install.crazyleaks.wtf Open in urlscan Pro
2a02:4780:a:1404:0:1480:e228:c  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

16 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response install.crazyleaks.wtf/	13 KB 3 KB	586ms 99ms	Document text/html	2a02:4780:a:1404:0:1480:e228:c AS-HOSTINGER
General Check archive.org Show headers Download Go to Full URL https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a02:4780:a:1404:0:1480:e228:c Manchester, United Kingdom, ASN47583 (AS-HOSTINGER, CY), Reverse DNS Software LiteSpeed / Resource Hash fe6d53cb79d8e17c660806c280311d3e5257c76e9346fa61db806b1240edad17 Security Headers Name Value Content-Security-Policy upgrade-insecure-requests Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 accept-language en-US,en;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-encoding br content-length 2963 content-security-policy upgrade-insecure-requests content-type text/html date Tue, 06 Feb 2024 12:44:50 GMT etag "34b5-65c1aaaf-86de24a50ee7747b;br" last-modified Tue, 06 Feb 2024 03:42:39 GMT platform hostinger server LiteSpeed vary Accept-Encoding
GET H2	200	e6k2kl Show response locked4.com/cl/js/	3 KB 4 KB	200ms 76ms	Script text/javascript	23.22.126.183 AMAZON-AES
General Check archive.org Show headers Download Go to Full URL https://locked4.com/cl/js/e6k2kl Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.22.126.183 Ashburn, United States, ASN14618 (AMAZON-AES, US), Reverse DNS ec2-23-22-126-183.compute-1.amazonaws.com Software nginx / Resource Hash 8a13391c51b0068e35146a8371ce5d47f0ef27d5328024ac74c810c53f3040dc Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains X-Content-Type-Options DENY, nosniff X-Xss-Protection 1; mode=block, 1; mode=block Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:50 GMT strict-transport-security max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains x-content-type-options DENY, nosniff server nginx content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control no-cache, private x-robots-tag none x-xss-protection 1; mode=block, 1; mode=block
GET H2	200	_bower.css www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/css/	148 KB 24 KB	789ms 134ms	Stylesheet text/css	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/css/_bower.css Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash f6726359a68eed49b3611a06f9386318a22156f6d119bb5559bc463cd88c11b6 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT content-encoding br last-modified Thu, 07 Oct 2021 15:24:02 GMT server LiteSpeed vary Accept-Encoding content-type text/css cache-control public, max-age=604800 accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 24598 expires Tue, 13 Feb 2024 12:44:51 GMT
GET H2	200	css fonts.googleapis.com/	13 KB 1 KB	100ms 39ms	Stylesheet text/css	2607:f8b0:4006:821::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900|Bowlby+One+SC Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2607:f8b0:4006:821::200a , United States, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 610ae5728a5d5afca57d58e21fc40567584ab56a58a899bfb9d64ac49fdce45e Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Tue, 06 Feb 2024 12:44:50 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Tue, 06 Feb 2024 12:44:50 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Tue, 06 Feb 2024 12:44:50 GMT
GET H/1.1	200 OK	cloud_backup.png www.calloutcomputers.org/wp-content/uploads/2017/01/	36 KB 36 KB	663ms 100ms	Image image/png	37.26.107.36 RACKSRV
General Check archive.org Show headers Download Go to Show image Full URL https://www.calloutcomputers.org/wp-content/uploads/2017/01/cloud_backup.png Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 37.26.107.36 Dover, United Kingdom, ASN52148 (RACKSRV, GB), Reverse DNS server1.cw-direct.co.uk Software Apache / Resource Hash 04429556ca4d24fd13c60d802f899f3b170afe71c6c66c90a76c52e4f5842202 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers Date Tue, 06 Feb 2024 12:44:50 GMT Last-Modified Sun, 15 Jan 2017 12:51:16 GMT Server Apache Vary User-Agent Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=100 Content-Length 37069
GET H2	200	avast.png www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/	13 KB 13 KB	924ms 271ms	Image image/png	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/avast.png Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash ed94337ebb41e7c2ebd1e757ad311052f81dbaf12e58f5b4c758efaac8e7657a Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT last-modified Thu, 07 Oct 2021 15:24:07 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 13731 expires Tue, 13 Feb 2024 12:44:51 GMT
GET H2	200	bitdefender.png www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/	14 KB 14 KB	723ms 271ms	Image image/png	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/bitdefender.png Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash 42e3aa54cfacaa5849859a70cb2d5f26e77df19f59e6c83e0077d072efb9a5b7 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT last-modified Thu, 07 Oct 2021 15:24:08 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 14065 expires Tue, 13 Feb 2024 12:44:51 GMT
GET H2	200	eset.png www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/	20 KB 20 KB	724ms 272ms	Image image/png	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/eset.png Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash 2458c85dc999c45d28ec604053133f436cfa840410c0ba7bf6e38527bbbecd14 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT last-modified Thu, 07 Oct 2021 15:24:06 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 20375 expires Tue, 13 Feb 2024 12:44:51 GMT
GET H2	200	kaspersky.png www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/	13 KB 13 KB	723ms 272ms	Image image/png	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/kaspersky.png Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash 892c583ba92958d2c298f987e172206c1a5a3d25bd1d4e840b5bc29f5e728c96 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT last-modified Thu, 07 Oct 2021 15:24:06 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 13426 expires Tue, 13 Feb 2024 12:44:51 GMT
GET H2	200	macafee.png www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/	17 KB 17 KB	724ms 273ms	Image image/png	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/macafee.png Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash dc376d6e221d72ef957c74cb25be593ea06b576214a35c975a690b2e554e54e1 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT last-modified Thu, 07 Oct 2021 15:24:06 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 17777 expires Tue, 13 Feb 2024 12:44:51 GMT
GET H2	200	panda.png www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/	13 KB 13 KB	337ms 327ms	Image image/png	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Show image Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/panda.png Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash d4d271c8d73e9e8d169894c74560e70415fee5618d7af4217931b29a1bd4da10 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT last-modified Thu, 07 Oct 2021 15:24:07 GMT server LiteSpeed content-type image/png cache-control public, max-age=604800 accept-ranges bytes content-length 13331 expires Tue, 13 Feb 2024 12:44:51 GMT
GET H2	200	rocket-loader.min.js Show response www.onlyleaks.pro/lp/cdn-cgi/scripts/7d0fa10a/cloudflare-static/	12 KB 4 KB	335ms 327ms	Script text/javascript	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Full URL https://www.onlyleaks.pro/lp/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT content-encoding br last-modified Thu, 07 Oct 2021 15:23:13 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 3678
GET H2	200	abstract-luxury-gradient-blue-background-smooth-dark-blue-with-black-vignette-studio-banner_1258-54587.jpg img.freepik.com/free-photo/	2 KB 2 KB	176ms 34ms	Image image/avif	2600:141b:1c00:30::1739:5a70 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://img.freepik.com/free-photo/abstract-luxury-gradient-blue-background-smooth-dark-blue-with-black-vignette-studio-banner_1258-54587.jpg Requested by Host: install.crazyleaks.wtf URL: https://install.crazyleaks.wtf/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2600:141b:1c00:30::1739:5a70 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software / Resource Hash 411c3b67470107f2cffe4a22da5e522c54147870bedb77fb1b97c418b4c12446 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT last-modified Tue, 03 Oct 2023 10:14:30 GMT etag "d33ba6002e6774dafce7af34407f05f9" content-type image/avif cache-control private, no-transform, max-age=604800 x-robots-tag noimageai alt-svc h3=":443"; ma=93600,h3-29=":443"; ma=93600,h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43" content-length 1652 expires Tue, 13 Feb 2024 12:44:51 GMT
GET H3	200	scripts.js Show response www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/	1 KB 666 B	146ms 145ms	Script text/javascript	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/scripts.js Requested by Host: www.onlyleaks.pro URL: https://www.onlyleaks.pro/lp/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash 43d6221539ba2bf66e19be89497cf77474698fba59a1935c972c40c701e401ef Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT content-encoding br last-modified Thu, 07 Oct 2021 15:24:04 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes alt-svc h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46" content-length 428
GET H3	200	bower.js Show response www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/	167 KB 46 KB	146ms 145ms	Script text/javascript	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Full URL https://www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/bower.js Requested by Host: www.onlyleaks.pro URL: https://www.onlyleaks.pro/lp/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash 0fef544b133eeae68d6d5a63c86be04de8d59bad101c3489341224bc19a19100 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT content-encoding br last-modified Thu, 07 Oct 2021 15:24:04 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 47395
GET H3	200	jquery.min.js Show response www.onlyleaks.pro/lp/ajax.googleapis.com/ajax/libs/jquery/1.7.2/	93 KB 32 KB	290ms 290ms	Script text/javascript	94.242.50.233 VEESP-AS
General Check archive.org Show headers Download Go to Full URL https://www.onlyleaks.pro/lp/ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js Requested by Host: www.onlyleaks.pro URL: https://www.onlyleaks.pro/lp/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js Protocol H3 Security QUIC, , AES_128_GCM Server 94.242.50.233 St Petersburg, Russian Federation, ASN43317 (VEESP-AS, LV), Reverse DNS server2.server-sz.com Software LiteSpeed / Resource Hash 47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4 Request headers accept-language en-US,en;q=0.9 Referer https://install.crazyleaks.wtf/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.139 Safari/537.36 Response headers date Tue, 06 Feb 2024 12:44:51 GMT content-encoding br last-modified Thu, 07 Oct 2021 15:24:02 GMT server LiteSpeed vary Accept-Encoding content-type text/javascript accept-ranges bytes content-length 32504

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| locker_url undefined| iframecontents undefined| old_display function| og_load function| ogEditBody function| ogMakeLocker function| og_getScriptURL function| call_locker function| og_call boolean| ogblock object| __cfQR function| $ function| jQuery boolean| __cfRLUnblockHandlers

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			locked4.com/	1970-01-20 18:14:55	Name: XSRF-TOKEN Value: eyJpdiI6IjFtRmlKaUFjQjVaZ2laUzRVdjVCVGc9PSIsInZhbHVlIjoiU2F1M1lEeWRCNlYrN3hBUlNQaFBXRFpCTVRqWDhzUytKM0VaZGduNDdFY2k5V2l2WGtya2QwMWlZcW0vOFUwbWlVMjY0am90RnMxaEQxcmErZmZObjhMUGI3N1dQTFQyOCtQYjhaS2d6aWQ3d09WSE5XMTJ6M3Z1dWY5SVNmRFIiLCJtYWMiOiI1ZGUzY2M0NWRkY2VkZTVjNDhiYmE4ZmJlYjkxYTZhMTNiMDhiOGU5YzdhZDEzNTNjMmNkNWE1ZWQ3YjgxNWQ2IiwidGFnIjoiIn0%3D
			locked4.com/	1970-01-20 18:14:55	Name: ogads_session Value: eyJpdiI6IktHbU9YUHI1bzlLbGl2L0tGcU5zamc9PSIsInZhbHVlIjoidTVzSXNCbkw0Y0xucGd3Z3N6RklZTy9aOXFSditOTHBiY2E3cGhnVDFWYjMydStDTE5CZStEa01HSEdSOFJOVTRQRlRWSDA3ZWcrdDBwQVExVEhoRDVyMjFKMzJlaHFobGthd2VGdXQrYUIrY1dYenhINWtZQ2JUaVZuZ2R0VmwiLCJtYWMiOiIyOTU3N2QwMDQwYmFhYTljODczMDczYTdlNDM5NGUxZWQ5ZTljOTA5MTQxNzNhMGMyMDNjYzQxNzQ5NTBlOTkzIiwidGFnIjoiIn0%3D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://install.crazyleaks.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://install.crazyleaks.wtf/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
img.freepik.com
install.crazyleaks.wtf
locked4.com
www.calloutcomputers.org
www.onlyleaks.pro
23.22.126.183
2600:141b:1c00:30::1739:5a70
2607:f8b0:4006:821::200a
2a02:4780:a:1404:0:1480:e228:c
37.26.107.36
94.242.50.233
04429556ca4d24fd13c60d802f899f3b170afe71c6c66c90a76c52e4f5842202
0fef544b133eeae68d6d5a63c86be04de8d59bad101c3489341224bc19a19100
2458c85dc999c45d28ec604053133f436cfa840410c0ba7bf6e38527bbbecd14
411c3b67470107f2cffe4a22da5e522c54147870bedb77fb1b97c418b4c12446
42e3aa54cfacaa5849859a70cb2d5f26e77df19f59e6c83e0077d072efb9a5b7
43d6221539ba2bf66e19be89497cf77474698fba59a1935c972c40c701e401ef
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
610ae5728a5d5afca57d58e21fc40567584ab56a58a899bfb9d64ac49fdce45e
892c583ba92958d2c298f987e172206c1a5a3d25bd1d4e840b5bc29f5e728c96
8a13391c51b0068e35146a8371ce5d47f0ef27d5328024ac74c810c53f3040dc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d4d271c8d73e9e8d169894c74560e70415fee5618d7af4217931b29a1bd4da10
dc376d6e221d72ef957c74cb25be593ea06b576214a35c975a690b2e554e54e1
ed94337ebb41e7c2ebd1e757ad311052f81dbaf12e58f5b4c758efaac8e7657a
f6726359a68eed49b3611a06f9386318a22156f6d119bb5559bc463cd88c11b6
fe6d53cb79d8e17c660806c280311d3e5257c76e9346fa61db806b1240edad17