Report - driveleech.org/file/Ml8udw6J9ILndx6bkOuS

Report Overview

Visited public
2023-10-29 17:45:21
Tags
Submit Tags
URL
driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Finishing URL
driveleech.org/file/Ml8udw6J9ILndx6bkOuS
IP / ASN
172.67.203.73
#13335 CLOUDFLARENET
Title
Loki.S01E01.2021.2160p.SDR.DSNP.WEB-DL.x265.ENG-HIN.DDP5.1.HEVC.mkv

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
driveleech.org	unknown	2023-02-04	2023-02-04 10:10:59	2023-10-28 03:01:09	1.6 kB	753 kB	172.67.203.73
mimicdisperse.com	unknown	2023-10-10	2023-10-10 15:41:52	2023-10-28 16:25:51	4.9 kB	6.6 kB	173.233.137.60
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2023-10-29 18:21:16	880 B	17 kB	142.250.74.106
challenges.cloudflare.com	unknown	2009-02-17	2021-10-20 07:02:03	2023-10-29 18:04:54	917 B	69 kB	104.17.3.184
dialoguemarvellouswound.com	unknown	2022-08-18	2022-08-18 03:21:00	2023-09-16 17:48:45	447 B	24 kB	192.243.59.13
professionalswebcheck.com	unknown	2022-04-01	2022-04-02 00:47:29	2023-10-28 18:37:49	434 B	421 B	18.192.148.150
oppositevarietiesdepict.com	unknown	2023-10-10	2023-10-10 14:51:20	2023-10-29 02:16:08	942 B	16 kB	192.243.61.227
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-10-29 18:17:53	1.0 kB	33 kB	216.58.207.227
friendshipmale.com	unknown	2022-10-21	2022-10-21 14:15:25	2023-10-28 18:37:49	804 B	173 kB	172.64.99.2
banquetunarmedgrater.com	unknown	2022-08-04	2022-08-04 17:12:50	2023-10-28 18:37:49	414 B	843 B	172.67.219.12
i.imgur.com	5110	2009-01-09	2012-05-21 10:09:36	2023-10-28 17:59:12	852 B	1.6 kB	151.101.244.193
cdn.cloudimagesb.com	23099	2020-10-06	2021-02-12 17:15:41	2023-10-28 19:45:58	442 B	33 kB	45.133.44.9
cdn.barscreative1.com	25648	2021-09-08	2021-09-16 13:14:42	2023-10-28 16:25:22	488 B	1.0 kB	45.133.44.4
cdnjs.cloudflare.com	235	2009-02-17	2015-04-17 22:46:33	2023-10-29 18:13:58	2.1 kB	187 kB	104.17.24.14
push-sdk.com	unknown	2022-10-25	2022-12-23 15:43:48	2023-10-29 00:34:15	870 B	15 kB	157.90.88.11
unseenreport.com	unknown	2022-03-30	2022-03-30 16:33:17	2023-10-28 18:37:16	1.5 kB	847 B	192.243.61.227
cdn.creative-bars1.com	unknown	2022-11-01	2022-11-15 17:46:22	2023-10-28 18:37:17	1.9 kB	92 kB	172.64.102.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-10-29	medium	oppositevarietiesdepict.com	Sinkholed
2023-10-29	medium	oppositevarietiesdepict.com	Sinkholed
2023-10-29	medium	unseenreport.com	Sinkholed
2023-10-29	medium	mimicdisperse.com	Sinkholed
2023-10-29	medium	mimicdisperse.com	Sinkholed
2023-10-29	medium	mimicdisperse.com	Sinkholed
2023-10-29	medium	unseenreport.com	Sinkholed
2023-10-29	medium	mimicdisperse.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (13)

	URL	From	Size	First Seen	Last Seen
	driveleech.org/file/Ml8udw6J9ILndx6bkOuS	ScriptElement	77 B	2023-09-16	2025-07-09
Pretty URL driveleech.org/file/Ml8udw6J9ILndx6bkOuS IP 172.67.203.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-16 17:48 Last Seen2025-07-09 10:23 Times Seen83 Hash 62a18a19ed36f04e3049dec097bc5dda da9d42ddb7858c22ae42246fcf4c82583cd977e9 a3935ac9dae96466669dc1f2d869346278af63b1396d3d316a8a1894acb57b11 Loading...

	unknown	ScriptElement	659 B	2023-06-13	2024-08-20
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-06-13 20:22 Last Seen2024-08-20 22:03 Times Seen2 Hash a516c629749e450eaf38ea7bd9846af1 9652e1ce76eae2601b741bed48ebbadf24b44c87 a4fb45f44de9a890904e5f3c9cf2419996d3a65cdd843b264aff786b35849a99 Loading...

	banquetunarmedgrater.com/advertisers.js	ScriptElement	0 B	0001-01-01	2025-07-13
Pretty URL banquetunarmedgrater.com/advertisers.js IP 172.67.219.12 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen0001-01-01 00:00 Last Seen2025-07-13 05:15 Times Seen5412198 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	oppositevarietiesdepict.com/01/d4/69/01d469142f198ed5932aff8b9bb4d31c.js	ScriptElement	41 kB	2023-10-29	2023-10-29
Pretty URL oppositevarietiesdepict.com/01/d4/69/01d469142f198ed5932aff8b9bb4d31c.js IP 192.243.61.227 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-29 18:45 Last Seen2023-10-29 18:45 Times Seen1 Hash 8db08563add748d3722ce1ea78420c1a a0185007bccc6981355fe8f86bf9b6b118d8f955 d5148ebce12478d7ced1b95d192673cf3e542e6f712ad2b20cb4117e6a2516cd Loading...

	driveleech.org/file/Ml8udw6J9ILndx6bkOuS	ScriptElement	500 B	2023-03-29	2025-06-20
Pretty URL driveleech.org/file/Ml8udw6J9ILndx6bkOuS IP 172.67.203.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-29 21:30 Last Seen2025-06-20 19:03 Times Seen37 Hash 0307a0b4c2f2e02aba29c5427bc846fb 92fdfc32e30c85e1a0b0cb64185f37ad6fb3f887 d92d5cad0568f925036b409946de2387c0682758dddcbe4c2aba6bfc5d0811c3 Loading...

	driveleech.org/file/Ml8udw6J9ILndx6bkOuS	ScriptElement	6.5 kB	2024-08-20	2024-08-20
Pretty URL driveleech.org/file/Ml8udw6J9ILndx6bkOuS IP 172.67.203.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2024-08-20 21:54 Last Seen2024-08-20 21:54 Times Seen1 Hash f960cc0331c618474333ce062f1e411b 3284201b4bc26f01af5bc6142a5781f4c7b604e0 1c597789ace202d02fc6a2190d9826d011cc6f299779b517c5e67343045a40e6 Loading...

	friendshipmale.com/sfp.js	ScriptElement	86 kB	2023-08-25	2023-11-23
Pretty URL friendshipmale.com/sfp.js IP 172.64.99.2 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-08-25 12:30 Last Seen2023-11-23 01:47 Times Seen6642 Hash 2d0450888479d4ddda305bd96206b240 5b4595aab1cd3f854718e05db9be0c65a12ab2f6 44de073e74ff24c6b1c0fe1f3ac5b33d793560e85ef24fb6ce89e76c2cf90af6 Loading...

	dialoguemarvellouswound.com/4c/be/72/4cbe72587f6e9ca9ffb0658725161a01.js	ScriptElement	60 kB	2023-10-29	2023-10-29
Pretty URL dialoguemarvellouswound.com/4c/be/72/4cbe72587f6e9ca9ffb0658725161a01.js IP 192.243.59.13 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-29 18:45 Last Seen2023-10-29 18:45 Times Seen1 Hash 6cf33d6ab4de778735f9f925555e6e58 82e69763d2f1f4277502acbdcee895f16fb31b96 f612126de7e7a54a12683d832d3aba97db3d479753ceff2c770601a701c006f3 Loading...

	driveleech.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js	ScriptElement	1.2 MB	2023-03-26	2025-07-09
Pretty URL driveleech.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js IP 172.67.203.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 04:27 Last Seen2025-07-09 10:23 Times Seen118 Hash ecbe27474ff737c51caa845a21ec36a8 61c9d5dcaa862083e7c5fc49baa8623b66fd7cc8 487155a58bd6d8049ba1e5a1f9254d85d86dd32c2f7761013c9d31884c47c864 Loading...

	driveleech.org/file/Ml8udw6J9ILndx6bkOuS	ScriptElement	254 B	2023-03-26	2025-07-09
Pretty URL driveleech.org/file/Ml8udw6J9ILndx6bkOuS IP 172.67.203.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-26 04:27 Last Seen2025-07-09 10:23 Times Seen70 Hash 3db2b487c91efeb4823c23b39c1ff8ef e0d46fcdcb896102c717e1212c52df1f6d12f676 e7314d3f22575c29f4cc5045e172a6ac07e7aabc860990c87c966c36a3168320 Loading...

	push-sdk.com/f/sdk.js?z=972674	ScriptElement	52 kB	2023-07-20	2023-12-08
Pretty URL push-sdk.com/f/sdk.js?z=972674 IP 157.90.88.11 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-07-20 02:34 Last Seen2023-12-08 13:31 Times Seen701 Hash a07a77eefd03b9578b1831c5fb75607c 2bf5c651a524f2ccb3972a05be4495795ad3bd9c 1aec49df5df0fb6658643bc92aa24749b57920bccb1d58abed8e339d63d23bc8 Loading...

	driveleech.org/file/Ml8udw6J9ILndx6bkOuS	ScriptElement	713 B	2023-09-16	2025-06-20
Pretty URL driveleech.org/file/Ml8udw6J9ILndx6bkOuS IP 172.67.203.73 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-09-16 17:48 Last Seen2025-06-20 19:03 Times Seen28 Hash ff0396813cefc2df9eba164ea68dc00e 436962b1a099baddfaf52f78695273ce1b8811e4 f0fd2f8d942a7930766d3a72b3f7b50600a44c77158f051d97ce4e9e0b88ec62 Loading...

	challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback	ScriptElement	34 kB	2023-10-24	2023-11-01
Pretty URL challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback IP 104.17.3.184 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-10-24 12:31 Last Seen2023-11-01 00:24 Times Seen6898 Hash 98903b4785f1b91f9c957fd50c695f22 2fb6abca2c90b53346369175f461d8fc0910cc4e bc0c362431a3e24bc0b73971c115a3a077dd40761069cb160ad402c40c529caa Loading...

HTTP Transactions (36)

URL IP Response Size

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

104.17.24.14

200 OK

10 kB

URL GET HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
ASCII text, with very long lines (59158)
Size
10 kB (10491 bytes)
Hash
b227b1617a1763c8bc056772f05482b4
c508528feb9fd540454f838653cd4863b290df2e
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

HTTP Headers

GET /ajax/libs/font-awesome/5.15.1/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:02 GMT
content-type: text/css; charset=utf-8
content-length: 10491
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f7b5b5f-e7d0"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 234819
expires: Fri, 18 Oct 2024 17:45:02 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLOw4dr1gbFaBrtICIzvnz6VLKrLzO24JscgUCTmS%2BbNzVrH2UqUhBGgTDkVct0LGC54bpvL2U0IKpsFF81YPJa2ef7XI9teYjtwPtVdCiuqZ1GqHrGtkn3%2FIRemCoI2CXMbLJfe"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81dd3ae0ceb1b50c-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

104.17.24.14

200 OK

80 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 80300, version 331.-31392\012- data
Size
80 kB (80300 bytes)
Hash
8e1ed89b6ccb8ce41faf5cb672677105
9b592048b9062b00f0b2dd782d70a95b7dc69b83
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7

HTTP Headers

GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 29 Oct 2023 17:45:03 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 80300
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-139ac"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 219844
expires: Fri, 18 Oct 2024 17:45:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lAFpHvZHacEQxi0drDhV0u%2BndXDJv8S56kzebP2Ldyknu%2BAGySXtCXbt8XpEjhH9t5rZ7HbFwJyLD3rKwucAbaO4wpX0SsvAgTxNNy64EU1x5FR8u7Ar%2B6LIsIKAynxF%2FAo68kJK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81dd3ae1fb2d1c16-OSL
alt-svc: h3=":443"; ma=86400

GET driveleech.org/file/Ml8udw6J9ILndx6bkOuS

172.67.203.73

200 OK

18 kB

URL User Request GET HTTP/2
driveleech.org/file/Ml8udw6J9ILndx6bkOuS
IP
172.67.203.73:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintAB:50:0A:5D:FE:EC:B9:1D:5E:E5:83:B3:DE:A1:26:D9:1B:5B:EB:9A
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (393)
Size
18 kB (17644 bytes)
Hash
ca0052d1beffc65ff774f7d8e87560d3
ad8668fc1e6ab548f8ddb2fb711c7277050b6976
d9e9818ea30bea95062b765bbdd0a9eced359c76c720c503209c125b7b2e5a53

HTTP Headers

GET /file/Ml8udw6J9ILndx6bkOuS HTTP/1.1
Host: driveleech.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:02 GMT
content-type: text/html; charset=UTF-8
set-cookie: PHPSESSID=b685b12ff922aefb81baa1fb51655aa3; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jwlhYDmENjluvBe7TyAts7mZrLWmiOYF5nI4yZa1wKop7rMeCDvXFbOSCdyUbimz%2BuTOIInQ7t3UoPTeDLv83mTprABX1sFjFfQ88RbIXfD1mRpHEu702Z0AyXjjyD4gDQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81dd3adc7e6156be-OSL
content-encoding: br
X-Firefox-Spdy: h2

GET dialoguemarvellouswound.com/4c/be/72/4cbe72587f6e9ca9ffb0658725161a01.js

192.243.59.13

200 OK

24 kB

URL GET HTTP/1.1
dialoguemarvellouswound.com/4c/be/72/4cbe72587f6e9ca9ffb0658725161a01.js
IP
192.243.59.13:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectdialoguemarvellouswound.com
Fingerprint5D:B5:98:AE:F2:CE:58:D1:60:BA:7C:13:3C:7C:0F:60:BE:77:2A:FE
ValidityThu, 12 Oct 2023 06:39:22 GMT - Wed, 10 Jan 2024 06:39:21 GMT

File type
ASCII text, with very long lines (60345), with no line terminators
Size
24 kB (23558 bytes)
Hash
6cf33d6ab4de778735f9f925555e6e58
82e69763d2f1f4277502acbdcee895f16fb31b96
f612126de7e7a54a12683d832d3aba97db3d479753ceff2c770601a701c006f3

HTTP Headers

GET /4c/be/72/4cbe72587f6e9ca9ffb0658725161a01.js HTTP/1.1
Host: dialoguemarvellouswound.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.19.5
Date: Sun, 29 Oct 2023 17:45:03 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f1d966e9685905944d2bc16ca5abf825
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

104.17.24.14

200 OK

78 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 78460, version 331.-31392\012- data
Size
78 kB (78460 bytes)
Hash
f075c50f89795e4cdb4d45b51f1a6800
f726c4275bb494a045fde059175f072de06c01df
71b3ce72680f4183d28db86b184542051fd533bb1146933233e4f6a20cf98cba

HTTP Headers

GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 29 Oct 2023 17:45:03 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 78460
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-1327c"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 56835
expires: Fri, 18 Oct 2024 17:45:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F23IxHBuj9wtu6EmhK973TeM0%2Bq8oZGaRZrE5jEPKmfnrHg0GBHBwB67CQyI0rjORxUP%2FQMiXAkDfrkcfYgQ1FMPGlctYESSVDNePpuLm%2B96vH6AiuOgQONQ9KdXCHJfCFaHNZ%2BU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81dd3ae75f7d1c16-OSL
alt-svc: h3=":443"; ma=86400

GET professionalswebcheck.com/stats

18.192.148.150

200 OK

40 B

URL GET HTTP/2
professionalswebcheck.com/stats
IP
18.192.148.150:443
ASN
#16509 AMAZON-02

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerAmazon
Subjectprofessionalswebcheck.com
Fingerprint75:E9:08:FD:96:58:C7:98:43:E8:21:27:A8:E9:B9:A4:55:28:F2:0C
ValidityWed, 30 Aug 2023 00:00:00 GMT - Fri, 27 Sep 2024 23:59:59 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
77cec654951dd5cd4321ecb05eb45f4d
8a41cedc9aa39a346d5e5fd450f85ca369fcb4b8
45d5e9d7b7f823ae8094e067f4af04ea24a879b4a9d0059ae9bdd6c264c61e65

HTTP Headers

GET /stats HTTP/1.1
Host: professionalswebcheck.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:03 GMT
content-type: text/html; charset=UTF-8
content-length: 40
server: fasthttp
access-control-allow-origin: https://driveleech.org
vary: Origin
access-control-allow-credentials: true
set-cookie: uid_id2=efc112fa-0dd9-4600-b02d-aab7d29395f7:3:1; expires=Wed, 26 Oct 2033 17:45:03 GMT; secure; SameSite=None
X-Firefox-Spdy: h2

GET push-sdk.com/f/sdk.js?z=972674

157.90.88.11

200 OK

14 kB

URL GET HTTP/2
push-sdk.com/f/sdk.js?z=972674
IP
157.90.88.11:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.com
FingerprintF9:D9:72:BA:41:98:98:BD:BA:0C:4C:D3:1F:F3:3C:B6:F5:3C:2D:8D
ValidityMon, 21 Aug 2023 03:30:42 GMT - Sun, 19 Nov 2023 03:30:41 GMT

File type
Unicode text, UTF-8 text, with very long lines (51737), with no line terminators
Size
14 kB (14071 bytes)
Hash
a07a77eefd03b9578b1831c5fb75607c
2bf5c651a524f2ccb3972a05be4495795ad3bd9c
1aec49df5df0fb6658643bc92aa24749b57920bccb1d58abed8e339d63d23bc8

HTTP Headers

GET /f/sdk.js?z=972674 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sun, 29 Oct 2023 17:45:04 GMT
content-type: application/javascript; charset=utf-8
content-length: 14071
content-encoding: gzip
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate
X-Firefox-Spdy: h2

POST push-sdk.com/event?z=972674

157.90.88.11

200 OK

0 B

URL POST HTTP/2
push-sdk.com/event?z=972674
IP
157.90.88.11:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectpush-sdk.com
FingerprintF9:D9:72:BA:41:98:98:BD:BA:0C:4C:D3:1F:F3:3C:B6:F5:3C:2D:8D
ValidityMon, 21 Aug 2023 03:30:42 GMT - Sun, 19 Nov 2023 03:30:41 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?z=972674 HTTP/1.1
Host: push-sdk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 82
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Sun, 29 Oct 2023 17:45:04 GMT
content-length: 0
access-control-allow-origin: https://driveleech.org
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization, X-CSRF-Token
access-control-expose-headers: Authorization
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, no-store
pragma: no-cache
expires: Tue, 11 Jan 1994 00:00:00 GMT
accept-ch: Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Bitness, Sec-CH-UA-Wow64
X-Firefox-Spdy: h2

GET oppositevarietiesdepict.com/pixel/purst?dl=0&th=0&sc=0&rs=1685&rd=1685&fd=993&bv=23.10.v.29&tmpl=70

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
oppositevarietiesdepict.com/pixel/purst?dl=0&th=0&sc=0&rs=1685&rd=1685&fd=993&bv=23.10.v.29&tmpl=70
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectoppositevarietiesdepict.com
Fingerprint4A:D4:56:B3:87:61:93:20:54:A8:1D:C4:9C:51:54:86:E5:BE:3D:B5
ValidityTue, 10 Oct 2023 08:32:57 GMT - Mon, 08 Jan 2024 08:32:56 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/purst?dl=0&th=0&sc=0&rs=1685&rd=1685&fd=993&bv=23.10.v.29&tmpl=70 HTTP/1.1
Host: oppositevarietiesdepict.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Oct 2023 17:45:04 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET banquetunarmedgrater.com/advertisers.js

172.67.219.12

200 OK

0 B

URL GET HTTP/2
banquetunarmedgrater.com/advertisers.js
IP
172.67.219.12:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subjectbanquetunarmedgrater.com
Fingerprint77:2B:76:51:D0:51:70:02:2E:BF:B7:9B:02:8B:5A:A4:91:FA:0B:9E
ValidityMon, 11 Sep 2023 08:34:11 GMT - Sun, 10 Dec 2023 08:34:10 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /advertisers.js HTTP/1.1
Host: banquetunarmedgrater.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:04 GMT
content-type: application/javascript
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=172800
x-request-id: 008906c6180eed6904fcc3c4c2af3fcc
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 17:45:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UdWL8HnQ1vl%2BqZw6XMps1ceU4sa7NKNkFfy5oEyxcVSgrlgZRZRpdSpy7joBHP8GOJdA5p56sSZMr5KS%2BsXsnytYqYwnslqGgk%2BUIovjfXUzAs%2FIHa7rSktrLUGbc2E2uG%2BKJB6I6Cr5xPw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd3ae8fefb569d-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET oppositevarietiesdepict.com/01/d4/69/01d469142f198ed5932aff8b9bb4d31c.js

192.243.61.227

200 OK

14 kB

URL GET HTTP/1.1
oppositevarietiesdepict.com/01/d4/69/01d469142f198ed5932aff8b9bb4d31c.js
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectoppositevarietiesdepict.com
Fingerprint4A:D4:56:B3:87:61:93:20:54:A8:1D:C4:9C:51:54:86:E5:BE:3D:B5
ValidityTue, 10 Oct 2023 08:32:57 GMT - Mon, 08 Jan 2024 08:32:56 GMT

File type
ASCII text, with very long lines (40558), with no line terminators
Size
14 kB (14290 bytes)
Hash
8db08563add748d3722ce1ea78420c1a
a0185007bccc6981355fe8f86bf9b6b118d8f955
d5148ebce12478d7ced1b95d192673cf3e542e6f712ad2b20cb4117e6a2516cd

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /01/d4/69/01d469142f198ed5932aff8b9bb4d31c.js HTTP/1.1
Host: oppositevarietiesdepict.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Oct 2023 17:45:04 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: edbd33cabb4210bf403dc8ead4de9db0
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET i.imgur.com/sVViVY2.png

151.101.244.193

302 Found

0 B

URL GET HTTP/2
i.imgur.com/sVViVY2.png
IP
151.101.244.193:443
ASN
#54113 FASTLY

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sVViVY2.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
retry-after: 0
location: https://i.imgur.com/removed.png
accept-ranges: bytes
date: Sun, 29 Oct 2023 17:45:04 GMT
age: 0
x-served-by: cache-iad-kiad7000165-IAD, cache-hel1410032-HEL
x-cache: HIT, MISS
x-cache-hits: 0, 0
x-timer: S1698601504.466303,VS0,VE116
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
content-length: 0
X-Firefox-Spdy: h2

GET i.imgur.com/removed.png

151.101.244.193

200 OK

503 B

URL GET HTTP/2
i.imgur.com/removed.png
IP
151.101.244.193:443
ASN
#54113 FASTLY

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerSectigo Limited
Subject*.imgur.com
FingerprintD6:4D:45:03:6D:38:F8:FD:EA:AF:E5:92:B3:4D:85:A5:6B:AF:5C:EC
ValidityMon, 13 Mar 2023 00:00:00 GMT - Tue, 12 Mar 2024 23:59:59 GMT

File type
PNG image data, 161 x 81, 1-bit colormap, non-interlaced\012- data
Size
503 B (503 bytes)
Hash
d835884373f4d6c8f24742ceabe74946
20002faf28adfd94ca98cf6ced46f14334b53684
9b5936f4006146e4e1e9025b474c02863c0b5614132ad40db4b925a10e8bfbb9

HTTP Headers

GET /removed.png HTTP/1.1
Host: i.imgur.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://driveleech.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 14 May 2014 05:44:36 GMT
etag: "d835884373f4d6c8f24742ceabe74946"
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
date: Sun, 29 Oct 2023 17:45:04 GMT
age: 19733519
x-served-by: cache-bwi5167-BWI, cache-hel1410032-HEL
x-cache: HIT, HIT
x-cache-hits: 1, 274215
x-timer: S1698601505.651317,VS0,VE0
strict-transport-security: max-age=300
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
server: cat factory 1.0
x-content-type-options: nosniff
content-length: 503
X-Firefox-Spdy: h2

GET driveleech.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js

172.67.203.73

200 OK

277 kB

URL GET HTTP/3
driveleech.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js
IP
172.67.203.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintAB:50:0A:5D:FE:EC:B9:1D:5E:E5:83:B3:DE:A1:26:D9:1B:5B:EB:9A
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT

File type
ASCII text, with very long lines (64452)
Size
277 kB (277181 bytes)
Hash
ecbe27474ff737c51caa845a21ec36a8
61c9d5dcaa862083e7c5fc49baa8623b66fd7cc8
487155a58bd6d8049ba1e5a1f9254d85d86dd32c2f7761013c9d31884c47c864

HTTP Headers

GET /content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/js/mdb.min.js HTTP/1.1
Host: driveleech.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Cookie: PHPSESSID=b685b12ff922aefb81baa1fb51655aa3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sun, 29 Oct 2023 17:45:02 GMT
content-type: application/javascript
cache-control: public, max-age=604800
expires: Sat, 04 Nov 2023 16:10:45 GMT
last-modified: Mon, 11 Sep 2023 15:08:39 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 92057
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7WSdKv%2F7Iq0UyTvsyvAmSzDxN2KcotE6IN1A%2Fxq6uGoVPi1UijyNsXqFEtCuMhacWgJZLabiW40UUyFfbxgwx4zJ%2Fh07PotkHZNVG%2FD1lSipPkaV8x%2Fa1%2BnzpVj1YzpfBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81dd3ae0ae025691-OSL
content-encoding: br

GET unseenreport.com/pxf.gif?uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=4cbe72587f6e9ca9ffb0658725161a01&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17

192.243.61.227

200 OK

1 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=4cbe72587f6e9ca9ffb0658725161a01&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT

File type
very short file (no magic)
Size
1 B (1 bytes)
Hash
93b885adfe0da089cdf634904fd59f71
5ba93c9db0cff93f52b521d7420e43f6eda2784f
6e340b9cffb37a989ca544e6bb780a2c78901d3fb33738768511a30617afa01d

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=4cbe72587f6e9ca9ffb0658725161a01&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Oct 2023 17:45:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: d4512867be5b19c9ae83bffa0eb3c151
Strict-Transport-Security: max-age=0; includeSubdomains

GET mimicdisperse.com/sbar.json?key=01d469142f198ed5932aff8b9bb4d31c&uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7%3A3%3A1

173.233.137.60

200 OK

3.4 kB

URL GET HTTP/1.1
mimicdisperse.com/sbar.json?key=01d469142f198ed5932aff8b9bb4d31c&uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7%3A3%3A1
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectmimicdisperse.com
Fingerprint21:15:39:6E:77:1A:59:CB:E3:78:13:44:CF:D6:93:24:75:BF:26:78
ValidityTue, 10 Oct 2023 08:32:24 GMT - Mon, 08 Jan 2024 08:32:23 GMT

File type
JSON data\012- , ASCII text, with very long lines (6143), with no line terminators
Size
3.4 kB (3406 bytes)
Hash
328a910ccb455bc89b3a109488b8548b
8214bcf10549c09c80cb04f8aadc0e65979b1a62
2eacc92298adea8924704c5f74e52cf1b1b503c8e5ffdeff51dd17af4fcca864

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /sbar.json?key=01d469142f198ed5932aff8b9bb4d31c&uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7%3A3%3A1 HTTP/1.1
Host: mimicdisperse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Oct 2023 17:45:10 GMT
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Custom-Referer: https://driveleech.org
Access-Control-Allow-Origin: https://driveleech.org
Access-Control-Allow-Credentials: true
Set-Cookie: u_pl=18886252; expires=Mon, 30 Oct 2023 17:45:10 GMT; secure; SameSite=None
uid_id2=efc112fa-0dd9-4600-b02d-aab7d29395f7:3:1; expires=Sun, 05 Nov 2023 17:45:10 GMT; secure; SameSite=None
pdhtkv=true; expires=Mon, 30 Oct 2023 17:45:10 GMT; secure; SameSite=None
uncs=1; expires=Mon, 30 Oct 2023 17:45:10 GMT; secure; SameSite=None
pdhtkv29=true; expires=Mon, 30 Oct 2023 17:45:10 GMT; secure; SameSite=None
uncs29=1; expires=Mon, 30 Oct 2023 17:45:10 GMT; secure; SameSite=None
slec01d469142f198ed5932aff8b9bb4d31c=[4697796]; expires=Sun, 29 Oct 2023 17:45:15 GMT; secure; SameSite=None
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 0290e29355c4d6eb23202ba134502cd2
Strict-Transport-Security: max-age=0; includeSubdomains
Content-Encoding: gzip

GET mimicdisperse.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxR%2Bd%2FcbVF1GAaCgiXYH4IeHz7t6e75ZIRITgKML5oYQAHZqdmT0Pnt1Zzezcnk8UFpFQyqOlWr%2BzY4UYCxo6EDqns4TkQxQucIHEH4BAqSjQ2RYHn%2Bbz3r5XvH2f%2BWzLnRAfjh6v3NBDqRRdajf9xqsfBsGlxqrM3aAx6C5%2FtBxdapj%2BG4EfN%2F3XGtcEW9dLoR%2F4fuAHjRVpRKoHS0EQNH3IYi8OmrHfjMJm0I4wMP%2Fl1nmw1APvn5DnIfn0%2F3v7ESSbIM%2B%2BvirseqmL19%2FJnKKlNujz3Xv5eq6rHNkcpsZDmu%2Beu6Ht0cr30PnOaWDo%2Fj%2FGRE6J99uvSPLd85RI%2BjtnQRMFkSPhz6DqTyDUBJJOwPR9SH5EAMZx8xby7OFNbSq6cabSmTolC0%2F%2FgKymZOGXF5Bn%2B1eUHDTuauVKqXOLQVpDDiaQvQkKd4By6EFWB2Dlp5D8R7L0dBV5tn3LKg3Jj18SKQuCMKWLPufxYrTs%2B4uJH%2FJFSpMOD%2BNW3E47pw1JOYFMJ1BiBGovwFkPTnpwqQdXeMj4caPDom6Xd9ucCsbCJA26aZRGMWV%2ByvxWHMKx2T%2BMUBYjMDUCM5sozCbW5QjG%2FQC7VsNyD7Yk6PMalSCoLEFFCSpJUJUEVb%2Fe4cqGtn7IlXVJcL7D892qx7rsbdEdXfZETraKE%2FLcrDiv0VRYF8cNP%2BDRchxEYRrEXcHbcSukadpN4iSJeCtgsLKGtP8DtR6GckouDv9EIadkIfoZCT2AVQdg0gN1F0GrcSf0QdfGUdfHMP%2FKrfFM96WwzcJocF2jKBdQbnhb6oS8eHrBa%2FtPINjh5Tq5Mf390V9gpkZhanwsnxD01IPxHV2R7Tu6suSbW0UpMzmks%2BveLWkpLnz5rtiotOHXr9rRo7fYTJjBvfeELVdpzmXes%2BTxFcm5MCvaMEG%2Bu24%2FEMltZ9euOJO7YvX22yvXs8IIa6XOJ6Dy6P1PwOSUPPv43um7feXbPUgzgXE1MndIzgdSH4AVm7DFPL3VBEbNPUnhoXL12ITJ%2FKOSBErMOU1q2H%2FxZI637AP0jAda3kee1eibGn1Vg6oRrLswLgtzePmn1ukgUd44UcbbTpRRn59Va%2BVxQ3TEchxHftThvp9EPAyDtmC0FdGYhmHaQWmn4s0vXv4bAAD%2F%2FwEAAP%2F%2F1WHVioQEAAA%3D

173.233.137.60

200 OK

7 B

URL GET HTTP/1.1
mimicdisperse.com/ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxR%2Bd%2FcbVF1GAaCgiXYH4IeHz7t6e75ZIRITgKML5oYQAHZqdmT0Pnt1Zzezcnk8UFpFQyqOlWr%2BzY4UYCxo6EDqns4TkQxQucIHEH4BAqSjQ2RYHn%2Bbz3r5XvH2f%2BWzLnRAfjh6v3NBDqRRdajf9xqsfBsGlxqrM3aAx6C5%2FtBxdapj%2BG4EfN%2F3XGtcEW9dLoR%2F4fuAHjRVpRKoHS0EQNH3IYi8OmrHfjMJm0I4wMP%2Fl1nmw1APvn5DnIfn0%2F3v7ESSbIM%2B%2BvirseqmL19%2FJnKKlNujz3Xv5eq6rHNkcpsZDmu%2Beu6Ht0cr30PnOaWDo%2Fj%2FGRE6J99uvSPLd85RI%2BjtnQRMFkSPhz6DqTyDUBJJOwPR9SH5EAMZx8xby7OFNbSq6cabSmTolC0%2F%2FgKymZOGXF5Bn%2B1eUHDTuauVKqXOLQVpDDiaQvQkKd4By6EFWB2Dlp5D8R7L0dBV5tn3LKg3Jj18SKQuCMKWLPufxYrTs%2B4uJH%2FJFSpMOD%2BNW3E47pw1JOYFMJ1BiBGovwFkPTnpwqQdXeMj4caPDom6Xd9ucCsbCJA26aZRGMWV%2ByvxWHMKx2T%2BMUBYjMDUCM5sozCbW5QjG%2FQC7VsNyD7Yk6PMalSCoLEFFCSpJUJUEVb%2Fe4cqGtn7IlXVJcL7D892qx7rsbdEdXfZETraKE%2FLcrDiv0VRYF8cNP%2BDRchxEYRrEXcHbcSukadpN4iSJeCtgsLKGtP8DtR6GckouDv9EIadkIfoZCT2AVQdg0gN1F0GrcSf0QdfGUdfHMP%2FKrfFM96WwzcJocF2jKBdQbnhb6oS8eHrBa%2FtPINjh5Tq5Mf390V9gpkZhanwsnxD01IPxHV2R7Tu6suSbW0UpMzmks%2BveLWkpLnz5rtiotOHXr9rRo7fYTJjBvfeELVdpzmXes%2BTxFcm5MCvaMEG%2Bu24%2FEMltZ9euOJO7YvX22yvXs8IIa6XOJ6Dy6P1PwOSUPPv43um7feXbPUgzgXE1MndIzgdSH4AVm7DFPL3VBEbNPUnhoXL12ITJ%2FKOSBErMOU1q2H%2FxZI637AP0jAda3kee1eibGn1Vg6oRrLswLgtzePmn1ukgUd44UcbbTpRRn59Va%2BVxQ3TEchxHftThvp9EPAyDtmC0FdGYhmHaQWmn4s0vXv4bAAD%2F%2FwEAAP%2F%2F1WHVioQEAAA%3D
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectmimicdisperse.com
Fingerprint21:15:39:6E:77:1A:59:CB:E3:78:13:44:CF:D6:93:24:75:BF:26:78
ValidityTue, 10 Oct 2023 08:32:24 GMT - Mon, 08 Jan 2024 08:32:23 GMT

File type
ASCII text, with no line terminators
Size
7 B (7 bytes)
Hash
132d6af1b46048b45cf86cdee7991d31
eb7007d03d59b65bc6da7e098c4d38fc6dfb6285
ab852e838deccd742a03ca81d4a8d75cf1a00b327db3eaf46bd7da6b6db9384c

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /ren.gif?sid=H4sIAAAAAAAC%2F1RSv28cxR%2Bd%2FcbVF1GAaCgiXYH4IeHz7t6e75ZIRITgKML5oYQAHZqdmT0Pnt1Zzezcnk8UFpFQyqOlWr%2BzY4UYCxo6EDqns4TkQxQucIHEH4BAqSjQ2RYHn%2Bbz3r5XvH2f%2BWzLnRAfjh6v3NBDqRRdajf9xqsfBsGlxqrM3aAx6C5%2FtBxdapj%2BG4EfN%2F3XGtcEW9dLoR%2F4fuAHjRVpRKoHS0EQNH3IYi8OmrHfjMJm0I4wMP%2Fl1nmw1APvn5DnIfn0%2F3v7ESSbIM%2B%2BvirseqmL19%2FJnKKlNujz3Xv5eq6rHNkcpsZDmu%2Beu6Ht0cr30PnOaWDo%2Fj%2FGRE6J99uvSPLd85RI%2BjtnQRMFkSPhz6DqTyDUBJJOwPR9SH5EAMZx8xby7OFNbSq6cabSmTolC0%2F%2FgKymZOGXF5Bn%2B1eUHDTuauVKqXOLQVpDDiaQvQkKd4By6EFWB2Dlp5D8R7L0dBV5tn3LKg3Jj18SKQuCMKWLPufxYrTs%2B4uJH%2FJFSpMOD%2BNW3E47pw1JOYFMJ1BiBGovwFkPTnpwqQdXeMj4caPDom6Xd9ucCsbCJA26aZRGMWV%2ByvxWHMKx2T%2BMUBYjMDUCM5sozCbW5QjG%2FQC7VsNyD7Yk6PMalSCoLEFFCSpJUJUEVb%2Fe4cqGtn7IlXVJcL7D892qx7rsbdEdXfZETraKE%2FLcrDiv0VRYF8cNP%2BDRchxEYRrEXcHbcSukadpN4iSJeCtgsLKGtP8DtR6GckouDv9EIadkIfoZCT2AVQdg0gN1F0GrcSf0QdfGUdfHMP%2FKrfFM96WwzcJocF2jKBdQbnhb6oS8eHrBa%2FtPINjh5Tq5Mf390V9gpkZhanwsnxD01IPxHV2R7Tu6suSbW0UpMzmks%2BveLWkpLnz5rtiotOHXr9rRo7fYTJjBvfeELVdpzmXes%2BTxFcm5MCvaMEG%2Bu24%2FEMltZ9euOJO7YvX22yvXs8IIa6XOJ6Dy6P1PwOSUPPv43um7feXbPUgzgXE1MndIzgdSH4AVm7DFPL3VBEbNPUnhoXL12ITJ%2FKOSBErMOU1q2H%2FxZI637AP0jAda3kee1eibGn1Vg6oRrLswLgtzePmn1ukgUd44UcbbTpRRn59Va%2BVxQ3TEchxHftThvp9EPAyDtmC0FdGYhmHaQWmn4s0vXv4bAAD%2F%2FwEAAP%2F%2F1WHVioQEAAA%3D HTTP/1.1
Host: mimicdisperse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Cookie: u_pl=18886252; uid_id2=efc112fa-0dd9-4600-b02d-aab7d29395f7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01d469142f198ed5932aff8b9bb4d31c=[4697796]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Oct 2023 17:45:10 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: cb2ddde2d3ef3c18031e3ecdf25c7192
Strict-Transport-Security: max-age=0; includeSubdomains

GET cdn.cloudimagesb.com/si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png

45.133.44.9

200 OK

33 kB

URL GET HTTP/2
cdn.cloudimagesb.com/si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png
IP
45.133.44.9:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectcdn.cloudimagesb.com
Fingerprint62:DE:BA:BA:30:E9:EE:15:E9:24:B9:C5:BF:E1:7E:39:8B:20:E5:42
ValiditySun, 24 Sep 2023 23:04:02 GMT - Sat, 23 Dec 2023 23:04:01 GMT

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
33 kB (32763 bytes)
Hash
2cb2500acb00f247ef19403c3a0f89e1
7c57e8b84b2bb0003810ffae7a14e24869155464
7efcd5082673b787603d2a0b8d768fb26807cf2ab79771a69886a916d0cda3ce

HTTP Headers

GET /si/62/99/91/6299919f2727e6f79b6f7ad60ebd36aa/1667590484.png HTTP/1.1
Host: cdn.cloudimagesb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:10 GMT
content-type: image/png
content-length: 32763
server: nginx/1.21.6
last-modified: Fri, 04 Nov 2022 19:34:52 GMT
etag: "6365695c-7ffb"
expires: Tue, 31 Oct 2023 17:45:10 GMT
cache-control: max-age=172800
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 10:05:24 GMT
expires: Sat, 26 Oct 2024 10:05:24 GMT
cache-control: public, max-age=31536000
age: 200387
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

16 kB

URL GET HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintBE:D3:D2:0A:C4:57:FB:0B:D7:17:48:C8:AB:52:49:39:3E:E9:3C:60
ValidityMon, 09 Oct 2023 08:10:32 GMT - Mon, 01 Jan 2024 08:10:31 GMT

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 27 Oct 2023 02:00:44 GMT
expires: Sat, 26 Oct 2024 02:00:44 GMT
cache-control: public, max-age=31536000
age: 229467
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET cdn.barscreative1.com/sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html

45.133.44.4

200 OK

663 B

URL GET HTTP/2
cdn.barscreative1.com/sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html
IP
45.133.44.4:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectcdn.barscreative1.com
FingerprintCB:0F:87:85:B0:83:8B:5C:86:E5:81:91:9D:F5:ED:C4:A2:B6:B1:BE
ValidityTue, 12 Sep 2023 01:01:21 GMT - Mon, 11 Dec 2023 01:01:20 GMT

File type
gzip compressed data, from Unix\012- data
Size
663 B (663 bytes)
Hash
bb2edb4de5ad94a09bf1651063a070c7
45f62ac4e62a393a1c3631d83a24652b582b14ad
dc5dd0698652ad21651a947671b17461a91cb158ea83397406939735d980e5cb

HTTP Headers

GET /sb/au/d3/55/fb/d355fb06fa4f4907609b7d285fa07f7a/1664530003.html HTTP/1.1
Host: cdn.barscreative1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:10 GMT
content-type: text/html; charset=utf-8
server: nginx/1.21.6
last-modified: Fri, 30 Sep 2022 09:26:48 GMT
etag: W/"6336b658-497"
cache-control: max-age=3600
access-control-allow-origin: *
access-control-expose-headers: Date
content-encoding: gzip
expires: Sun, 29 Oct 2023 18:45:10 GMT
x-proxy-cache: HIT
X-Firefox-Spdy: h2

GET mimicdisperse.com/pixel/sbs?c=1

173.233.137.60

200 OK

0 B

URL GET HTTP/1.1
mimicdisperse.com/pixel/sbs?c=1
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectmimicdisperse.com
Fingerprint21:15:39:6E:77:1A:59:CB:E3:78:13:44:CF:D6:93:24:75:BF:26:78
ValidityTue, 10 Oct 2023 08:32:24 GMT - Mon, 08 Jan 2024 08:32:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pixel/sbs?c=1 HTTP/1.1
Host: mimicdisperse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Cookie: u_pl=18886252; uid_id2=efc112fa-0dd9-4600-b02d-aab7d29395f7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01d469142f198ed5932aff8b9bb4d31c=[4697796]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Oct 2023 17:45:11 GMT
Content-Length: 0
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Upgrade-Insecure-Requests
Access-Control-Expose-Headers: Content-Length,Content-Range

GET cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg

172.64.102.10

200 OK

1.3 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/img/close.svg
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
SVG Scalable Vector Graphics image\012- XML document text\012- exported SGML document, ASCII text, with very long lines (1463), with no line terminators
Size
1.3 kB (1322 bytes)
Hash
42e5fd211191543ecb89479c9a133cda
47fcfccfd279d5547da59a7683a8924c99e81b5c
21553825d8d8eb94976b5f7afa323070d89cc30c3f8defb71e896736b2b08aa6

HTTP Headers

GET /sb/ssp/utility/social-media/instagram/new/4/img/close.svg HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:10 GMT
content-type: image/svg+xml
last-modified: Wed, 28 Sep 2022 21:49:43 GMT
etag: W/"6334c177-52a"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2042433
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4wqdcewwPmPBlRqFIRmS44T46uSBJOI2gqAQQ2Hj1XfJ%2FJmsP6jrDcmvJOjvNvRDhhJAfAeBjAum0iS%2F4OJdzcCegnQTd3f5WUkNlsI6tfj4AbedFYU6vfrOn4YShBYe4jWSTgK%2B3lyq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd3b12ca446525-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/animate.css

172.64.102.10

200 OK

79 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/animate.css
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text
Size
79 kB (79245 bytes)
Hash
80047eaa13ebd50c50e8a9753621e430
9c503e07d130572a0eaf51f7c02cbd4cf6213fe3
3f831a59615f8d5d40b4340b2836f91438c876f8dbce75f78e38360d6fe0f429

HTTP Headers

GET /sb/ssp/utility/social-media/instagram/new/4/css/animate.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:10 GMT
content-type: text/css
last-modified: Mon, 26 Sep 2022 10:05:22 GMT
etag: W/"63317962-1358d"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2016107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsDN89XwdCm4ou0%2BsRh3sFJRLU4%2BZsI8cRGGLdheSeGtow0g3OiT7iL74RogxNENMmzPSRluEpUiX0FzTa4yh8RkwVReTMzs4bVfnE%2BkdVXhRD%2FYiFRj%2F3wAqsUAbNBWF%2FOJ33tofyFc"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd3b1229f5653d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET unseenreport.com/pxf.gif?uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=01d469142f198ed5932aff8b9bb4d31c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17

192.243.61.227

200 OK

0 B

URL GET HTTP/1.1
unseenreport.com/pxf.gif?uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=01d469142f198ed5932aff8b9bb4d31c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17
IP
192.243.61.227:443
ASN
#39572 DataWeb Global Group B.V.

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subject*.unseenreport.com
FingerprintBE:8C:78:D1:BA:58:B8:88:10:09:32:1D:31:7A:D9:4A:09:BF:6C:7A
ValiditySat, 23 Sep 2023 07:33:12 GMT - Fri, 22 Dec 2023 07:33:11 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /pxf.gif?uuid=efc112fa-0dd9-4600-b02d-aab7d29395f7&eb=a996fe56ed028c08f89591a4a8a9c431&te=4cb725660c43031e3b06c75892d96c5a&ua=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64%3B%20rv%3A109.0)%20Gecko%2F20100101%20Firefox%2F111.0&dev=e&res=14.2079&b_frame=0&pk=01d469142f198ed5932aff8b9bb4d31c&bl=en-US&sr=1024x1280&sz=1024x1280&hjs=17 HTTP/1.1
Host: unseenreport.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Oct 2023 17:45:05 GMT
Content-Type: image/gif
Content-Length: 1
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: 3e3336c562741630db43d30d048dbf84
Strict-Transport-Security: max-age=0; includeSubdomains

GET friendshipmale.com/sfp.js

172.64.99.2

200 OK

86 kB

URL GET HTTP/3
friendshipmale.com/sfp.js
IP
172.64.99.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85471 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 29 Oct 2023 17:45:04 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: bb467886430bc0d4c62bb801be611f9e
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 17:45:04 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ejcx%2FlcNclN8X0dS9iU2lO5Ew6dna6bngvdqldAwN03usbyfmQIpRgWJCSNxfVeblxHO%2F4Emq0KsM5YIPu%2BeXlGCclP2xAJtjY7%2FMcsWyfOJNgqaSirZEnB%2FFg0ixzm1gU%2FIvf4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd3aeaadd163bf-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css?family=Roboto:300,400,500,700%26display=swap

142.250.74.106

200 OK

8.5 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,500,700%26display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint87:BD:C2:71:54:40:3F:F2:18:79:1A:89:F5:E9:BC:63:E5:EC:57:64
ValidityMon, 09 Oct 2023 08:10:33 GMT - Mon, 01 Jan 2024 08:10:32 GMT

File type
ASCII text, with very long lines (8716), with no line terminators
Size
8.5 kB (8492 bytes)
Hash
1303310bf811cbabe52e473a56247b05
76a5d89fcefb4e769642a6636f439f3f03833429
ccc9d8c0b923b1470e8ddb0309ed98c9419fd7abb32ead3c0dcebbc30ea84778

HTTP Headers

GET /css?family=Roboto:300,400,500,700%26display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Oct 2023 17:45:02 GMT
date: Sun, 29 Oct 2023 17:45:02 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback

104.17.3.184

302 Found

34 kB

URL GET HTTP/2
challenges.cloudflare.com/turnstile/v0/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type

Size
34 kB (34170 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /turnstile/v0/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sun, 29 Oct 2023 17:45:02 GMT
cache-control: max-age=300, public
vary: accept-encoding
access-control-allow-origin: *
location: /turnstile/v0/g/c359bc3d/api.js?onload=onloadTurnstileCallback
server: cloudflare
cf-ray: 81dd3ae0c9820b65-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET driveleech.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/mdb.dark.min.css

172.67.203.73

200 OK

456 kB

URL GET HTTP/3
driveleech.org/content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/mdb.dark.min.css
IP
172.67.203.73:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
FingerprintAB:50:0A:5D:FE:EC:B9:1D:5E:E5:83:B3:DE:A1:26:D9:1B:5B:EB:9A
ValiditySat, 04 Feb 2023 00:00:00 GMT - Sat, 03 Feb 2024 23:59:59 GMT

File type

Size
456 kB (456152 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /content/data/MDB5-STANDARD-UI-KIT-Free-3.9.0/css/mdb.dark.min.css HTTP/1.1
Host: driveleech.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Cookie: PHPSESSID=b685b12ff922aefb81baa1fb51655aa3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 29 Oct 2023 17:45:02 GMT
content-type: text/css
cache-control: public, max-age=604800
expires: Sat, 04 Nov 2023 10:35:36 GMT
last-modified: Mon, 11 Sep 2023 15:08:39 GMT
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400
cf-cache-status: HIT
age: 112166
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dbt2F9IUr4r2jA8gOV%2Bbbw5TvwVbcdPdNyXmTdSKSbF5uu%2F7GOJSZWbTthOXHlrMpMzVHCJVysmWQBsW0aqlKv0exetcc3bfCFDY92gP%2BBk%2BoAFBVqT%2BVmy%2Fe4yzaU1IBA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 81dd3ae09df75691-OSL
content-encoding: br

GET cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

104.17.24.14

200 OK

14 kB

URL GET HTTP/3
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2
IP
104.17.24.14:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint7A:EA:B9:09:71:70:6C:87:C9:D3:82:74:8A:7B:B4:60:E5:40:2D:8D
ValidityMon, 03 Jul 2023 00:00:00 GMT - Tue, 02 Jul 2024 23:59:59 GMT

File type
Web Open Font Format (Version 2), TrueType, length 13548, version 331.-31392\012- data
Size
14 kB (13548 bytes)
Hash
4a74738e7728e93c4394b8604081da62
fb9648469530a05fa9aac80e47d4d6960472a242
ce20ed8a323117c8a718ff1ddc6dabb997373b575a8e896f2bf02b846c082c9d

HTTP Headers

GET /ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 29 Oct 2023 17:45:03 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 13548
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5f7b5b5f-34ec"
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 299348
expires: Fri, 18 Oct 2024 17:45:03 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iC6xTjq7Oj9BYNCD3e%2BBD7Q7v%2B%2FtrJpsOEQkg0K4kj531snraHeV1Gp49qlSnuFMWdV%2BTgr2XPS43GlnqFx66lUynS6teicbeRTUZUqkD628LD3r8rpG%2BASGT3Eue9aoPUS94LWd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 81dd3ae1fb311c16-OSL
alt-svc: h3=":443"; ma=86400

GET fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap

142.250.74.106

200 OK

6.8 kB

URL GET HTTP/3
fonts.googleapis.com/css?family=Roboto:300,400,700&display=swap
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint87:BD:C2:71:54:40:3F:F2:18:79:1A:89:F5:E9:BC:63:E5:EC:57:64
ValidityMon, 09 Oct 2023 08:10:33 GMT - Mon, 01 Jan 2024 08:10:32 GMT

File type
ASCII text, with very long lines (7013), with no line terminators
Size
6.8 kB (6824 bytes)
Hash
49475c425d6c00477bb339179326c49b
bd97deeb753f44f43a21feafa92d98239fa511bd
598841a98ad357d2896d2f093ea3e4e1d44e24b3351268ffd45e61ff8c1d0e09

HTTP Headers

GET /css?family=Roboto:300,400,700&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Oct 2023 17:45:10 GMT
date: Sun, 29 Oct 2023 17:45:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/js/script.js

172.64.102.10

200 OK

444 B

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/js/script.js
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (458), with no line terminators
Size
444 B (444 bytes)
Hash
982ab6e275f01f07609f7a83b9ded288
00cae17857fd26867610c5287a75c107ab8a150f
2f60a6c44dff7939447126884982a613420b55459abf4ddc27144c2d09fe992c

HTTP Headers

GET /sb/ssp/utility/social-media/instagram/new/4/js/script.js HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:10 GMT
content-type: application/javascript
last-modified: Mon, 26 Sep 2022 10:05:24 GMT
etag: W/"63317964-1bc"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 503198
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KTyAG1nuF8awRKOKA3YF1%2Bwp0VAwCXMyZhexgVCq8NHjy2%2F9SoRw6grvX74iCPpjsAuT05zatMiVXJxT0T4qKqFvlIwQTr%2FnmqiOqodDSGI43CV5Au4uo2zaX%2FZ9%2FZzbdNY6HPTKBBVo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd3b123a06653d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET mimicdisperse.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSu28c1Ru984urH6IA0VBE2gLxkPB6Znb2MUQiIgRHEc5DCQE6dF%2BzvvjO3NG9MzubFUVEJJRyaanGZ%2B1YIcaChg6E1uksIXkRhQtcIPEHIFAqCrS2xcLXfOfMOcWZ893PNstj4qOkR6vXzEhpTVfaTb%2Fx6odBcKGxprJy2Bj2Oh91ogsNO3gj8OOm%2F1rjiuQbZiX0A98P%2FKCxqqxMzHAlCIKmD5XvxkEz9ptR2AzaEYb2v9yVHhz1IAbH5HkoMfv%2F7l4ExafI0q8vS7dRmPz1d9JS08JYDMTOnWwjM1WGdAET6yHJds7cMO5w9XuYbPskMMzgHyNTM%2BL99itYtnOWEmywfRqUacgMTDyDajCF1FMoOgU396HEIQG4wPUbyNKH142t6N1Tlc7VGVl6%2BgdUNSNLv7yALN27pNWwcdvoslAmcxgmNdRwCtWfIi%2F3UYw8qGofvPgUSvxIVp6uIUu3bjhtoMTRSzLhQRAmdNkXIl6OOr6%2FzPxQLFPKuiKMW3E76Z40pNQUKplCyzGoO4fSeSiVhzLxUOYeUnHU6PKo1xO9tqCS85AlQS%2BJkiim3E%2B434pDlHz%2BD2MU%2BRhcj8HtPeT2HjbUGLb8AW69hhMeXEEwEDUqSVA5gooSVIqgKgiqQb0ttAtd%2FVBoV7LgbIdnu1VPTNHfpNum6MuMbObH5Ll5cV6jqbEhjxp%2BIKJOHERhEsQ9KdpxK6RJ0mMxY5FoBRxO1VDuf6DOw0jNyPnRn8jVjCxFP4PRfTi9D6480PI8aDXphj7o%2BiTq%2BRhlX5XrIjUDJV0ztwbC1MiLJRR3vU19TF48ueCVvSeQ%2FOBiza7Nfn%2F0F7itkdsaH6snBH39YHLLVGTrlqkc%2BeZGXqhUjej8urcLWshzX74r71bGiquX3fjRW3wuzOHue9IVazQTKus78viSEkLaVWO5JN9ddR9IdrN065dKm5X52s23V6%2BmuZXOKZNNQdXh%2B5%2BAqxl59vGdk3f7yre7UHYKW9ZIywNyNlBmHzy%2FB5cv0jtDYPXCw3IPVVlPbMgWH7Ui0HLBKavh%2FsXZAm%2B6B%2BhbD7S4jyytMbA1BroG1WO48tykyO3BxZ9aJwOmvQnT1tti2urPT6t16qjBuS9pwLqBlEK2W5xHHd5jnaQVdWWvLdoo3Ey%2B%2BcXLfwMAAP%2F%2FAQAA%2F%2F8qRn2ahAQAAA%3D%3D

173.233.137.60

200 OK

0 B

URL GET HTTP/1.1
mimicdisperse.com/impr.gif?sid=H4sIAAAAAAAC%2F1RSu28c1Ru984urH6IA0VBE2gLxkPB6Znb2MUQiIgRHEc5DCQE6dF%2BzvvjO3NG9MzubFUVEJJRyaanGZ%2B1YIcaChg6E1uksIXkRhQtcIPEHIFAqCrS2xcLXfOfMOcWZ893PNstj4qOkR6vXzEhpTVfaTb%2Fx6odBcKGxprJy2Bj2Oh91ogsNO3gj8OOm%2F1rjiuQbZiX0A98P%2FKCxqqxMzHAlCIKmD5XvxkEz9ptR2AzaEYb2v9yVHhz1IAbH5HkoMfv%2F7l4ExafI0q8vS7dRmPz1d9JS08JYDMTOnWwjM1WGdAET6yHJds7cMO5w9XuYbPskMMzgHyNTM%2BL99itYtnOWEmywfRqUacgMTDyDajCF1FMoOgU396HEIQG4wPUbyNKH142t6N1Tlc7VGVl6%2BgdUNSNLv7yALN27pNWwcdvoslAmcxgmNdRwCtWfIi%2F3UYw8qGofvPgUSvxIVp6uIUu3bjhtoMTRSzLhQRAmdNkXIl6OOr6%2FzPxQLFPKuiKMW3E76Z40pNQUKplCyzGoO4fSeSiVhzLxUOYeUnHU6PKo1xO9tqCS85AlQS%2BJkiim3E%2B434pDlHz%2BD2MU%2BRhcj8HtPeT2HjbUGLb8AW69hhMeXEEwEDUqSVA5gooSVIqgKgiqQb0ttAtd%2FVBoV7LgbIdnu1VPTNHfpNum6MuMbObH5Ll5cV6jqbEhjxp%2BIKJOHERhEsQ9KdpxK6RJ0mMxY5FoBRxO1VDuf6DOw0jNyPnRn8jVjCxFP4PRfTi9D6480PI8aDXphj7o%2BiTq%2BRhlX5XrIjUDJV0ztwbC1MiLJRR3vU19TF48ueCVvSeQ%2FOBiza7Nfn%2F0F7itkdsaH6snBH39YHLLVGTrlqkc%2BeZGXqhUjej8urcLWshzX74r71bGiquX3fjRW3wuzOHue9IVazQTKus78viSEkLaVWO5JN9ddR9IdrN065dKm5X52s23V6%2BmuZXOKZNNQdXh%2B5%2BAqxl59vGdk3f7yre7UHYKW9ZIywNyNlBmHzy%2FB5cv0jtDYPXCw3IPVVlPbMgWH7Ui0HLBKavh%2FsXZAm%2B6B%2BhbD7S4jyytMbA1BroG1WO48tykyO3BxZ9aJwOmvQnT1tti2urPT6t16qjBuS9pwLqBlEK2W5xHHd5jnaQVdWWvLdoo3Ey%2B%2BcXLfwMAAP%2F%2FAQAA%2F%2F8qRn2ahAQAAA%3D%3D
IP
173.233.137.60:443
ASN
#7979 SERVERS-COM

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerLet's Encrypt
Subjectmimicdisperse.com
Fingerprint21:15:39:6E:77:1A:59:CB:E3:78:13:44:CF:D6:93:24:75:BF:26:78
ValidityTue, 10 Oct 2023 08:32:24 GMT - Mon, 08 Jan 2024 08:32:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /impr.gif?sid=H4sIAAAAAAAC%2F1RSu28c1Ru984urH6IA0VBE2gLxkPB6Znb2MUQiIgRHEc5DCQE6dF%2BzvvjO3NG9MzubFUVEJJRyaanGZ%2B1YIcaChg6E1uksIXkRhQtcIPEHIFAqCrS2xcLXfOfMOcWZ893PNstj4qOkR6vXzEhpTVfaTb%2Fx6odBcKGxprJy2Bj2Oh91ogsNO3gj8OOm%2F1rjiuQbZiX0A98P%2FKCxqqxMzHAlCIKmD5XvxkEz9ptR2AzaEYb2v9yVHhz1IAbH5HkoMfv%2F7l4ExafI0q8vS7dRmPz1d9JS08JYDMTOnWwjM1WGdAET6yHJds7cMO5w9XuYbPskMMzgHyNTM%2BL99itYtnOWEmywfRqUacgMTDyDajCF1FMoOgU396HEIQG4wPUbyNKH142t6N1Tlc7VGVl6%2BgdUNSNLv7yALN27pNWwcdvoslAmcxgmNdRwCtWfIi%2F3UYw8qGofvPgUSvxIVp6uIUu3bjhtoMTRSzLhQRAmdNkXIl6OOr6%2FzPxQLFPKuiKMW3E76Z40pNQUKplCyzGoO4fSeSiVhzLxUOYeUnHU6PKo1xO9tqCS85AlQS%2BJkiim3E%2B434pDlHz%2BD2MU%2BRhcj8HtPeT2HjbUGLb8AW69hhMeXEEwEDUqSVA5gooSVIqgKgiqQb0ttAtd%2FVBoV7LgbIdnu1VPTNHfpNum6MuMbObH5Ll5cV6jqbEhjxp%2BIKJOHERhEsQ9KdpxK6RJ0mMxY5FoBRxO1VDuf6DOw0jNyPnRn8jVjCxFP4PRfTi9D6480PI8aDXphj7o%2BiTq%2BRhlX5XrIjUDJV0ztwbC1MiLJRR3vU19TF48ueCVvSeQ%2FOBiza7Nfn%2F0F7itkdsaH6snBH39YHLLVGTrlqkc%2BeZGXqhUjej8urcLWshzX74r71bGiquX3fjRW3wuzOHue9IVazQTKus78viSEkLaVWO5JN9ddR9IdrN065dKm5X52s23V6%2BmuZXOKZNNQdXh%2B5%2BAqxl59vGdk3f7yre7UHYKW9ZIywNyNlBmHzy%2FB5cv0jtDYPXCw3IPVVlPbMgWH7Ui0HLBKavh%2FsXZAm%2B6B%2BhbD7S4jyytMbA1BroG1WO48tykyO3BxZ9aJwOmvQnT1tti2urPT6t16qjBuS9pwLqBlEK2W5xHHd5jnaQVdWWvLdoo3Ey%2B%2BcXLfwMAAP%2F%2FAQAA%2F%2F8qRn2ahAQAAA%3D%3D HTTP/1.1
Host: mimicdisperse.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Cookie: u_pl=18886252; uid_id2=efc112fa-0dd9-4600-b02d-aab7d29395f7:3:1; pdhtkv=true; uncs=1; pdhtkv29=true; uncs29=1; slec01d469142f198ed5932aff8b9bb4d31c=[4697796]
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.21.6
Date: Sun, 29 Oct 2023 17:45:11 GMT
Content-Type: image/gif
Content-Length: 7
Connection: keep-alive
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Cache-Control: no-cache
X-Request-ID: f53490fbf6f7bbdafe4db2a5b072a8e0
Strict-Transport-Security: max-age=0; includeSubdomains

GET challenges.cloudflare.com/turnstile/v0/g/c359bc3d/api.js?onload=onloadTurnstileCallback

104.17.3.184

200 OK

34 kB

URL GET HTTP/3
challenges.cloudflare.com/turnstile/v0/g/c359bc3d/api.js?onload=onloadTurnstileCallback
IP
104.17.3.184:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectchallenges.cloudflare.com
Fingerprint5F:E4:AA:8C:2E:24:D2:B1:69:9D:13:28:31:5C:65:FA:97:2A:E9:6E
ValidityFri, 18 Aug 2023 00:00:00 GMT - Sat, 17 Aug 2024 23:59:59 GMT

File type
ASCII text, with very long lines (34169)
Size
34 kB (34170 bytes)
Hash
98903b4785f1b91f9c957fd50c695f22
2fb6abca2c90b53346369175f461d8fc0910cc4e
bc0c362431a3e24bc0b73971c115a3a077dd40761069cb160ad402c40c529caa

HTTP Headers

GET /turnstile/v0/g/c359bc3d/api.js?onload=onloadTurnstileCallback HTTP/1.1
Host: challenges.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://driveleech.org/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sun, 29 Oct 2023 17:45:03 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31536000
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd3ae1fbc30b69-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400

GET friendshipmale.com/sfp.js

172.64.99.2

200 OK

86 kB

URL GET HTTP/2
friendshipmale.com/sfp.js
IP
172.64.99.2:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerCloudflare, Inc.
Subjectsni.cloudflaressl.com
Fingerprint08:6F:D8:CB:9E:0C:0A:98:2E:C5:CD:21:8E:0B:76:2B:50:6F:B6:37
ValiditySat, 18 Feb 2023 00:00:00 GMT - Sat, 17 Feb 2024 23:59:59 GMT

File type

Size
86 kB (85471 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /sfp.js HTTP/1.1
Host: friendshipmale.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:04 GMT
content-type: application/javascript; charset=utf-8
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin: *
expires: Thu, 01 Jan 1970 00:00:01 GMT
cache-control: max-age=14400
x-request-id: 60aa5c32f343d79f5549c584561938c1
strict-transport-security: max-age=0; includeSubdomains
cf-cache-status: EXPIRED
last-modified: Sun, 29 Oct 2023 17:45:03 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bLWaenQE363rVOYL833Bp4iOvz5lfNMUkKb8IK%2FXES%2FehiatI3rpacSi%2Bc9YRaBtpAU8fCtGvHQn00%2BXcyInvKqzOuyEwCo9zjSyqYhQ7rNVILztLS0a1KkiypAmHiulaB1VkSw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd3ae7780e369a-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

GET cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/style.css

172.64.102.10

200 OK

7.6 kB

URL GET HTTP/2
cdn.creative-bars1.com/sb/ssp/utility/social-media/instagram/new/4/css/style.css
IP
172.64.102.10:443
ASN
#13335 CLOUDFLARENET

Requested by
https://driveleech.org/file/Ml8udw6J9ILndx6bkOuS
Certificate
IssuerGoogle Trust Services LLC
Subjectcreative-bars1.com
Fingerprint2B:CC:32:FC:17:6F:25:69:2F:F4:A0:D9:DC:9C:C2:09:28:32:AB:34
ValiditySat, 21 Oct 2023 15:38:40 GMT - Fri, 19 Jan 2024 15:38:39 GMT

File type
ASCII text, with very long lines (8106), with no line terminators
Size
7.6 kB (7642 bytes)
Hash
83de8b4bf040e193fcc2cae881ad9bfa
6da4ac90cb0059a2dd698ad9ecb294f3dae99a4a
88e65386dff64696b61a8f5a62281b94e1b27c79458177f2f375190a7b78e460

HTTP Headers

GET /sb/ssp/utility/social-media/instagram/new/4/css/style.css HTTP/1.1
Host: cdn.creative-bars1.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://driveleech.org
DNT: 1
Connection: keep-alive
Referer: https://driveleech.org/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sun, 29 Oct 2023 17:45:10 GMT
content-type: text/css
last-modified: Fri, 30 Sep 2022 09:41:34 GMT
etag: W/"6336b9ce-1dda"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
access-control-allow-origin: *
access-control-expose-headers: Date
cf-cache-status: HIT
age: 2016107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oskY%2BeShPMkk9mrqpBroynbBQHUi1VIU21nWjAbfwFI3MZ6D2ea99g5yR%2BFcI7vPAs%2FaRDkK2KFRjPZNx0OSpDsXNsVTZ6QsFJdNZ4ejREWIcKuaMz0DMIXy2NlzOd6Dh%2FalfKR7EbvW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 81dd3b123a0b653d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (13)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash