alt.leaking.rest Open in urlscan Pro
2a06:98c1:3120::3  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request gen.html Show response alt.leaking.rest/	36 KB 8 KB	250ms 180ms	Document text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alt.leaking.rest/gen.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 54a96cea800a69e3833a2141b761b6adb446a6f42e20fdb456c473fac4ce93c6 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 accept-language nl-NL,nl;q=0.9 Response headers age 0 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cache-control public, max-age=0, must-revalidate cf-cache-status DYNAMIC cf-ray 7b7fdd5acc800b7d-AMS content-encoding br content-type text/html; charset=UTF-8 date Fri, 14 Apr 2023 23:52:49 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HpHm7kh9KcE33iNhcarUuGS84ES6tLLrTVQYFe5aD5P%2BQqvJRf7Uam4WWGlPwIkcVty2YYLsZHCH%2F3z3kCAhjItts5ZR1Ujx2zErRNiTB0FCXMiEbWatc03T9DW3XpMdTDFrbsnmEr4uk5Mnkd3%2B"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding x-nf-request-id 01GY12Z56W81X7HZY5DYNP0J8K
GET H2	200	014e68f.js Show response d2bb5k76l7oivo.cloudfront.net/	23 KB 7 KB	460ms 376ms	Script application/javascript	2600:9000:2491:a600:d:e9c:2500:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2bb5k76l7oivo.cloudfront.net/014e68f.js Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:a600:d:e9c:2500:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 23:45:50 GMT content-encoding br via 1.1 fde85e7daa13f95cf6b8f5fa09c62ef6.cloudfront.net (CloudFront) last-modified Wed, 11 Jan 2023 21:50:46 GMT server AmazonS3 x-amz-cf-pop FRA56-P7 age 420 etag W/"8ab72c4473621e1b30a24ec89af90bcf" vary Accept-Encoding x-cache Error from cloudfront content-type application/javascript x-amz-cf-id llRVJvhp9oNjyRF383zN2JWcWfzFz81V5UiBXcu1VrHYV54zOAUifw==
GET H2	404	style.html alt.leaking.rest/	0 0	150ms 149ms	Stylesheet text/html	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alt.leaking.rest/style.html Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5F05T1K9TMWYYVAW6ES date Fri, 14 Apr 2023 23:52:49 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 0 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bkszxw%2Bjl%2FveoEJiEOi5RSav5de%2ByqkIAo5jVw6USrdf265E%2BBKlpeu%2BRjxZY6ipg%2B%2BcSjPQ08Cf7aG%2BRP1Ukkc%2BizB8%2FrGAK7DY3jGNsl54OLbaq8a7H4AY15Cou%2Bc9GbsTWgulp%2BKN%2BVtw0xbR"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=utf-8 cache-control public, max-age=0, must-revalidate cf-ray 7b7fdd5c8e310b7d-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	css fonts.googleapis.com/	973 B 816 B	204ms 68ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Anton Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash bae15e7a8c59219ab7e0600b2c451f14abb0dc30b15756b378e71625819c5c68 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 14 Apr 2023 23:52:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 14 Apr 2023 22:29:30 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 14 Apr 2023 23:52:49 GMT
GET H2	200	css fonts.googleapis.com/	2 KB 608 B	206ms 69ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash 7cb2b177ef2c7560273c716faa3e8619d6493c29e6ebd2b4fae4459e28d66bde Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Fri, 14 Apr 2023 23:52:49 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Fri, 14 Apr 2023 22:21:54 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Fri, 14 Apr 2023 23:52:49 GMT
GET H3	200	rotgg.png alt.leaking.rest/uploads/	4 KB 4 KB	154ms 154ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/rotgg.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 59dd1a853b2ba32c239df8f9ab3a3224c0970d2e5c8d372f9fd67cb088d25c17 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5XYBZ5K3T9HNZN860TN date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "efc8a870a96128935388c7116bd2defa-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vh6jsJ05EhT3h5wfeGaHvff5U8fhZIMGAt2ykaYYt4dagtgkf%2FJmB%2Bv6Hgc%2Fi4cLjxHHm0avmJlqsPQIHl8ukeqsFWSIRxFSIfEt6rX%2B%2BPY%2BGtcYYQTR4b6s%2FEIwMitF4POlXFh24tRpb5zcq6lp"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f7cc30b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3756
GET H3	200	rbx.png alt.leaking.rest/uploads/	52 KB 52 KB	178ms 175ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/rbx.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d55fd747df2ddcc21bcc3f9e7e71b8834bf3f56888d02883d5fb6068d91ad6b3 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YQ9G9YXKVC6FHHGV7T date Fri, 14 Apr 2023 23:52:50 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "85e9b5343286e220efb478019d937cd2-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HxxMWsHeeowRUQqPACqGRvPeZeogDJoin48iMbbXx9Xv9j6U%2B8Dk9gaLoBUTW4bSQpxJ32N9ANtHP3gB6wrYGEn2TTzp9rNHQmJX2yymDDLlFm5s2x5Qxh55NW82j%2FzUPPjOOtN6furIuxnZLxYQ"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9cdb0b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 52990
GET H3	200	user.png alt.leaking.rest/uploads/	1 KB 2 KB	172ms 167ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/user.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 30282b22d55a97b73afe6aecc40b6b9ef6e2e9f48a812658a54dbe3ecfd53348 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YXSRB5J5X7KCTXATNE date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "64fe00bb9b79ed44d21279e8b8735347-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJxTLoxAsssyGD8kc4yHxd0vITeKav%2Bavia2i8TFc6QkDrVu1AZCzktyVMknoGr%2BcBYs6aNaPI%2BfyDXlt6%2BhD%2BoYpo5SpBo9X4xiggDGnHI3YayIO5qV0g6VzJeHhyK345PdQNyBFTg3bvBJsUzY"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9ce40b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1343
GET H3	200	ios.png alt.leaking.rest/uploads/	908 B 1 KB	162ms 157ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/ios.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27c6971b9aae5c124e27b3de9f626f43d76e2af9c8b33adf9d106bf00e6b0040 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YRA3FQ0QN63XB4DJAT date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "ebccc546e17052bf6b03ee1d47503dc3-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mD9w3O70KiPLo%2BIl5BRZb5CWdf2S53cdn9mpUMmXE5KJoC2fFnbLmOzPfDhFsF0Hy5kXOjRwnKBThonhyI%2FS45ZJ7NWBYBS%2B1OoA7ggkVv95tMo19mFv%2BkDKuLswX4LnsanG7%2Bnhg3iAhB8KyDH0"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9ce50b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 908
GET H3	200	android.png alt.leaking.rest/uploads/	870 B 1 KB	64ms 59ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/android.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 664fd9b0627015f6e75b201d8e74c23b599ddc5d8907ec3cfb4da068564f3c89 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YTYB461FA325FA2BJ2 date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "115826b9b3ed3ea144f88b76b5ab1fb5-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuDQMii8ck3ldObzc9Cl7hrNiHUjtAELDCIsPSAznccHo%2F%2BR3W6z853N%2FgtQy89dkjZxf4cFu6K%2FLLRsMD%2FMEfW8m7V%2FqOcQKkEzOWggoCclwITXO9srjngPavpER4OLJLwCv0UAu34DZ9WDbMsS"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9ce60b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 870
GET H3	200	xbox.png alt.leaking.rest/uploads/	3 KB 3 KB	170ms 165ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/xbox.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9c0dcad9637cef37d9bf3dfcada8dab33ff07584fde736b8223f1999e640ce73 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YVRPB6H368HH2DTCCJ date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "e960cb5bdf6f629db46c52b8c51a1529-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQc6f7pjFMEcOT99h8jtXYIbgS57mi4k38zOu%2FhisHHoYG8uA9a%2F4qGIqiWvbkjh6Dc3YHZBDYH6MqhZRPJJ0AVkD%2Bj7ongP6P77on9ptBvxHby1jzU8jy2acOzePsoZNkMsQFuT0f%2F31pjpicmF"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9ce70b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 2578
GET H3	200	windows.png alt.leaking.rest/uploads/	848 B 1 KB	56ms 51ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/windows.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 997deba6ef76bcbe066f1d06f57fa46cb3d435a842078130288249be5d3fc832 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YMW3FNJV8B8N7FGS19 date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "6a55c86a4ee45eedf3b86292c21d7370-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4QZHFJCb1f7Xuptj4Xpo73usw5%2BRdr4wYvNPLb5o%2FwMf3PcHMajZDE82FNQK2pJbI99xR%2B6NmHrvYRHMqakd7UgS7BFFLCuaFjVvIvdfsGI%2BAezc6qp93f4gzlkuShxICskhq8XPzDz%2FGw8PRvGr"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9ce80b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 848
GET H3	200	search.png alt.leaking.rest/uploads/	6 KB 6 KB	165ms 159ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/search.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash acb86749dc8db21e7a868a87cfede9b27c513546222b96cf06962d60741eb88a Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YVDEZEBPTK28KVHN38 date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "a22312687ad7a26119c0b0090032241b-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Xd0wFSiPnSVgMcBqlGeigDGRBz9Pb8LzqZ%2FzyzLrCYmbUpWEc5y7SLQzH5lx8%2FFmMfC2eZGQsa40s28wXmeUhZcbf1T5Fsz7rv3QKGTXuYcaCXOWQ32BnqP787Dx4A5bDwFfPMzMOIpJ8VuB2PZR"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9ce90b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 5784
GET H3	200	checkok.png alt.leaking.rest/uploads/	2 KB 2 KB	57ms 52ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/checkok.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ba2f1ba3428b9da1ceb9992db9f5bf33f0b8f2321b9a1eac32f8425b653aa4da Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YQE2GTKP5P65RZA1Q7 date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "a7f8c2c73f8a3f34af0e555289deb9bc-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=glBimi7C7lb72C5YRDa6lLW7V7lfrnZfFfDA8HlFrRlziLUpL8fBrR%2FDsLcV8btSTYkw%2BqFIl4%2B3Kbzu3KBmhy1Ghv3JYcDDlCNLq36UsLTGLZFKROtFg7v3S3dnnK%2BEtO57y27GL1Z2FM3ym72S"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9cea0b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 1557
GET H3	200	rot.png alt.leaking.rest/uploads/	4 KB 4 KB	57ms 53ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/rot.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 56f4bbbab2d967573a52a2187dd8304dddcec978e296ca625b5b25ce09980c08 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YRD2N290TVW9VGBTHG date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "18af490e28d3aad4763c08e192ffc0d2-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K2UuwxrYzyXKmQ6MgjI9s5MLGq%2FXizkhRSEp6Y9c0%2FfExKu9ZguUwlIq16B8jYTKav0SR5uUSA6GUsV%2Fh7T6cNMiCLFWQA%2BLWVC5zf2GBKHbNi1NFQifzFsUHdPU1FPOCzFIw2O6sQZj6WIZOUJ6"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9ceb0b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 3714
GET H3	200	rbxg.png alt.leaking.rest/uploads/	16 KB 17 KB	63ms 59ms	Image image/png	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/rbxg.png Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 6b75bdce8e23428263f9ff4ce5e498151f0eae3f0feff8831f4f00887b1649c0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YQPQTG3RCE3N4ZW7GX date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "9d59f3283157fe8f3f23d4ee46279778-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljtKTrekRYVXPinwnTUyRR0PqH6ca9JiUHVTNtTnP3aySp77ROLi6nxOX85K5HQP8V4D%2BBsUuWKxhN0pTw61pRpS2eNziqQBi2mRfRXY7FO%2F31LEsvRmFeza%2BWIFvGuXqIUvX7VMQVO9hJmE1cJ7"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9cec0b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 16741
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/2.2.4/	84 KB 30 KB	210ms 61ms	Script text/javascript	2a00:1450:4001:813::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 20:47:48 GMT content-encoding gzip x-content-type-options nosniff age 11101 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30028 x-xss-protection 0 last-modified Tue, 03 Mar 2020 19:15:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Sat, 13 Apr 2024 20:47:48 GMT
GET H2	200	counter.js Show response www.statcounter.com/counter/	43 KB 15 KB	104ms 34ms	Script application/javascript	104.20.218.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://www.statcounter.com/counter/counter.js Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 23:52:49 GMT content-encoding br cf-cache-status HIT last-modified Thu, 13 Apr 2023 11:03:20 GMT server cloudflare age 33521 etag W/"6437e178-aba5" vary Accept-Encoding content-type application/javascript cache-control max-age=43200 cf-ray 7b7fdd600b80b78b-AMS expires Sat, 15 Apr 2023 02:34:08 GMT
GET H2	200	html.3642950.83e6e.0.js Show response d2punpeg7vtjci.cloudfront.net/public/external/v2/	11 KB 12 KB	269ms 198ms	Script application/javascript	2600:9000:2491:ae00:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/v2/html.3642950.83e6e.0.js Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/014e68f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:ae00:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 02d7f4c8d40737ebc59bb37b5ac9179f9a120053e773bf18ea2e63ef0c1fe679 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 23:52:50 GMT via 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript x-amz-cf-id rfmA8_Qr0AyK5lMVDJa7DZG-ZUt5Y3MNkDtx8rQQlFK1-OZOvC1adA==
GET H2	200	css_front.css d2punpeg7vtjci.cloudfront.net/public/external/	6 KB 7 KB	273ms 193ms	Stylesheet text/css	2600:9000:2491:ae00:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/css_front.css Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/014e68f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:ae00:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 23:52:50 GMT via 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront) last-modified Tue, 23 Jun 2020 20:06:47 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 etag "19c4-5a8c5e62e9d0a" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 6596 x-amz-cf-id af6fuiGpehaEBUDKS8OicAed0X-5JN8UbIKp4cbTFFnCqB1Pv78OHA==
GET		Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2 fonts.gstatic.com/s/roboto/v15/	0 0
GET H3	200	bg.jpg alt.leaking.rest/uploads/	60 KB 60 KB	84ms 82ms	Image image/jpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://alt.leaking.rest/uploads/bg.jpg Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab887875115f9a456d0e2a9d699a5d73b446d6ffc903a7bb07628ca90751b05f Request headers accept-language nl-NL,nl;q=0.9 Referer https://alt.leaking.rest/gen.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers x-nf-request-id 01GY12Z5YXSV29X6EYG7HQJX9A date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "4dd3b19c2270703e3dc1d5980b5427a6-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BmnTlBHA8H7tmVSMM9uMxWnIQ3Epag6yznssK2N1qZ106SI%2FDSMpzTl2d%2B6P2G6BUGPsu1WDdiw9gDovGd6D4FphN2pivgYfVyTNyeyayVWc3QWICNDRDAOcGDwpUqjhOtKlR3Snj%2F%2FwUP2WZWCG"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=14400, must-revalidate accept-ranges bytes cf-ray 7b7fdd5f9ced0b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 content-length 61126
GET H2	200	KFOmCnqEu92Fr1Mu4mxK.woff2 fonts.gstatic.com/s/roboto/v30/	15 KB 16 KB	104ms 31ms	Font font/woff2	2a00:1450:4001:811::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://alt.leaking.rest accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Tue, 11 Apr 2023 10:31:11 GMT x-content-type-options nosniff age 307298 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15744 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:48 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Wed, 10 Apr 2024 10:31:11 GMT
GET H3	206	click.mp3 alt.leaking.rest/sounds/	3 KB 3 KB	156ms 156ms	Media audio/mpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alt.leaking.rest/sounds/click.mp3 Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ade27a73fee2c59448d167864eda3aa8a6dd381e80dd6445fd8e851d8a1cd2e Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Range bytes=0- Response headers x-nf-request-id 01GY12Z5ZXBCQ8WYTQDFM1MAP9 date Fri, 14 Apr 2023 23:52:50 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "339c697bab7b6f9b5ea6df1cef753322-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXa5YzZ2%2FXfKZ8Qj8euxpLmCKjf8YiURFwzKj0CI9i%2FjqjPXoR1%2FYD5SHw%2BWB4jzUgeaWS86HxxMtyn%2F8gPqpyySqtQFBXLm7uMQrcfLHKD8ldeyZ%2FlEyLJvOX%2B6swq%2BicZLo5SXyU5T%2FXQXbmXG"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-2562/2563 cache-control public, max-age=14400, must-revalidate cf-ray 7b7fdd5fdd430b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2563
GET H3	206	laststep.mp3 alt.leaking.rest/sounds/	42 KB 43 KB	174ms 173ms	Media audio/mpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alt.leaking.rest/sounds/laststep.mp3 Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash fe4a5f15eee6bc994d0e98898077efb47663a0ca8b7c8f8a619477e5fa711f06 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Range bytes=0- Response headers x-nf-request-id 01GY12Z5ZWET49CTPJCVZY9F81 date Fri, 14 Apr 2023 23:52:50 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "ec6d254e467c035bda80b7ce2ad84cae-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GObX%2F7Y%2Bb35aqCvU4uyX09XI5fRuxuNrOJkRXp%2FNbbEJJfCpYjaijetNquiQHcrtiaHPavBZN0yDITIX9GLYhHsSKstL6MZVXy7eIw8TMbtdUACHUQrD5HziQwH2P00sC6Mp3MvBYOB4uUmG7%2BPW"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-43351/43352 cache-control public, max-age=14400, must-revalidate cf-ray 7b7fdd5fdd440b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 43352
GET H3	206	poinrunning.mp3 alt.leaking.rest/sounds/	9 KB 9 KB	158ms 158ms	Media audio/mpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alt.leaking.rest/sounds/poinrunning.mp3 Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cd9f9fed5542c7133fd4afa181164c14ba98b8ac17df9fd23a64a096e4f2c084 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Range bytes=0- Response headers x-nf-request-id 01GY12Z5ZX25310JM64Y1EN6RJ date Fri, 14 Apr 2023 23:52:50 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "86f205ac451158b4ddcb0d1b6a8a76a1-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0hsrUYh0euyYHlJ5dmLAn1LMTIV25RJSxNVU%2BfkDwRSgnYEd%2FTrNulK1QX6yeXw05q%2F4YxoSL83LTFfCbdR2VBlGYj7z5Z0rVHkiUWLHTIwOzZDekOqQrw3vZ5ee6r4aGE8fpavbZHVs5TxVpOCz"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-8906/8907 cache-control public, max-age=14400, must-revalidate cf-ray 7b7fdd5fdd450b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 8907
GET H3	206	selected.mp3 alt.leaking.rest/sounds/	2 KB 3 KB	159ms 159ms	Media audio/mpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alt.leaking.rest/sounds/selected.mp3 Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0db8da9601b01317d011fc85db51d9cd903c9b68477f2029fa386b0dc3165d19 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Range bytes=0- Response headers x-nf-request-id 01GY12Z5ZXM47W2Y1NEH9FVVG2 date Fri, 14 Apr 2023 23:52:50 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "4088e9fb63e5e8c746344dd0c97226d6-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kt77Wk33bpayohXSkeEGN1nIhPefjv43W4lwQ6qbrjQRbpkWxlR2S32zASiQh%2BH%2BGPMx5OKJASBebXc3pNZKUtg2Ito8YS177M5mmbcqQ15OzZR9jN7BvWQgAvS3r4nqVOQhfOCLiBxjAOVqVi17"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-2144/2145 cache-control public, max-age=14400, must-revalidate cf-ray 7b7fdd5fdd470b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 2145
GET H3	206	success.mp3 alt.leaking.rest/sounds/	37 KB 37 KB	88ms 87ms	Media audio/mpeg	2a06:98c1:3120::3 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://alt.leaking.rest/sounds/success.mp3 Requested by Host: alt.leaking.rest URL: https://alt.leaking.rest/gen.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 080c528a4e9ee967b6be0e9e6426adc44d8e6a833f471becf7ae4a024f6e7769 Request headers Referer Accept-Encoding identity;q=1, *;q=0 accept-language nl-NL,nl;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Range bytes=0- Response headers x-nf-request-id 01GY12Z605KY4QMAYD3J8CJ732 date Fri, 14 Apr 2023 23:52:49 GMT cf-cache-status MISS nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare etag "d767e00b6c30cedff81b34877dea385d-ssl" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xgqBqKrbwEIST7tFioy0Txa9EXWsRvkFYmgNX1fvcd%2BKVTDaMbw9zVJdFqD9eC29uhh%2FQgBQhTCAQJT3ImzOF2v7N0wiZeWUUrHY%2Fh1PqswXWzZqm%2BkzSzpQRwkV0etBoVJIitEiMYZ7yG%2FWuNLR"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-37507/37508 cache-control public, max-age=14400, must-revalidate cf-ray 7b7fdd5fdd490b36-AMS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 Content-Length 37508
GET H2	200	t.php Show response c.statcounter.com/	192 B 591 B	166ms 157ms	XHR application/json	104.20.218.77 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://c.statcounter.com/t.php?sc_project=12863467&u1=3848ACC8C5844FC6ECABC50EC4C33AF6&java=1&security=24dfe965&sc_snum=1&sess=c5bd59&p=0&rcat=d&rdom=d&rdomg=new&bb=1&jg=new&rr=1.1.1.1.1.1.1.1.1&resolution=1600&h=1200&camefrom=&u=https%3A//alt.leaking.rest/gen.html&t=GENERATOR%20PRO&invisible=1&sc_rum_e_s=948&sc_rum_e_e=951&sc_rum_f_s=0&sc_rum_f_e=945&get_config=true Requested by Host: www.statcounter.com URL: https://www.statcounter.com/counter/counter.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.20.218.77 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 23:52:50 GMT content-encoding br cf-cache-status DYNAMIC server cloudflare content-type application/json access-control-allow-origin https://alt.leaking.rest p3p policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR" access-control-allow-credentials true cf-ray 7b7fdd605ba3b78b-AMS expires Mon, 26 Jul 1997 05:00:00 GMT
GET H2	200	css.css d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/	1010 B 1 KB	188ms 185ms	Stylesheet text/css	2600:9000:2491:ae00:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/clockers/PrimeApps/css.css Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/014e68f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:ae00:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / Resource Hash a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 23:52:50 GMT via 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront) last-modified Fri, 10 Apr 2020 22:29:00 GMT server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 etag "3f2-5a2f7428ae907" x-cache Miss from cloudfront content-type text/css accept-ranges bytes content-length 1010 x-amz-cf-id qiCB7tP5BukdGWyt_JE4W-6Iy4H9IIe8OnbHyfcf12BVA3LZXGnCbw==
GET H2	200	guid Show response d2punpeg7vtjci.cloudfront.net/public/	0 277 B	335ms 335ms	Script text/html	2600:9000:2491:ae00:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/guid?cpguid=ndp8tlx6t&e=ll&t=1681516370828 Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/014e68f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:ae00:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 23:52:51 GMT via 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront) server Apache/2.4.46 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type text/html; charset=UTF-8 content-length 0 x-amz-cf-id TCiZLvN6vyJ4J_oopmuznBELLJtrymiE8YtfNb2gIKzt0kEUYxDAoQ==
GET H2	200	check.php Show response d2punpeg7vtjci.cloudfront.net/public/external/	78 B 372 B	191ms 191ms	Script application/javascript	2600:9000:2491:ae00:1c:8de0:8c80:21 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d2punpeg7vtjci.cloudfront.net/public/external/check.php?it=3642950&time=1681516372145 Requested by Host: d2bb5k76l7oivo.cloudfront.net URL: https://d2bb5k76l7oivo.cloudfront.net/014e68f.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:2491:ae00:1c:8de0:8c80:21 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 / PHP/7.4.11 Resource Hash 9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b Request headers accept-language nl-NL,nl;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.49 Safari/537.36 Response headers date Fri, 14 Apr 2023 23:52:52 GMT via 1.1 a5010656f4f762c0fdffac3448496b86.cloudfront.net (CloudFront) server Apache/2.4.51 () OpenSSL/1.0.2k-fips PHP/7.4.11 x-amz-cf-pop FRA56-P7 x-powered-by PHP/7.4.11 x-cache Miss from cloudfront content-type application/javascript content-length 78 x-amz-cf-id u3cygJxzte-CrV4nust_b9aaE4fJwKPHGNXNG4RWBHPmQ4xet-lBbQ==

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

fonts.gstatic.com

URL

http://fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic Scam (Online)

38 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless object| CPABUILDSETTINGS object| CPABUILDContentLocker number| __cfRLUnblockHandlers function| CPBContentLocker function| CPABuildLock function| CPABuildGetFeedURL function| CPABuildGetIframeURL function| CPABuildGetIframeHTML function| CPABuildUnlock function| CPABuildOfferComplete function| CPABuildOffersComplete function| CPABuildCheckForLead function| og_load function| CPABuildComplete function| call_locker function| $ function| jQuery object| audioclick object| audiolaststep object| audiopoinrunning object| audioselected object| audiosuccess number| robuxvalue string| platform function| Selectedplatform function| rbxamselc function| myFunction function| proStep1 function| proStep2 function| myFunHideSearching function| myFunHideUserFound function| myFunNext number| sc_project number| sc_invisible string| sc_security function| _statcounter

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			alt.leaking.rest/	1970-01-20 11:19:40	Name: _cpguid Value: ndp8tlx6t
			.alt.leaking.rest/	1970-01-20 20:41:16	Name: sc_is_visitor_unique Value: rx12863467.1681516370.3848ACC8C5844FC6ECABC50EC4C33AF6.1.1.1.1.1.1.1.1.1
			.statcounter.com/	1970-01-20 20:41:16	Name: is_unique Value: sc12863467.1681516370.0
			.statcounter.com/	1970-01-20 20:41:16	Name: is_visitor_unique Value: 1681516370628041051

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://alt.leaking.rest/style.html Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://alt.leaking.rest/gen.html Message: Mixed Content: The page at 'https://alt.leaking.rest/gen.html' was loaded over HTTPS, but requested an insecure font 'http://fonts.gstatic.com/s/roboto/v15/Pru33qjShpZSmG3z6VYwnRJtnKITppOI_IvcXXDNrsc.woff2'. This request has been blocked; the content must be served over HTTPS.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
alt.leaking.rest
c.statcounter.com
d2bb5k76l7oivo.cloudfront.net
d2punpeg7vtjci.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
www.statcounter.com
fonts.gstatic.com
104.20.218.77
2600:9000:2491:a600:d:e9c:2500:21
2600:9000:2491:ae00:1c:8de0:8c80:21
2a00:1450:4001:811::2003
2a00:1450:4001:813::200a
2a00:1450:4001:828::200a
2a06:98c1:3120::3
02d7f4c8d40737ebc59bb37b5ac9179f9a120053e773bf18ea2e63ef0c1fe679
05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e
080c528a4e9ee967b6be0e9e6426adc44d8e6a833f471becf7ae4a024f6e7769
0ade27a73fee2c59448d167864eda3aa8a6dd381e80dd6445fd8e851d8a1cd2e
0db8da9601b01317d011fc85db51d9cd903c9b68477f2029fa386b0dc3165d19
27c6971b9aae5c124e27b3de9f626f43d76e2af9c8b33adf9d106bf00e6b0040
30282b22d55a97b73afe6aecc40b6b9ef6e2e9f48a812658a54dbe3ecfd53348
4e516b75c9ce0d756713b6d231b901beea2a200a80e717092603819dd97fc259
54a96cea800a69e3833a2141b761b6adb446a6f42e20fdb456c473fac4ce93c6
56f4bbbab2d967573a52a2187dd8304dddcec978e296ca625b5b25ce09980c08
59dd1a853b2ba32c239df8f9ab3a3224c0970d2e5c8d372f9fd67cb088d25c17
664fd9b0627015f6e75b201d8e74c23b599ddc5d8907ec3cfb4da068564f3c89
6b75bdce8e23428263f9ff4ce5e498151f0eae3f0feff8831f4f00887b1649c0
7cb2b177ef2c7560273c716faa3e8619d6493c29e6ebd2b4fae4459e28d66bde
997deba6ef76bcbe066f1d06f57fa46cb3d435a842078130288249be5d3fc832
9c0dcad9637cef37d9bf3dfcada8dab33ff07584fde736b8223f1999e640ce73
9ef4a63fc5e0a14a7301d693d65d6acfc44cdf14853c4a20890198f2d5e52e3b
a7081a117335212b9e7f2e348f7369a64423d51db1666310b3451e7375f0b7de
a7bd79b6fba60944ee3a9c153108ff0819d2db57850116ac7065a86db08af4ec
ab887875115f9a456d0e2a9d699a5d73b446d6ffc903a7bb07628ca90751b05f
acb86749dc8db21e7a868a87cfede9b27c513546222b96cf06962d60741eb88a
ba2f1ba3428b9da1ceb9992db9f5bf33f0b8f2321b9a1eac32f8425b653aa4da
bae15e7a8c59219ab7e0600b2c451f14abb0dc30b15756b378e71625819c5c68
cd9f9fed5542c7133fd4afa181164c14ba98b8ac17df9fd23a64a096e4f2c084
d212a5a732e0632cb7a63412830a021c8c0a4aaa835a604ef008c1b0e4b00300
d55fd747df2ddcc21bcc3f9e7e71b8834bf3f56888d02883d5fb6068d91ad6b3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb2697b60c526a1d4980e0874700e7c2b4f43bb9292770f71bb4bb972506e415
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fe4a5f15eee6bc994d0e98898077efb47663a0ca8b7c8f8a619477e5fa711f06