-02
URL dankleaks.top/ IP / ASN 104.21.16.1 #13335 CLOUDFLARENET Introduced by ScriptElement Embedded true Resource Info First Seen 2023-03-07 Last Seen 2025-08-02 Times Seen 167745 Size 375 B (375 bytes) MD5 56df91490fa1984fa82b297dcb23c22d SHA1 2050f127b73f50d21eb9b0a2a3f2aea7d4372ba9 SHA256 275407540ae2d5516300e4027ce994e1c97f958d464e137d0fff116d7acf0f24 Format Code Loading...

HTTP Transactions (10)

URL IP Response Size

GET dankleaks.top/cdn-cgi/images/cf-icon-server.png

104.21.16.1

200 OK

1.4 kB

URL

dankleaks.top/cdn-cgi/images/cf-icon-server.png

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byhttps://dankleaks.top/

Resource Info

File typePNG image data, 95 x 75, 8-bit colormap, non-interlaced

First Seen2023-04-16

Last Seen2025-08-02

Times Seen10043

Size1.4 kB (1384 bytes)

MD52c11e67182601007f577f8bf2c72fee8

SHA101dc915d4745f00632021c05d3eef634747a9c3d

SHA25641553a537f85839927155af093b7bfa1987215f474ed038714609cc48812ea3b

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/images/cf-icon-server.png HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dankleaks.top/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 23 Jul 2025 17:47:53 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=mDuyS4ncKThGltAFqovAXmLi0No6yv32bVlf44w%2FSuoRModmB4TDyUiz1FWAk1ZINBDvoV5GqKfB8pQyNmwaVb5AWJELouLJCjdq"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 963d0168cd5a569c-OSL
X-Firefox-Spdy: h2

GET dankleaks.top/favicon.ico

104.21.16.1

523 No Reason Phrase

7.2 kB

URL

dankleaks.top/favicon.ico

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byhttps://dankleaks.top/

Resource Info

File typeHTML document, ASCII text, with very long lines (555)

First Seen2025-07-23

Last Seen2025-07-23

Times Seen1

Size7.2 kB (7177 bytes)

MD5ca8d7ad157278994ba994744f246d865

SHA1909eea8514e8ce3feda11dc782c3a19e8e82afc0

SHA2561d40beddc684a25a01fee4477009d0f8e0b9c0d598524266505fb20818800861

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 523 No Reason Phrase
date: Wed, 23 Jul 2025 17:47:57 GMT
content-type: text/html; charset=UTF-8
content-length: 7177
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
server: cloudflare
cf-ray: 963d01698e8b569c-OSL
X-Firefox-Spdy: h2

GET dankleaks.top/

104.21.16.1

301 Moved Permanently

7.2 kB

URL

dankleaks.top/

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeN/A

First Seen0001-01-01

Last Seen2025-08-02

Times Seen5605996

Size7.2 kB (7177 bytes)

MD5d41d8cd98f00b204e9800998ecf8427e

SHA1da39a3ee5e6b4b0d3255bfef95601890afd80709

SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Date: Wed, 23 Jul 2025 17:47:47 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://dankleaks.top/
Vary: accept-encoding
Report-To: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zSSfKjawDlcfbYizXcPM4iAQDmpVaa5XoSSyPfrZO7c3h9IirI9L6KsBo9mAU6%2B2MLI4cqr9rWTtVR5e%2BlvYsyPKVixAnU58ZlNJ"}]}
Nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
Server: cloudflare
CF-RAY: 963d0142ba3656c4-OSL
alt-svc: h2=":443"; ma=60

GET dankleaks.top/cdn-cgi/styles/main.css

104.21.16.1

200 OK

8.0 kB

URL

dankleaks.top/cdn-cgi/styles/main.css

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byhttps://dankleaks.top/

Resource Info

File typeASCII text, with very long lines (8012)

First Seen2023-04-05

Last Seen2025-08-02

Times Seen29401

Size8.0 kB (8013 bytes)

MD5ff26f59e28a5fe6ea4ab23586415696b

SHA14182675484d175e363cd34b43041b7b1af93d0cd

SHA256d30b4ea6f68456672f5abb35e9dcf7d54226372b66e9d60a7ee26b7a52568e74

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/styles/main.css HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dankleaks.top/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 23 Jul 2025 17:47:53 GMT
content-type: text/css
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=m0sG9KoDinZ5%2FV8FvyfiWMpT1XAS7qzMrKSkAAzGIKpt6IqyxfKJHa1ju%2FnPQ1f4FwDOhZAI6%2BIawcb2T%2FRkxAdYWnnfXGYADizP"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
content-encoding: br
server: cloudflare
cf-ray: 963d01685c83569c-OSL
X-Firefox-Spdy: h2

GET dankleaks.top/cdn-cgi/images/cf-icon-cloud.png

104.21.16.1

200 OK

1.5 kB

URL

dankleaks.top/cdn-cgi/images/cf-icon-cloud.png

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byhttps://dankleaks.top/

Resource Info

File typePNG image data, 152 x 77, 8-bit colormap, non-interlaced

First Seen2023-04-09

Last Seen2025-08-02

Times Seen10036

Size1.5 kB (1484 bytes)

MD53ec81e5e3a4de9fec46ce9e6999b9e27

SHA18f03b6857ab8d31feb65f97b1ae6b678efdc2ddd

SHA2563a223426c67a0a33ff57af68a57fb589fea36af2a6e8f9dae7798c77471e0e58

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/images/cf-icon-cloud.png HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dankleaks.top/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 23 Jul 2025 17:47:53 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=XbKqhbNbpP2uCiHIjiOqiBEw%2BTxM1%2FnqPxbZk0fjfgoB6tYHsncunGUG73cl5Dmt7PbeCnQYCZvGk%2FV4rWQX5FN2PT08eXZ9t7LN"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 963d0168cd4e569c-OSL
X-Firefox-Spdy: h2

GET dankleaks.top/cdn-cgi/images/cf-icon-ok.png

104.21.16.1

200 OK

946 B

URL

dankleaks.top/cdn-cgi/images/cf-icon-ok.png

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byhttps://dankleaks.top/

Resource Info

File typePNG image data, 48 x 48, 8-bit colormap, non-interlaced

First Seen2023-04-16

Last Seen2025-08-02

Times Seen10043

Size946 B (946 bytes)

MD5dfaf0fbb758c874be231335db178381d

SHA18f2597eb7ba4c89892aac0559816db3f5280b23e

SHA256ed732380ee3ff0f2d841784da213c8c05d2b5ae187a5217b419d21cae5cedb1b

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/images/cf-icon-ok.png HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dankleaks.top/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 23 Jul 2025 17:47:53 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=xHd3sRR6kkf9%2BGlWdEWe9qz3muDR%2FeB4qP5KnLBkaILG7fnLR7vb1qkgUky7zTXE5Xq%2B3hEDQ1VighEQ%2F8YXL8i%2BOAzGREtf%2Fxy3"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 963d0168bd4b569c-OSL
X-Firefox-Spdy: h2

GET dankleaks.top/cdn-cgi/images/cf-icon-error.png

104.21.16.1

200 OK

854 B

URL

dankleaks.top/cdn-cgi/images/cf-icon-error.png

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byhttps://dankleaks.top/

Resource Info

File typePNG image data, 48 x 48, 8-bit colormap, non-interlaced

First Seen2023-04-21

Last Seen2025-08-02

Times Seen10046

Size854 B (854 bytes)

MD5e5577f04b6d92590410e26bd2292933b

SHA116946b2c99d98a57f83eac170ce94b012b7d1a7b

SHA25667f70597a183fbca7fac55d609fbaac5c34bb4d4d32a0530bbbbb42591f2de2f

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/images/cf-icon-error.png HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dankleaks.top/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 23 Jul 2025 17:47:53 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=WSsyKXbmdZm6glzj%2FYV%2Bh0qALdlxRy%2BRtg3o1%2FA3dJAQ5lsU4AYdMWeZ98kE3x6FSixMK%2F%2Ff7DMoH%2BHEaMvCNyT938bcdIJAdscG"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 963d0168cd66569c-OSL
X-Firefox-Spdy: h2

GET dankleaks.top/

104.21.16.1

523 No Reason Phrase

7.2 kB

URL

dankleaks.top/

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (555)

First Seen2025-07-23

Last Seen2025-07-23

Times Seen1

Size7.2 kB (7177 bytes)

MD537e3c97aada6de71f19e1509208d9464

SHA143b69aaf05c2eae5e63914455bab1d60ce1351cf

SHA2564a4edbdcd6e3f916653fc6143d0e5987db3b0e424d703d7f522c367c5044a201

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 523 No Reason Phrase
date: Wed, 23 Jul 2025 17:47:46 GMT
content-type: text/html; charset=UTF-8
content-length: 7177
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
server: cloudflare
cf-ray: 963d0128aa2a569c-OSL
X-Firefox-Spdy: h2

GET dankleaks.top/

104.21.16.1

523 No Reason Phrase

7.2 kB

URL

dankleaks.top/

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (555)

First Seen2025-07-23

Last Seen2025-07-23

Times Seen1

Size7.2 kB (7177 bytes)

MD5e1484117b2d96e423b87e09fc2fd0c82

SHA113b7ab8e94f7a61dd53ffb8d72c715f7fb05e40f

SHA256d18ca24c90d2c1a50e22c93d037222ebc81a61ab9379a73c37e968b0e87fd6c7

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed
suricata	medium	ET INFO HTTP Request to a *.top domain

HTTP Headers

GET / HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 523 No Reason Phrase
date: Wed, 23 Jul 2025 17:47:52 GMT
content-type: text/html; charset=UTF-8
content-length: 7177
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
referrer-policy: same-origin
x-frame-options: SAMEORIGIN
server: cloudflare
cf-ray: 963d0142e9db569c-OSL
X-Firefox-Spdy: h2

GET dankleaks.top/cdn-cgi/images/cf-icon-browser.png

104.21.16.1

200 OK

484 B

URL

dankleaks.top/cdn-cgi/images/cf-icon-browser.png

IP / ASN

104.21.16.1

#13335 CLOUDFLARENET

Requested byhttps://dankleaks.top/

Resource Info

File typePNG image data, 100 x 80, 8-bit colormap, non-interlaced

First Seen2023-04-16

Last Seen2025-08-02

Times Seen9991

Size484 B (484 bytes)

MD559caf3c7eb63af78f12db37f41433779

SHA18024e688e78e910ae1ea3bc25be7a7ab65444b02

SHA25678a7d8b29cabf16831417dba1b9bbe36fae0d060a35a495e8f10e9663b3c9e65

Certificate Info

IssuerGoogle Trust Services

Subjectdankleaks.top

FingerprintB0:14:FB:C1:82:3B:EA:7A:02:50:BF:E0:7A:E4:35:62:05:12:43:8E

ValidityThu, 05 Jun 2025 16:05:26 GMT - Wed, 03 Sep 2025 17:03:05 GMT

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /cdn-cgi/images/cf-icon-browser.png HTTP/1.1
Host: dankleaks.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dankleaks.top/cdn-cgi/styles/main.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Wed, 23 Jul 2025 17:47:53 GMT
content-type: image/png
vary: accept-encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=z0gZgkJAPSkiPLkjyvHUHONp4z%2BJI2Ue%2FHwmmUIpvrSdwh%2BUFz%2BComdU22iab011vgmPq0WrUebRQ8nrOuzYIkX9%2FNmAmEbXOsTm"}]}
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
server: cloudflare
cf-ray: 963d0168bd46569c-OSL
X-Firefox-Spdy: h2