leakemergency-0514.today Open in urlscan Pro
172.67.166.51 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://leakemergency-0514.today/
Submission: On May 20 via api (May 20th 2024, 6:26:14 am UTC) from BE — Scanned from DE

Summary HTTP 32 Redirects Behaviour Indicators

Summary

This website contacted 12 IPs in 3 countries across 10 domains to perform 32 HTTP transactions. The main IP is 172.67.166.51, located in United States and belongs to CLOUDFLARENET, US. The main domain is leakemergency-0514.today.
TLS certificate: Issued by E1 on May 14th 2024. Valid for: 3 months.

This is the only time leakemergency-0514.today was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	172.67.166.51 172.67.166.51	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223e:8e00:2:17ff:2c80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	216.58.206.68 216.58.206.68	15169 (GOOGLE) (GOOGLE)
5	2600:1f18:e8a... 2600:1f18:e8a:cd04:9b88:a313:d24d:af44	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:81d::200e	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	216.58.206.35 216.58.206.35	15169 (GOOGLE) (GOOGLE)
6	23.50.233.47 23.50.233.47	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	23.206.171.42 23.206.171.42	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
32	12

8 172.67.166.51 (United States)

ASN13335 (CLOUDFLARENET, US)

leakemergency-0514.today	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:8e00:2:17ff:2c80:93a1 (United States)

ASN16509 (AMAZON-02, US)

ob.togreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.68 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: lhr35s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.togreencolumn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:81d::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.adsensecustomsearchads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.35 (United States)

ASN15169 (GOOGLE, US)
PTR: mil07s07-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.50.233.47 (San Jose, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-50-233-47.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.1.44 (San Francisco, United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.206.171.42 (Seattle, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-206-171-42.deploy.static.akamaitechnologies.com

analytics.pangle-ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	leakemergency-0514.today leakemergency-0514.today	31 KB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	140 KB
6	togreencolumn.com ob.togreencolumn.com — Cisco Umbrella Rank: 115914 obs.togreencolumn.com — Cisco Umbrella Rank: 106515	39 KB
3	taboola.com cdn.taboola.com — Cisco Umbrella Rank: 1034 trc.taboola.com — Cisco Umbrella Rank: 748 trc-events.taboola.com — Cisco Umbrella Rank: 2557	22 KB
3	adsensecustomsearchads.com www.adsensecustomsearchads.com — Cisco Umbrella Rank: 2604	720 B
2	googleadservices.com 1 redirects partner.googleadservices.com — Cisco Umbrella Rank: 5045 www.googleadservices.com — Cisco Umbrella Rank: 126	294 B
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	72 KB
1	pangle-ads.com analytics.pangle-ads.com — Cisco Umbrella Rank: 6132	966 B
1	google.de www.google.de — Cisco Umbrella Rank: 7810	64 B
1	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	24 B
32	10

	Domain	Requested by
8	leakemergency-0514.today	leakemergency-0514.today
6	analytics.tiktok.com	leakemergency-0514.today analytics.tiktok.com
5	obs.togreencolumn.com	ob.togreencolumn.com leakemergency-0514.today analytics.tiktok.com
3	www.adsensecustomsearchads.com	www.google.com
2	www.google.com	1 redirects leakemergency-0514.today
1	trc-events.taboola.com	analytics.tiktok.com
1	analytics.pangle-ads.com	analytics.tiktok.com
1	trc.taboola.com	cdn.taboola.com
1	cdn.taboola.com	leakemergency-0514.today
1	www.google.de	leakemergency-0514.today
1	googleads.g.doubleclick.net	1 redirects
1	www.googleadservices.com	1 redirects
1	partner.googleadservices.com	www.google.com
1	ob.togreencolumn.com	leakemergency-0514.today
32	14

This site contains no links.

Subject Issuer	Validity	Valid
leakemergency-0514.today E1	`2024-05-14` - `2024-08-12`	3 months	crt.sh
*.togreencolumn.com Amazon RSA 2048 M02	`2023-07-18` - `2024-08-15`	a year	crt.sh
*.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.googleadservices.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
misc-sni.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
*.pangle-ads.com RapidSSL TLS ECC CA G1	`2023-08-10` - `2024-09-09`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://leakemergency-0514.today/
Frame ID: A51D7E8A1D05D3171FD2E5361E46BA5C
Requests: 31 HTTP requests in this frame

Frame: https://www.adsensecustomsearchads.com/afs/ads?adsafe=medium&psid=4456468933&pcsa=false&channel=seg484%2Cseg24&client=dp-domainactive15_3ph_xml&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fleakemergency-0514.today%2F%3Fcaf_results%3D1%26uuid%3De38f8eea-d1d0-4b0e-8ac6-501e10a34ad9%26t1%3D%26t2%3D%26t3%3D%26u%3D%26u2%3D%26sqs%3D%26tpct%3D%26rfpi%3D%26at2%3D15%26at3%3Dseg484%252Cseg24%26acid%3D%26avid%3D%26asrc%3D%26atxt%3D%26exp%3D%26grp%3D%26nterm%3D0%26pcid%3D%26src%3D%26sescnt%3D1%26ct%3D47&type=3&uiopt=false&swp=as-drid-2259921162580215&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r1&nocache=9191716186370483&num=0&output=afd_ads&domain_name=leakemergency-0514.today&v=3&bsl=8&pac=0&u_his=3&u_tz=120&dt=1716186370484&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=89&frm=0&uio=-&cont=kwBlock1&drt=0&jsid=caf&jsv=633245794&rurl=https%3A%2F%2Fleakemergency-0514.today%2F%3Fuuid%3De38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Frame ID: 5AB2B9794E24B70D8A1D2F8657DA6184
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Page Statistics

32
Requests

91 %
HTTPS

23 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

308 kB
Transfer

1008 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9

https://www.googleadservices.com/pagead/conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0 HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=995566960&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIy9P8t8ybhgMV_vARCB3q_QabMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IWh0dHBzOi8vbGVha2VtZXJnZW5jeS0wNTE0LnRvZGF5Lw HTTP 302
https://www.google.com/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=995566960&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIy9P8t8ybhgMV_vARCB3q_QabMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IWh0dHBzOi8vbGVha2VtZXJnZW5jeS0wNTE0LnRvZGF5Lw&is_vtc=1&cid=CAQSGwB7FLtqpApjTM8TXeyRkXK063XJk8VGNQ174w&random=2982390949 HTTP 302
https://www.google.de/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=995566960&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIy9P8t8ybhgMV_vARCB3q_QabMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IWh0dHBzOi8vbGVha2VtZXJnZW5jeS0wNTE0LnRvZGF5Lw&is_vtc=1&cid=CAQSGwB7FLtqpApjTM8TXeyRkXK063XJk8VGNQ174w&random=2982390949&ipr=y

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request / Show response
leakemergency-0514.today/ 12 KB
5 KB 221ms
147ms Document
text/html 172.67.166.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leakemergency-0514.today/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9a937c95083fbcf7b29ac4eee7eff88e029cf1ae97f9a86e837706ca92983c15

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 886a40ed3f0a9bb3-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Mon, 20 May 2024 06:26:10 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VCnzYtxAffz5Gl6b2eYFJ8KJZ8Z6xd57C6gqwN6YmB8o6TUf0NIEJz59pkaIVuvAUrgDSNvMn%2BYghPoep4QqX4Trzc5UjT4XEzN20pY2jS2SYjqrUjvRyfI9APnfjDR%2FvUKzze6RUXHfv0k%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-adblock-key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAOkfkOV3lsGKqQ9j5bagzq3wjNQNxWwn/esVXnQFKykdGNnnz7w5UeA2I4OuWHWvh0oBKk747TbfSyNssqOrybkCAwEAAQ==_y6ivR1eDFaGjNZgmOS1SquKgIp2RytxjJ1XJ/mHb8TT0cR1DjDTay11nvZ0f7iTZcjAi2gQeUqujewVL58DvqA==

GET
H2 200 6e3a82979a1e73c3323cc8d1a4e46b46.js Show response
ob.togreencolumn.com/i/ 102 KB
38 KB 33ms
6ms Script
text/javascript 2600:9000:223e:8e00:2:17ff:2c80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.togreencolumn.com/i/6e3a82979a1e73c3323cc8d1a4e46b46.js
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:8e00:2:17ff:2c80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Caddy /
Resource Hash: c24cda7a41ed432db98b2262de27a11e0fde1755aca903b1134bfcb0a1a15c76

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Sun, 19 May 2024 19:49:19 GMT
content-encoding: gzip
via: 1.1 934706f40ffde6f857deae8d024c1192.cloudfront.net (CloudFront)
server: Caddy
x-amz-cf-pop: FRA56-P4
age: 38211
etag: "197b9-RJ1bQnD3p4OkIWoj6fVetOpCwxo"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=43200
content-length: 38141
x-amz-cf-id: M9XCy_qoZq7kE-Tg1FiLNJhwOzvbNzM7Ou8zWavl9DIbZg7JFaA63A==
expires: Mon, 20 May 2024 07:49:19 GMT

GET
H3 200 bootstrap-4.3.1.min.css
leakemergency-0514.today/include/ 152 KB
23 KB 199ms
198ms Stylesheet
text/css 172.67.166.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leakemergency-0514.today/include/bootstrap-4.3.1.min.css
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:10 GMT
content-encoding: gzip
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 16:08:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2606e-617df644a4a00-gzip"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YH5X2QilMZUIQ2Zyqjj9mGF67F8MNzGTn7gdoFJFgE%2FYyGzyHZ1xFjX3mun3H3%2FVPPpVVFvXgjK6pdZ7n6AttiL1QiMCz%2Fdru2lo6cs1Du8CHDEkqrWOHtLYJvqTAns35bTA2zhFXedLALM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 886a40ee2fe89bb3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 23238

GET
H3 200 caf.js Show response
www.google.com/adsense/domains/ 186 KB
72 KB 36ms
18ms Script
text/javascript 216.58.206.68
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/adsense/domains/caf.js?abp=1&2va64smr560lx5k=true

Requested by

Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.68 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lhr35s11-in-f4.1e100.net

Software

sffe /

Resource Hash

aa56e66623c94c7f120048272ff15e312b13ecd2eae6a110410fcd8e43023b08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-afs-ui
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-afs-ui"
etag: "7891196664755221497"
vary: Accept-Encoding
report-to: {"group":"ads-afs-ui","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-afs-ui"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
accept-ranges: bytes
link: <https://www.adsensecustomsearchads.com>; rel="preconnect"
expires: Mon, 20 May 2024 06:26:10 GMT

GET
H2 200 ct Show response
obs.togreencolumn.com/ 4 KB
2 KB 308ms
112ms Script
text/javascript 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.togreencolumn.com/ct?id=59128&url=https%3A%2F%2Fleakemergency-0514.today%2F%3Fuuid%3De38f8eea-d1d0-4b0e-8ac6-501e10a34ad9&sf=0&tpi=&ch=cheq4ppc&uvid=&tsf=0&tsfmi=&tsfu=&cb=1716186370390&hl=3&op=0&ag=2115704966&rand=132001576921266122887627122111967361864091906157260566657806049015262981096801787689&fs=1600x1200&fst=1600x1200&np=win32&nv=google%20inc.&ref=&ss=1600x1200&nc=0&at=&di=W1siZWYiLDYyMl0sWyJhYm5jaCIsMjFdLFstNDcsIkV1cm9wZS9CZXJsaW4sZGUtREUsbGF0bixncmVnb3J5Il0sWy02NSwiLSJdLFstNDgsIjAsMCJdLFstMjMsIisiXSxbLTE0LCItIl0sWy0yLCI4LGVBSFdYMS9mM3F6Q3Zia3V5bVF3Z2xJYUYzcEVzUkVFVHBvVmRGVkJRUXBSY1JCRlNLSUlnaVJJcjBLaEpScXBTQXRDQWtRSHBJenliYlhwbVpyLzUvZDk2YnpjdVNBUEovR3QiXSxbLTQ0LCIwLDAsMCw1Il0sWy02MSwie1wid2dzbFwiOlwiNDtyZWFkb25seV9hbmRfcmVhZHdyaXRlX3N0b3JhZ2VfdGV4dHVyZXM7cGFja2VkXzR4OF9pbnRlZ2VyX2RvdF9wcm9kdWN0O3VucmVzdHJpY3RlZF9wb2ludGVyX3BhcmFtZXRlcnM7cG9pbnRlcl9jb21wb3NpdGVfYWNjZXNzO1wiLFwicGNmXCI6XCJiZ3JhOHVub3JtXCJ9Il0sWy02NywiLSJdLFstMzcsIi0xNDQtNjYtMTgwLSJdLFstNTQsIntcImhcIjpbXCJfM1wiLFwiMTQ0MTM3MDEzMlwiXSxcImRcIjpbXSxcImJcIjpbXSxcInNcIjoxfSJdLFstNjYsImdlb2xvY2F0aW9uLHN0b3JhZ2VhY2Nlc3MsZ2FtZXBhZCxjaGVjdCxtaWRpLGRpc3BsYXljYXB0dXJlLHVzYixwaWN0dXJlaW5waWN0dXJlLHB1YmxpY2tleWNyZWRlbnRpYWxzZ2V0LGxvY2FsZm9udHMsb3RwY3JlZGVudGlhbHMsZW5jcnlwdGVkbWVkaWEsY2hzYXZlZGF0YSxjaHVhZnVsbHZlcnNpb25saXN0LGNodWF3b3c2NCxjaGRvd25saW5rLGNocHJlZmVyc2NvbG9yc2NoZW1lLHN5bmN4aHIsY2h1YW1vZGVsLGNocHJlZmVyc3JlZHVjZWR0cmFuc3BhcmVuY3ksc2VyaWFsLGNhbWVyYSxjaHByZWZlcnNyZWR1Y2VkbW90aW9uLHByaXZhdGVzdGF0ZXRva2VuaXNzdWFuY2UsaWRlbnRpdHljcmVkZW50aWFsc2dldCxjaHVhZnVsbHZlcnNpb24sZnVsbHNjcmVlbixjaGRwcix1bmxvYWQsa2V5Ym9hcmRtYXAsY2h1YXBsYXRmb3JtLGd5cm9zY29wZSxjaHVhbW9iaWxlLHdpbmRvd21hbmFnZW1lbnQsY2h1YSxwdWJsaWNrZXljcmVkZW50aWFsc2NyZWF0ZSxtYWduZXRvbWV0ZXIsYWNjZWxlcm9tZXRlcixwcml2YXRlc3RhdGV0b2tlbnJlZGVtcHRpb24sY2h1YWFyY2gseHJzcGF0aWFsdHJhY2tpbmcsY2h1YWZvcm1mYWN0b3JzLGlkbGVkZXRlY3Rpb24sY2h1YXBsYXRmb3JtdmVyc2lvbixjaHdpZHRoLGNsaXBib2FyZHJlYWQsY2h2aWV3cG9ydHdpZHRoLHBheW1lbnQsY2h2aWV3cG9ydGhlaWdodCxjaHJ0dCxhdXRvcGxheSxjcm9zc29yaWdpbmlzb2xhdGVkLGhpZCxjaHVhYml0bmVzcyxzY3JlZW53YWtlbG9jayxjbGlwYm9hcmR3cml0ZSxjaGRldmljZW1lbW9yeSxtaWNyb3Bob25lIl0sWy0xNiwiMCJdLFstMTUsIi0iXSxbLTY0LCJbMCxcIldpbjMyXCIsW3tcImJcIjpcIkdvb2dsZSBDaHJvbWVcIixcInZcIjpcIjEyNFwifSx7XCJiXCI6XCJOb3Q6QS1CcmFuZFwiLFwidlwiOlwiOFwifSx7XCJiXCI6XCJDaHJvbWl1bVwiLFwidlwiOlwiMTI0XCJ9XV0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0sWzM3LCJbMzMxNjIyNDA0OSxmdW5jdGlvbihuZXdWYWx1ZSkge1xuICAgICAgICAgICAgICBhZGRDb250ZW50V2luZG93UHJveHkodGhpcylcbiAgICAgICAgICAgICAgLy8gUmVzZXQgcHJvcGVydHksIHRoZSBob29rIGlzIG9ubHkgbmVlZGVkIG9uY2VcbiAgICAgICAgICAgICAgT2JqZWN0LmRlZmluZVByb3BlcnR5KGlmcmFtZSwgJ3NyY2RvYycsIHtcbiAgICAgICAgICAgICAgICBjb25maWd1cmFibGU6IGZhbHNlLFxuICAgICAgICAgICAgICAgIHdyaXRhYmxlOiBmYWxzZSxcbiAgICAgICAgICAgICAgICB2YWx1ZTogX3NyY2RvY1xuICAgICAgICAgICAgICB9KVxuICAgICAgICAgICAgICBfaWZyYW1lLnNyY2RvYyA9IG5ld1ZhbHVlXG4gICAgICAgICAgICB9XSJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTU1LCIwIl0sWy02MywiLSJdLFstNjgsIi0iXSxbLTI1LCItIl0sWy02MiwiODAiXSxbLTQ5LCItIl0sWy0xMSwie1widFwiOlwiXCIsXCJtXCI6W1wib2c6dGl0bGVcIixcIm9nOmRlc2NyaXB0aW9uXCIsXCJkZXNjcmlwdGlvblwiXX0iXSxbLTE3LCIxMiJdLFstNSwiLSJdLFstMTksIlsxMTcwLDE1NzAsMTE3MCwxNTcwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAsMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiLDE2MDAsMTIwMF0iXSxbLTEwLCItIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0iXSxbLTYwLDIwNF0sWy00MCwiMzMiXSxbLTUyLCItIl0sWy04LCItIl0sWy01NywiV0UwWlYxeE9jVmhYWFZWY1N4Y0ZXbFpVU1V4TlhGMEhHV0pZU2hsWVNVbFZRR1FaRVZ4UFdGVVpXRTBaQlZoWFZsZEFWRlpNU2djWkVRTU9Bd2dNQ1FvSkFSQVZHUVZZVjFaWFFGUldURW9IQXdnQkF3b0pFQlZZVFJsNFMwdFlRQmRQWEJrUlVVMU5TVW9ERmhaV1d4ZE5WbDVMWEZ4WFdsWlZURlJYRjFwV1ZCWlFGZzljQ2xnQkN3QU9BRmdJWEE0S1dnb0tDd3BhV2dGZENGZ05YQTBQV3cwUEYxTktBd2dERHc0SURBRVEiXSxbLTQ2LCIwIl0sWy01MywiMTAwIl0sWy01OCwiLSJdLFstMzIsIi0iXSxbLTE4LCJbMCwwLDAsMV0iXSxbLTI5LCItIl0sWy00NSwiLSJdLFstMzAsIltcInZcIiwwXSJdLFstNiwiLSJdLFstMSwiLSJdLFstMTIsIm51bGwiXSxbLTEzLCItIl0sWy0yNCwiW10iXSxbLTUwLCJodHRwczovL2xlYWtlbWVyZ2VuY3ktMDUxNC50b2RheS8iXSxbLTMsIltcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIixcImludGVybmFsLXBkZi12aWV3ZXJcIl0iXSxbLTU2LCJsYW5kc2NhcGUtcHJpbWFyeSJdLFstNywiLSJdLFstMzMsIi0iXSxbMTIsIntcImN0eFwiOlwid2ViZ2xcIixcInZcIjpcImludGVsIGluYy5cIixcInJcIjpcImludGVsIGlyaXMgb3BlbmdsIGVuZ2luZVwiLFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDEuMCAob3BlbmdsIGVzIGdsc2wgZXMgMS4wIGNocm9taXVtKVwiLFwiZ3ZlclwiOlwid2ViZ2wgMS4wIChvcGVuZ2wgZXMgMi4wIGNocm9taXVtKVwiLFwiZ3ZlblwiOlwid2Via2l0XCIsXCJiZW5cIjo2LFwid2dsXCI6MSxcImdyZW5cIjpcIndlYmtpdCB3ZWJnbFwiLFwic2VmXCI6MTkzMDgyMDI3OSxcInNlY1wiOlwiXCJ9Il0sWy0zOCwibCwtMSwtMSwwLDAsMSwwLDU5LDE1LDE0NywtMSwwLCwsMzQ1LDM0NiJdLFstMzEsImZhbHNlIl0sWy0yOCwiZW4tVVMsZW4iXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMDEwMTEwMTAwMDAwMSJdLFstMjEsIi0iXSxbLTI3LCJbMCwxMCwwLFwiNGdcIixudWxsXSJdLFstMzQsIi0iXSxbLTUxLCItIl0sWy0zNSwiWzE3MTYxODYzNzAzODEsLTJdIl0sWy0yMCwiLSJdLFstNTksImRlZmF1bHQiXSxbLTksIisiXSxbLTI2LCJ7XCJ0amhzXCI6ODM1NjgzMyxcInVqaHNcIjo1NTAxNTMzLFwiamhzbFwiOjQyOTQ3MDUxNTJ9Il0sWy00LCItIl0sWy00MSwiLSJdLFsiYm5jaCIsODVdLFstMzksIltcIjIwMDMwMTA3XCIsMixcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51bGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCw1LHRydWUsdHJ1ZSxudWxsLDAsdHJ1ZSx0cnVlXSJdLFsiZGRiIiwiMCw4LDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwxLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMSwwLDAsMCwwLDEsMSwyLDAsMCw5LDAsMSwwLDAsMCwwLDEsMCwwLDEsMCwwLDYsMCwwLDEsMCwwLDAsMCwwIl0sWyJjYiIsIjAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDYsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDEsMCwwLDAsMCwwLDAsMSwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDAsMSwwLDAsMCw4LDAsMCwwLDAsMCwwLDAsMiwwIl1d&dep=0&pre=0&sdd=%7B%7D&cri=uwVBpSVAAn&pto=358&ver=59&gac=-&mei=&ap=&fe=1&duid=1.1716186370.t2GSvZHYnslDroGB&suid=1.1716186370.HiivrSU1ZMlaMBBC&tuid=1.1716186370.fN8ePMVPbEb7ZsDK&fbc=-&gtm=-&it=4%2C225%2C38&fbcl=-&gacl=-&gacsd=-&rtic=-&bgc=-&spa=1&urid=0&ab=&sck=-
Requested by: Host: ob.togreencolumn.com
URL: https://ob.togreencolumn.com/i/6e3a82979a1e73c3323cc8d1a4e46b46.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: f72153c08e1c5213e4dc9096262f94c39a3b544bd3c355a25fd663580b12a8b0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: text/javascript
pragma: no-cache
date: Mon, 20 May 2024 06:26:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1340
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 cookie.js Show response
partner.googleadservices.com/gampad/ 402 B
271 B 66ms
49ms Script
text/javascript 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=leakemergency-0514.today&client=partner-dp-domainactive15_3ph_xml&product=SAS&callback=__sasCookie

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&2va64smr560lx5k=true

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

cafe /

Resource Hash

f9a961e5c27580a5169e97c804f63b1ec13cf74d97726f854379497b0d5dd1bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 249
x-xss-protection: 0

GET
H2 200 ads
www.adsensecustomsearchads.com/afs/ Frame 5AB2 0
0 129ms
95ms Document
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.adsensecustomsearchads.com/afs/ads?adsafe=medium&psid=4456468933&pcsa=false&channel=seg484%2Cseg24&client=dp-domainactive15_3ph_xml&r=m&hl=de&ivt=0&rpbu=https%3A%2F%2Fleakemergency-0514.today%2F%3Fcaf_results%3D1%26uuid%3De38f8eea-d1d0-4b0e-8ac6-501e10a34ad9%26t1%3D%26t2%3D%26t3%3D%26u%3D%26u2%3D%26sqs%3D%26tpct%3D%26rfpi%3D%26at2%3D15%26at3%3Dseg484%252Cseg24%26acid%3D%26avid%3D%26asrc%3D%26atxt%3D%26exp%3D%26grp%3D%26nterm%3D0%26pcid%3D%26src%3D%26sescnt%3D1%26ct%3D47&type=3&uiopt=false&swp=as-drid-2259921162580215&oe=UTF-8&ie=UTF-8&fexp=21404%2C17301437%2C17301439%2C17301442&client_gdprApplies=1&format=r1&nocache=9191716186370483&num=0&output=afd_ads&domain_name=leakemergency-0514.today&v=3&bsl=8&pac=0&u_his=3&u_tz=120&dt=1716186370484&u_w=1600&u_h=1200&biw=1600&bih=1200&psw=1600&psh=89&frm=0&uio=-&cont=kwBlock1&drt=0&jsid=caf&jsv=633245794&rurl=https%3A%2F%2Fleakemergency-0514.today%2F%3Fuuid%3De38f8eea-d1d0-4b0e-8ac6-501e10a34ad9

Requested by

Host: www.google.com
URL: https://www.google.com/adsense/domains/caf.js?abp=1&2va64smr560lx5k=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-BeRT2rma64ijjzSDu2U8dg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://leakemergency-0514.today/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-disposition: inline
content-encoding: br
content-length: 2761
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-BeRT2rma64ijjzSDu2U8dg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type: text/html; charset=UTF-8
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
date: Mon, 20 May 2024 06:26:10 GMT
expires: Mon, 20 May 2024 06:26:10 GMT
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
server: gws
x-xss-protection: 0

GET
H3 200 pxlt.php Show response
leakemergency-0514.today/include/ 2 B
413 B 130ms
128ms Script
text/javascript 172.67.166.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leakemergency-0514.today/include/pxlt.php?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9&cb=56422704
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7S380d7qe01qhQZQ7QeRazDagIqN8lzWHOWFwUtHWDqXvZcsF0TML%2FGbRpwBdv9QrH0vXHtDUe2RdeqX4boOIiDakL1X3VYcqIlvyddox3nrcZuuA6unZOHzvibOOChahvw3akSREYx78Ik%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cf-ray: 886a40ef99969bb3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 2

GET
H3 200 px.gif
leakemergency-0514.today/abp/ 43 B
498 B 129ms
128ms Image
image/gif 172.67.166.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leakemergency-0514.today/abp/px.gif?ch=1&abp=1&2va64smr560lx5k=true&rn=1.3516621036875933
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:10 GMT
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 16:08:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2b-617df644a4a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PudZb7380kEn0ngAOtOlwEmseflYG87pwcNV2A6l8goOF7hS7xABgEDI1FPUQn7l%2B0sTVgu869vwsUibx7pYILDi4pxkLyyb9L%2F2XdK%2FE85WKjsWSBfGFDLMu7Z26g1poiqhKgB3qycQtI0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 886a40f0bab19bb3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3 200 px.gif
leakemergency-0514.today/abp/ 43 B
506 B 134ms
133ms Image
image/gif 172.67.166.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://leakemergency-0514.today/abp/px.gif?ch=2&abp=2&2va64smr560lx5k=true&rn=1.3516621036875933
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:10 GMT
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 16:08:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "2b-617df644a4a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XXV63S4ZCHqO3%2B%2FtRcl2P%2FsTpT3k%2BMqwGm1RJTmT2dQYvtoIGkvi8HWpmxvh8F8DfbDt5GcfUyX7CCI%2Fa6fjUKlPcLmM3eoTaTx5gS1ld1LQUYjlklzBBoOuNx2as9JPNTBhw%2Foh%2FBNYPvc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 886a40f0bab59bb3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43

GET
H3

200

/
www.google.de/pagead/1p-conversion/852667600/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=995566960&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnB...
https://www.google.com/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=995566960&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIy9P8t8y...
https://www.google.de/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=995566960&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIy9P8t8yb...

42 B
64 B

39ms
21ms

Image
image/gif

216.58.206.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=995566960&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIy9P8t8ybhgMV_vARCB3q_QabMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IWh0dHBzOi8vbGVha2VtZXJnZW5jeS0wNTE0LnRvZGF5Lw&is_vtc=1&cid=CAQSGwB7FLtqpApjTM8TXeyRkXK063XJk8VGNQ174w&random=2982390949&ipr=y

Requested by

Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9

Protocol

Server

216.58.206.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

mil07s07-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://leakemergency-0514.today/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 20 May 2024 06:26:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 20 May 2024 06:26:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/852667600/?label=pbDuCJuIvakZENDZypYD&guid=ON&script=0&ct_cookie_present=false&random=995566960&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIy9P8t8ybhgMV_vARCB3q_QabMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6IWh0dHBzOi8vbGVha2VtZXJnZW5jeS0wNTE0LnRvZGF5Lw&is_vtc=1&cid=CAQSGwB7FLtqpApjTM8TXeyRkXK063XJk8VGNQ174w&random=2982390949&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tc_imp.gif
obs.togreencolumn.com/tracker/ 43 B
79 B 96ms
95ms Image
image/gif 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.togreencolumn.com/tracker/tc_imp.gif?e=37dfbd8ee84e00126be8c63dec448d9d9225c24f567d43d6da1908be6245cad7bd70a976750ef80ed89373bfe70e9c20c1e53e8d5b188c6f2f17071a10acf9f29f674d85d78c02253f1bac7c76008369dc30ce5633512b96505258370d5b93bb6d4a77be26bb25cb43e2913bf05365ac5c7e721bda53ee46f497d5d83cbb2807ff7ecaa8556d8e0e3143714493d60265a060b3f493a0180dec1edae97dfa2bc8169b1adc597cff3200e714561c4b92177af998ffe4198b6dec06c213f85e162ae7d133722b325f817c99ec59b058609fc6e359143e3dd385293e88864c06513c157a77bb9e70392652b48d1c2ad7f4ec3ee3b8192d4079b4a7a7908677a0ddc05afb35cd0e6f2094f79fb6f12a93daf07785715b90ebc33e4c13ff666ca1951135e98bad258c02ff4eba874ecb48cacb2b926964c09d218e778cc0b6a69de5e11d2bfe27aaa9bf6b0d26b6c13bd4f002f04f591e8b080bde858ccfd1f9823cc9319fcce2db2ea26a7632876366c9838645218fef22f105bd944a9538a92e44191b9a36ed0a939dad7eecc86f954fe0dc8ed836d85a4236bd10545579092694e223a442d7dd8a28e5c634accb629a83a9a63da997a711267ec8b10d0a9ba00a1a5aa2a2a224f16ccfa81ebaa23cb86eb22d87008c06ddba6f9f4f66e0eed2352d23725d7b4d0540fba5d5338c10bd57105135eae31eacc44159a0fca6eeae66d0f0f6e094aefd82171669a503ffe24b64915e7707c5210163669d78ac7f05c1e9c77f8b60d7258bb72dcdb80d9a670e212002780f9dc0e4db3b67549a18459dcfd8bbb0c85b199fb0bd7e97d3727bd8d1102068f991da513db627855c9706e23f9b17dbd412e4a731ea9894cf9b406bf3fd3a60866abb8eb6ab0a816a341719896e4354adbe598fee79d68bcf8d0d99958d210f2946b93cad04a253b1866988764156227c17078804cddd4717e618b2b5e9279a8a14d86679bd10622d98e9d70b52e872f28e0ea25e684608df5e2de8d28b39b6254ce9970fb39b98a6d450d04f543c14f576235394960f5bba22b180c978efae8a6e0f09f06d4a4b70b4054cf4dbae4e039a091ccf85c50590c6b0ce4530ee61ff5616099f1f67268a8e6614dc8fbc88f0b812fd28f23b9737cb8c01cdf1ea6b6abe944ac382acf299a694df3e418fef3947db62d018975efdf674eb9c9cc77bb39ac7a7b8152ed6f3ecfd40c8489a0d5531507ac09025248d26f857dc8a36a40b3abb2e278e42efd12c2ffc3927034fcaa5846ed096&cri=uwVBpSVAAn&ts=319&cb=1716186370709
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
date: Mon, 20 May 2024 06:26:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
BLOB 200
OK ce6e325d-827e-4659-88fd-357499f140a3
https://leakemergency-0514.today/ 261 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://leakemergency-0514.today/ce6e325d-827e-4659-88fd-357499f140a3
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 53c5ec6d80d817c7247a288daf792d50456673247d12338e937492905efef733

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 261
Content-Type

GET
BLOB 200
OK 24fb3e75-ab4f-4513-b7ce-f83f2a50f0cb
https://leakemergency-0514.today/ 529 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://leakemergency-0514.today/24fb3e75-ab4f-4513-b7ce-f83f2a50f0cb
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ec1c89e6c7e3833a1ce5ccff51aff99c5f1d01920a015165ca75ab12051458d

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36

Response headers

Content-Length: 529
Content-Type

GET
H3 200 favicon.ico
leakemergency-0514.today/ 318 B
702 B 207ms
206ms Other
image/vnd.microsoft.icon 172.67.166.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leakemergency-0514.today/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63615a2b207899516aa6eb56ec330671ca1bb25ebe8eb4dd703f08e2906e344e

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 07 May 2024 16:08:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"13e-617df644a4a00"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZhAtooGBOKFfKDeqthdTeM2TRZRg9a0WsukZozkqxsQyWGrNBp%2FP2ifZZh0LaqpafuclBJmI4RIQ%2BG0wzyGaqsRMDrffy5U3IbO4gh9HIhwIVuyVSZ%2FZP0EzarYDB4Ax9BL9bf6AAzO5b48%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/vnd.microsoft.icon
cache-control: max-age=14400
cf-ray: 886a40f20bfa9bb3-FRA
alt-svc: h3=":443"; ma=86400

POST
H3 200 abpc.php Show response
leakemergency-0514.today/ 0
412 B 120ms
119ms XHR
text/html 172.67.166.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leakemergency-0514.today/abpc.php
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/json
Accept: application/json
Referer: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hcv6OwsHP2FyQ%2FE4LeRtQzNGMl3uLH5CXbvpICk0LbTAqmIx3p5x4qcNdxp1%2FCeJ%2BFMadaLTNT5BC%2BJYCf0MCvZgbNjjlu8nuyLHBfY3gAfGy4Cs6eaaCa8tZzDXRffTFz9VJXCJDS4qLl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cf-ray: 886a40f3ddd89bb3-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 da.php Show response
leakemergency-0514.today/ 1 KB
1 KB 152ms
152ms Script
text/javascript 172.67.166.51
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://leakemergency-0514.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive15_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9&t1=&t2=&t3=&u=&u2=&sqs=&tpct=&rfpi=&at2=15&at3=seg484%2Cseg24&acid=&avid=&asrc=&atxt=&exp=&grp=&nterm=0&pcid=&src=&sescnt=1&ct=47&impact=
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 172.67.166.51 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab4f73a49b61d00537648fc1106611dbd684c9fa871f3409d00a3e01cbe3f1d7

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 20 May 2024 06:26:11 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml",CP="NOI ADM DEV PSAi COM NAV OUR OTR STP IND DEM"
alt-svc: h3=":443"; ma=86400
content-length: 750
pragma: no-cache
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: POST, GET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uB1dTG6K2wbmrVrrV20Yva%2BxyVXzlOZqG0QNSDIVdp6nw887GxjAL7SE%2BZveMjcCWR2znblZ%2BxK9ncNjs83JOW3vRuXL1q7BmUldX%2FX56f653dgeaDGmGPdp0yJRtCmBzzJlZ8lM8l1TuoY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
content-type: text/javascript;charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 886a40f3ddde9bb3-FRA
expires: 0

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 571ms
239ms Script
application/javascript 23.50.233.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC2U1ORC77U2GLNDT8CG&lib=ttq
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive15_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9&t1=&t2=&t3=&u=&u2=&sqs=&tpct=&rfpi=&at2=15&at3=seg484%2Cseg24&acid=&avid=&asrc=&atxt=&exp=&grp=&nterm=0&pcid=&src=&sescnt=1&ct=47&impact=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.233.47 San Jose, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-233-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 11e60e734e1433181112449c56e3c4d5750e79c95b4ac95d7978e9503fb496ef

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1e5b9e9c.267b04a8
date: Mon, 20 May 2024 06:26:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240520062611DE53627E936D8095E543-35627ECC854AE5B6-00
x-cache: TCP_MISS from a23-50-233-43.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 77,23.50.233.43
server-timing: cdn-cache; desc=MISS, edge; dur=70, origin; dur=7, inner; dur=1
content-length: 1548
pragma: no-cache
server: nginx
x-tt-logid: 20240520062611DE53627E936D8095E543
x-cache-remote: TCP_MISS from a23-48-200-142.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 7,23.48.200.142
x-tt-trace-host: 01385de415a5676f228044e2b0b9508865e35ec49182f4a476837c532fcceb2adb0e5f68d2b4294cd6ec96910a7f2b354651cf668fe1d9607a08012ad80a5485aed9ac4348439a354ae40a54e1b4af4ee235bd2728cc850a28f02a050c790e1a7988008ca200fa9d0376dde2d6af2ed71f
expires: Mon, 20 May 2024 06:26:11 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/unip/1466668/ 69 KB
21 KB 29ms
7ms Script
application/javascript 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/unip/1466668/tfa.js
Requested by: Host: leakemergency-0514.today
URL: https://leakemergency-0514.today/da.php?act=2&gal=true&giev=0&gtp=%7B%22cafRequestAccepted%22%3Atrue%2C%22cafStatus%22%3A%7B%22client%22%3A%22partner-dp-domainactive15_3ph_xml%22%2C%22adult%22%3Afalse%7D%7D&uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9&t1=&t2=&t3=&u=&u2=&sqs=&tpct=&rfpi=&at2=15&at3=seg484%2Cseg24&acid=&avid=&asrc=&atxt=&exp=&grp=&nterm=0&pcid=&src=&sescnt=1&ct=47&impact=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b330b505f70ba85fe37bd406408c1efcf492087ae2de31c546369f57f869552c

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: CEU4dOiKupxkP_ytwviaoV5ODthGTf_I
content-encoding: gzip
via: 1.1 varnish
date: Mon, 20 May 2024 06:26:11 GMT
x-amz-request-id: FY4612QZYHGT3N1J
age: 102
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: PENDING
content-length: 21514
x-amz-id-2: gIOYvupN7jTlv0o0XYXH1VH6EAS/8Fu5LxLlaAyjfrnVfrmvjna9YYu4BDsrB53Xb+thuHPeWo4=
x-served-by: cache-fra-eddf8230110-FRA
last-modified: Sun, 12 May 2024 11:04:14 GMT
server: AmazonS3
x-timer: S1716186371.354730,VS0,VE1
etag: "a5a0730a9dbd7a9b013a79857553ac54"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 45
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 unip Show response
trc.taboola.com/1466668/log/3/ 0
298 B 21ms
15ms XHR
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/1466668/log/3/unip?en=DomainActiveLand&tim=1716186371370&mrir=u&vi=1716186371365&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fleakemergency-0514.today%2F%3Fuuid%3De38f8eea-d1d0-4b0e-8ac6-501e10a34ad9&tos=2&ssd=1&scd=0
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1466668/tfa.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-vcl-time-ms: 8
date: Mon, 20 May 2024 06:26:11 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7370
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230110-FRA
pragma: no-cache
server: nginx
x-timer: S1716186371.380565,VS0,VE8
content-type: image/gif
access-control-allow-origin: https://leakemergency-0514.today
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 200 mon Show response
obs.togreencolumn.com/ 0
16 B 112ms
111ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.togreencolumn.com/mon
Requested by: Host: ob.togreencolumn.com
URL: https://ob.togreencolumn.com/i/6e3a82979a1e73c3323cc8d1a4e46b46.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://leakemergency-0514.today
date: Mon, 20 May 2024 06:26:11 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

POST
H2 200 mon Show response
obs.togreencolumn.com/ 0
153 B 96ms
96ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.togreencolumn.com/mon
Requested by: Host: ob.togreencolumn.com
URL: https://ob.togreencolumn.com/i/6e3a82979a1e73c3323cc8d1a4e46b46.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://leakemergency-0514.today
date: Mon, 20 May 2024 06:26:11 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

GET
H2 200 main.MWYwYmM2YTU0MA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 330 KB
96 KB 159ms
158ms Script
application/javascript 23.50.233.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYwYmM2YTU0MA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CC2U1ORC77U2GLNDT8CG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.233.47 San Jose, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-233-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 11e688433452362c2a1be96f8c7d90696110ea5d7f6d6076612a33f1a99b59de

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 267b0576
date: Mon, 20 May 2024 06:26:11 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024051714110661CFCED13DC4C44D3CDC
x-tt-trace-id: 00-24051714110661CFCED13DC4C44D3CDC-6AADCCF22D4BCB15-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-50-233-43.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018eb1826cbc2eb4a477303433eabd636ec917e0aeee68100ca6b6331245f612d00391e079ebf42968ca1ca281bbf84ad1b2863b863abfae648c3ec1bdf6ba2a0aa33f986fd4b9340342b6fdf8b562d9c2f0947ea6efe869d60d91e7794fbc4ace
server-timing: cdn-cache; desc=HIT, edge; dur=1, origin; dur=0, inner; dur=20
content-length: 98003

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
508 B 51ms
25ms Image
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-domainactive15_3ph_xml&output=uds_ads_only&zx=bdlsupkduwwf&aqid=Au1KZti7IoXPovsP4-2q0Ag&psid=4456468933&pbt=bs&adbx=402.5&adby=35&adbh=362&adbw=795&adbah=98%2C98%2C98&adbn=master-1&eawp=partner-dp-domainactive15_3ph_xml&errv=633245794&csala=5%7C0%7C145%7C32%7C12&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-3suqvwt5Icc8Uz78zPF0RA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-3suqvwt5Icc8Uz78zPF0RA' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 20 May 2024 06:26:12 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 identify_dcd46a4d.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
39 KB 189ms
189ms Script
application/javascript 23.50.233.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_dcd46a4d.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYwYmM2YTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.233.47 San Jose, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-233-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 10f6ee2df2e4c9145e23f8ab5d1d1a5af3621b6cb5f910c5c855233b91891452

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 267b072e
date: Mon, 20 May 2024 06:26:12 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405091411082C1BD818CF0E29997CDB
x-tt-trace-id: 00-2405091411082C1BD818CF0E29997CDB-5D83BB34056AD8E3-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-50-233-43.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01e0bf096d3a6d847395733dbf03dbb1207e84d24983e9931075d7f83df75c0214b49bb30d1b017a6de3634c9ba49449100682e7ff81853629a6a8571a23e206e7ca98e46b121d4584a9b5473996825c159df7aeee42ff1822142833d35cd49c6f
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=2
content-length: 39593

POST
H2 200 pangle_pixel
analytics.pangle-ads.com/api/v2/ 0
966 B 518ms
210ms Ping
text/plain 23.206.171.42
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.pangle-ads.com/api/v2/pangle_pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYwYmM2YTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.171.42 Seattle, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-206-171-42.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 19a2ff80.4340a042
date: Mon, 20 May 2024 06:26:12 GMT
x-bytefaas-request-id: 202405200626127E507CE6C387F596EC1D
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405200626127E507CE6C387F596EC1D-6B5704F64A33881D-00
x-cache: TCP_MISS from a23-206-171-38.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56213035) (-)
x-parent-response-time: 67,23.206.171.38
server-timing: cdn-cache; desc=MISS, edge; dur=58, origin; dur=9, inner; dur=5
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202405200626127E507CE6C387F596EC1D
x-cache-remote: TCP_MISS from a23-54-205-234.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56213035) (-)
access-control-max-age: 86400
access-control-allow-methods: *
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
x-bytefaas-execution-duration: 4.00
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
x-gw-dst-psm: ad.union.pangle_web_traffic
x-tt-trace-host: 01385de415a5676f228044e2b0b950886541e4b9a88bca631c646e13d368eae0a8bbe9b6cc04fe44e29df59568dbbda022081aec61dd172b3b419b573346c9bbabb7de14609a85a64af0aa9f2e01e8f5598ab1c48c89de113057962a37b5893986ba48ed4da128cb1d2d5b7624dcbeb5e0
x-origin-response-time: 9,23.54.205.234
access-control-allow-headers: *
expires: Mon, 20 May 2024 06:26:12 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
841 B 269ms
269ms Ping
text/plain 23.50.233.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYwYmM2YTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.233.47 San Jose, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-233-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a51f4c1a.267b072f
date: Mon, 20 May 2024 06:26:12 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2405200626125A826997A824A4A44380-4153701B6EEB76FD-00
x-cache: TCP_MISS from a23-50-233-43.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 86,23.50.233.43
server-timing: cdn-cache; desc=MISS, edge; dur=73, origin; dur=19, inner; dur=17
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202405200626125A826997A824A4A44380
x-cache-remote: TCP_MISS from a23-220-105-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 19,23.220.105.82
x-tt-trace-host: 01385de415a5676f228044e2b0b9508865e35ec49182f4a476837c532fcceb2adbdf53a6c2789c46382e3c05262e3d242c0d0429bbc23038b6865c893058a108eda3b93bb1759231e8d082d197eba52bf5de7f50ac3ed63ce0b118aae97849534ce943af091cb601cb834316857ae0c3cd
access-control-allow-headers: Authorization,*
expires: Mon, 20 May 2024 06:26:12 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
844 B 289ms
288ms Ping
text/plain 23.50.233.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYwYmM2YTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.233.47 San Jose, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-233-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: a51f4bd6.267b0730
date: Mon, 20 May 2024 06:26:12 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240520062612AD10573C7334389DE1FA-25CDE6555467189B-00
x-cache: TCP_MISS from a23-50-233-43.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 105,23.50.233.43
server-timing: cdn-cache; desc=MISS, edge; dur=74, origin; dur=39, inner; dur=36
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240520062612AD10573C7334389DE1FA
x-cache-remote: TCP_MISS from a23-220-105-82.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 39,23.220.105.82
x-tt-trace-host: 01385de415a5676f228044e2b0b9508865e35ec49182f4a476837c532fcceb2adbdf53a6c2789c46382e3c05262e3d242c967ee89ee5f2ee06be9336bfe6df25ac174b244e213c07c966b43c5b972d066f8526eeaac9691fe3d6c140b2d6a35dea30c0168b2c06fe0202163493966fb4f3
access-control-allow-headers: Authorization,*
expires: Mon, 20 May 2024 06:26:12 GMT

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
841 B 268ms
268ms Ping
text/plain 23.50.233.47
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYwYmM2YTU0MA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.50.233.47 San Jose, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-50-233-47.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: c1ea73.267b07cb
date: Mon, 20 May 2024 06:26:12 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24052006261275F916114FC4B39DBE84-6F35C2ED3796A186-00
x-cache: TCP_MISS from a23-50-233-43.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
x-parent-response-time: 85,23.50.233.43
server-timing: cdn-cache; desc=MISS, edge; dur=71, origin; dur=22, inner; dur=18
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024052006261275F916114FC4B39DBE84
x-cache-remote: TCP_MISS from a23-48-200-133.deploy.akamaitechnologies.com (AkamaiGHost/11.5.1-56325026) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 22,23.48.200.133
x-tt-trace-host: 01385de415a5676f228044e2b0b9508865e35ec49182f4a476837c532fcceb2adb3ed2db00d7f16445c1f9dc24aaff2458d7388102d01bec6fd38d03da45dcab079285a12c431507865c5722db799c2df981a9a616318a1ad9233751dd2ba92ebdd08b203aa5cbecc727f0d58fcc6135ea
access-control-allow-headers: Authorization,*
expires: Mon, 20 May 2024 06:26:12 GMT

GET
H2 204 gen_204
www.adsensecustomsearchads.com/afs/ 0
212 B 30ms
29ms Image
text/html 2a00:1450:4001:81d::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.adsensecustomsearchads.com/afs/gen_204?client=dp-domainactive15_3ph_xml&output=uds_ads_only&zx=c6vhp8mmeuoo&aqid=Au1KZti7IoXPovsP4-2q0Ag&psid=4456468933&pbt=bv&adbx=402.5&adby=35&adbh=362&adbw=795&adbah=98%2C98%2C98&adbn=master-1&eawp=partner-dp-domainactive15_3ph_xml&errv=633245794&csala=5%7C0%7C145%7C32%7C12&lle=0&ifv=1&hpt=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gws /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	object-src 'none';base-uri 'self';script-src 'nonce-_GhcvQD_rcZ5be0h_JQqwg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-_GhcvQD_rcZ5be0h_JQqwg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
date: Mon, 20 May 2024 06:26:12 GMT
server: gws
cross-origin-opener-policy: same-origin-allow-popups; report-to="gws"
x-frame-options: SAMEORIGIN
report-to: {"group":"gws","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gws/other"}]}
content-type: text/html; charset=UTF-8
permissions-policy: unload=()
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 204 unip Show response
trc-events.taboola.com/1466668/log/3/ 0
253 B 65ms
13ms XHR
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://trc-events.taboola.com/1466668/log/3/unip?en=pre_d_eng_tb&tos=1552&scd=0&ssd=1&est=1716186371368&ver=36&isls=true&src=i&invt=1500&msa=0&rv=1&tim=1716186372921&mrir=u&vi=1716186371365&ref=null&cv=20240512-6-RELEASE&item-url=https%3A%2F%2Fleakemergency-0514.today%2F%3Fuuid%3De38f8eea-d1d0-4b0e-8ac6-501e10a34ad9
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYwYmM2YTU0MA.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: https://leakemergency-0514.today
pragma: no-cache
date: Mon, 20 May 2024 06:26:12 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

POST
H2 200 mon Show response
obs.togreencolumn.com/ 0
39 B 103ms
103ms XHR
application/json 2600:1f18:e8a:cd04:9b88:a313:d24d:af44
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.togreencolumn.com/mon
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWYwYmM2YTU0MA.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd04:9b88:a313:d24d:af44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="124", "Not:A-Brand";v="8", "Chromium";v="124"
sec-ch-ua-platform: "Win32"
Referer: https://leakemergency-0514.today/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://leakemergency-0514.today
date: Mon, 20 May 2024 06:26:13 GMT
access-control-allow-credentials: true
content-length: 0
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
content-type: application/json

Verdicts & Comments Add Verdict or Comment

44 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.leakemergency-0514.today/	1970-01-20 22:54:30	Name: _cq_duid Value: 1.1716186370.t2GSvZHYnslDroGB
.leakemergency-0514.today/	1969-12-31 23:59:59	Name: _cq_suid Value: 1.1716186370.HiivrSU1ZMlaMBBC
.leakemergency-0514.today/	1970-01-21 06:04:42	Name: __gsas Value: ID=99148b5b31375548:T=1716186370:RT=1716186370:S=ALNI_MbmNrmBxJ-wlIY6F62yVR2JIF0tVg
obs.togreencolumn.com/	1970-01-21 04:46:56	Name: cg_uuid Value: 47d55900b4144b3b9b3d852b7294e565
.doubleclick.net/	1970-01-20 20:43:07	Name: test_cookie Value: CheckForPermission
.tiktok.com/	1970-01-21 06:04:42	Name: _ttp Value: 2gihasw79p792ZlCnKeIAOUCWH8
.leakemergency-0514.today/	1970-01-21 06:04:42	Name: _tt_enable_cookie Value: 1
.leakemergency-0514.today/	1970-01-21 06:04:42	Name: _ttp Value: 4Nowg7rfPy4XB5zkdrvsOXwWyEH

14 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.google.com/adsense/domains/caf.js?abp=1&2va64smr560lx5k=true(Line 219) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
worker	verbose	URL: blob:https://leakemergency-0514.today/ce6e325d-827e-4659-88fd-357499f140a3(Line 1) Message: Error
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://leakemergency-0514.today/?uuid=e38f8eea-d1d0-4b0e-8ac6-501e10a34ad9 Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.pangle-ads.com
analytics.tiktok.com
cdn.taboola.com
googleads.g.doubleclick.net
leakemergency-0514.today
ob.togreencolumn.com
obs.togreencolumn.com
partner.googleadservices.com
trc-events.taboola.com
trc.taboola.com
www.adsensecustomsearchads.com
www.google.com
www.google.de
www.googleadservices.com
141.226.228.48
142.250.185.194
151.101.1.44
172.217.16.194
172.217.23.98
172.67.166.51
216.58.206.35
216.58.206.68
23.206.171.42
23.50.233.47
2600:1f18:e8a:cd04:9b88:a313:d24d:af44
2600:9000:223e:8e00:2:17ff:2c80:93a1
2a00:1450:4001:81d::200e
0889a34434e586e918436027c4e8b4c3380f84643731bdeb57024adb8745cf53
10f6ee2df2e4c9145e23f8ab5d1d1a5af3621b6cb5f910c5c855233b91891452
11e60e734e1433181112449c56e3c4d5750e79c95b4ac95d7978e9503fb496ef
11e688433452362c2a1be96f8c7d90696110ea5d7f6d6076612a33f1a99b59de
53c5ec6d80d817c7247a288daf792d50456673247d12338e937492905efef733
60b19e5da6a9234ff9220668a5ec1125c157a268513256188ee80f2d2c8d8d36
63615a2b207899516aa6eb56ec330671ca1bb25ebe8eb4dd703f08e2906e344e
7ec1c89e6c7e3833a1ce5ccff51aff99c5f1d01920a015165ca75ab12051458d
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9a937c95083fbcf7b29ac4eee7eff88e029cf1ae97f9a86e837706ca92983c15
aa56e66623c94c7f120048272ff15e312b13ecd2eae6a110410fcd8e43023b08
ab4f73a49b61d00537648fc1106611dbd684c9fa871f3409d00a3e01cbe3f1d7
b330b505f70ba85fe37bd406408c1efcf492087ae2de31c546369f57f869552c
c24cda7a41ed432db98b2262de27a11e0fde1755aca903b1134bfcb0a1a15c76
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f72153c08e1c5213e4dc9096262f94c39a3b544bd3c355a25fd663580b12a8b0
f9a961e5c27580a5169e97c804f63b1ec13cf74d97726f854379497b0d5dd1bc

leakemergency-0514.today Open in urlscan Pro 172.67.166.51 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

32 Requests

91 %HTTPS

23 %IPv6

10 Domains

14 Subdomains

12 IPs

3 Countries

308 kBTransfer

1008 kBSize

8 Cookies

0 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

leakemergency-0514.today Open in urlscan Pro
172.67.166.51 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

91 %
HTTPS

23 %
IPv6

10
Domains

14
Subdomains

12
IPs

3
Countries

308 kB
Transfer

1008 kB
Size

8
Cookies

32 HTTP transactions
0 data transactions