www.empressleak.biz Open in urlscan Pro
38.242.202.131 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Submission: On November 14 via manual (November 14th 2023, 6:45:05 pm UTC) from RO — Scanned from DE

Summary HTTP 122 Redirects Links 10 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 31 domains to perform 122 HTTP transactions. The main IP is 38.242.202.131, located in Düsseldorf, Germany and belongs to CONTABO, DE. The main domain is www.empressleak.biz.
TLS certificate: Issued by cPanel, Inc. Certification Authority on August 30th 2023. Valid for: 3 months.

This is the only time www.empressleak.biz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
49	38.242.202.131 38.242.202.131	51167 (CONTABO) (CONTABO)
1	2a04:4e42:600... 2a04:4e42:600::649	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6812:acf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2606:4700:e2:... 2606:4700:e2::ac40:8c0d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 18	212.117.190.201 212.117.190.201	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:e0:... 2606:4700:e0::ac40:600f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700:20:... 2606:4700:20::ac43:4739	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a01:4f8:161:... 2a01:4f8:161:6222::2	24940 (HETZNER-AS) (HETZNER-AS)
4	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	83.147.204.12 83.147.204.12	202492 (SGHL1-AS) (SGHL1-AS)
1	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	179.60.147.85 179.60.147.85	209588 (FLYSERVER...) (FLYSERVERS-ASN)
1	178.253.46.81 178.253.46.81	202492 (SGHL1-AS) (SGHL1-AS)
5	37.48.117.210 37.48.117.210	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	2606:4700:10:... 2606:4700:10::6816:2647	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.104.29.90 172.104.29.90	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c02::9a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700:10:... 2606:4700:10::ac43:88d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3035::ac43:d656	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::ac43:19a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	84.16.235.200 84.16.235.200	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1	2a02:b4a:1:7:... 2a02:b4a:1:7::9166:1	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
2	2606:4700:e4:... 2606:4700:e4::ac40:aa13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
122	30

49 38.242.202.131 (Düsseldorf, Germany)

ASN51167 (CONTABO, DE)
PTR: vmi1007800.contaboserver.net

www.empressleak.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::649 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:acf (United States)

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:8c0d (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 212.117.190.201 (Luxembourg, Luxembourg) 2 redirects

ASN7979 (SERVERS-COM, US)

ybs2ffs7v.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
coosync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gmxvmvptfm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:e0::ac40:600f (United States)

ASN13335 (CLOUDFLARENET, US)

nwwais.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::ac43:4739 (United States)

ASN13335 (CLOUDFLARENET, US)

waust.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a01:4f8:161:6222::2 (Berlin, Germany)

ASN24940 (HETZNER-AS, DE)

sub.yenidwa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

widget.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
egldvmz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 83.147.204.12 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)

refbanners.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.avscms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 179.60.147.85 (Caracas, Venezuela, Bolivarian Republic Of)

ASN209588 (FLYSERVERS-ASN, PA)

nkfinsdg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.253.46.81 (Iran, Islamic Republic Of)

ASN202492 (SGHL1-AS, SC)

refpa4948989.top	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.48.117.210 (Amsterdam, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

cdn.ftd.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
z.cdn.ftd.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:2647 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.tapioni.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.29.90 (Cedar Knolls, United States)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1848-90.members.linode.com

service.supercounters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:88d (United States)

ASN13335 (CLOUDFLARENET, US)

whos.amung.us	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3035::ac43:d656 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.bncloudfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:19a1 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pncloudfl.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 84.16.235.200 (Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)

f8.cdn.ftd.agency	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:b4a:1:7::9166:1 (Netherlands)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

wivyiz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:e4::ac40:aa13 (United States)

ASN13335 (CLOUDFLARENET, US)

youradexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	empressleak.biz www.empressleak.biz	2 MB
16	ftd.agency cdn.ftd.agency — Cisco Umbrella Rank: 84922 z.cdn.ftd.agency — Cisco Umbrella Rank: 89341 f8.cdn.ftd.agency — Cisco Umbrella Rank: 446045	93 KB
10	ybs2ffs7v.com 1 redirects ybs2ffs7v.com — Cisco Umbrella Rank: 238110	86 KB
7	gmxvmvptfm.com gmxvmvptfm.com — Cisco Umbrella Rank: 35265	38 KB
5	yenidwa.com sub.yenidwa.com	151 KB
3	egldvmz.com egldvmz.com	113 KB
3	refbanners.com refbanners.com — Cisco Umbrella Rank: 798209	3 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 1002	156 KB
2	youradexchange.com youradexchange.com — Cisco Umbrella Rank: 26862	951 B
2	bncloudfl.com cdn.bncloudfl.com — Cisco Umbrella Rank: 22444	151 KB
2	supercounters.com widget.supercounters.com — Cisco Umbrella Rank: 103414 service.supercounters.com — Cisco Umbrella Rank: 107845	1 KB
2	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2914	37 KB
1	gstatic.com fonts.gstatic.com	17 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31	1 KB
1	wivyiz.com wivyiz.com — Cisco Umbrella Rank: 100799
1	pncloudfl.com cdn.pncloudfl.com — Cisco Umbrella Rank: 17040	17 KB
1	coosync.com 1 redirects coosync.com — Cisco Umbrella Rank: 476141	592 B
1	amung.us whos.amung.us — Cisco Umbrella Rank: 16137	184 B
1	google.de www.google.de — Cisco Umbrella Rank: 6862	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 78	257 B
1	google.com region1.analytics.google.com — Cisco Umbrella Rank: 3040	248 B
1	tapioni.com cdn.tapioni.com — Cisco Umbrella Rank: 60723	1 KB
1	refpa4948989.top refpa4948989.top — Cisco Umbrella Rank: 560859	45 KB
1	nkfinsdg.com nkfinsdg.com	575 B
1	avscms.com cdn.avscms.com
1	waust.at waust.at — Cisco Umbrella Rank: 39728	4 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	77 KB
1	nwwais.com nwwais.com — Cisco Umbrella Rank: 99841	25 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	7 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 762	30 KB
0	tdmrfw.com Failed tdmrfw.com Failed
122	31

	Domain	Requested by
49	www.empressleak.biz	www.empressleak.biz
11	f8.cdn.ftd.agency	z.cdn.ftd.agency www.empressleak.biz f8.cdn.ftd.agency
10	ybs2ffs7v.com	1 redirects www.empressleak.biz ybs2ffs7v.com
7	gmxvmvptfm.com	ybs2ffs7v.com gmxvmvptfm.com
5	sub.yenidwa.com	www.empressleak.biz sub.yenidwa.com
4	z.cdn.ftd.agency	cdn.ftd.agency www.empressleak.biz
3	egldvmz.com	www.empressleak.biz egldvmz.com
3	refbanners.com	www.empressleak.biz refbanners.com
3	use.fontawesome.com	www.empressleak.biz use.fontawesome.com
2	youradexchange.com	egldvmz.com
2	cdn.bncloudfl.com	www.empressleak.biz
2	stackpath.bootstrapcdn.com	www.empressleak.biz
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	f8.cdn.ftd.agency
1	wivyiz.com	nwwais.com
1	cdn.pncloudfl.com	www.empressleak.biz
1	coosync.com	1 redirects
1	whos.amung.us	waust.at
1	www.google.de	www.empressleak.biz
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	service.supercounters.com	widget.supercounters.com
1	cdn.tapioni.com	sub.yenidwa.com
1	cdn.ftd.agency	www.empressleak.biz
1	refpa4948989.top	refbanners.com
1	nkfinsdg.com	www.empressleak.biz
1	cdn.avscms.com	www.empressleak.biz
1	widget.supercounters.com	www.empressleak.biz
1	waust.at	www.empressleak.biz
1	www.googletagmanager.com	www.empressleak.biz
1	nwwais.com	www.empressleak.biz
1	cdnjs.cloudflare.com	www.empressleak.biz
1	code.jquery.com	www.empressleak.biz
0	tdmrfw.com Failed	nwwais.com
122	34

This site contains links to these domains. Also see Links.

Domain
videojs.com
www.facebook.com
www.instagram.com
twitter.com
www.reddit.com
empressleak.biz
www.supercounters.com
lrqknpk.com
z.cdn.ftd.agency

Subject Issuer	Validity	Valid
empressleak.biz cPanel, Inc. Certification Authority	`2023-08-30` - `2023-11-28`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
use.fontawesome.com Cloudflare Inc ECC CA-3	`2023-10-12` - `2024-10-10`	a year	crt.sh
Buypass Class 2 CA 5	`2023-11-01` - `2024-04-28`	6 months	crt.sh
nwwais.com GTS CA 1P5	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
abc.cda-hd.co R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
supercounters.com GTS CA 1P5	`2023-10-15` - `2024-01-13`	3 months	crt.sh
refbanners.com R3	`2023-09-26` - `2023-12-25`	3 months	crt.sh
avscms.com GTS CA 1P5	`2023-09-24` - `2023-12-23`	3 months	crt.sh
nkfinsdg.com R3	`2023-09-19` - `2023-12-18`	3 months	crt.sh
refpa4948989.top R3	`2023-11-06` - `2024-02-04`	3 months	crt.sh
*.cdn.ftd.agency Go Daddy Secure Certificate Authority - G2	`2022-12-27` - `2023-12-28`	a year	crt.sh
egldvmz.com GTS CA 1P5	`2023-11-04` - `2024-02-02`	3 months	crt.sh
*.supercounters.com Sectigo RSA Domain Validation Secure Server CA	`2023-09-21` - `2024-10-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
wivyiz.com R3	`2023-09-21` - `2023-12-20`	3 months	crt.sh
youradexchange.com GTS CA 1P5	`2023-10-17` - `2024-01-15`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 7 frames:

Primary Page: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Frame ID: 4DEE0CCFC14BE07EBE044F775BEC544A
Requests: 102 HTTP requests in this frame

Frame: https://refbanners.com/I?tag=d_35545m_4593c_&site=35545&ad=4593
Frame ID: 73DECFFB19A50D32A13BCB25AB505BF1
Requests: 4 HTTP requests in this frame

Frame: https://ybs2ffs7v.com/sn/ps/1995151?freq=0&puid=7301390716112128231&so=1&zoneid=1995151
Frame ID: 779F3D8C740DEC476BDA0F0A664133A6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/d32/244/a16/d32244a16fab280f0b164ba3fc46794323da1554.gif
Frame ID: 532A63B6B2292FD17D1D7768245B2098
Requests: 2 HTTP requests in this frame

Frame: https://cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif
Frame ID: 5F56307A7A05BF89C17415E8E8FDCD59
Requests: 2 HTTP requests in this frame

Frame: https://cdn.pncloudfl.com/pn/05d/2e8/8b9/05d2e88b9dbcfdfc6afe2e0d262e7d3c811aab46.webp
Frame ID: 56DA3341C6150C2509FF907665D1C3F5
Requests: 2 HTTP requests in this frame

Frame: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1295245466&m=2096929604&c=1519956894&p0=1534494750&u=1030237a70d8efb0&t=1699987500&n=4529889769990882887&h=987686738
Frame ID: 27D60371DA772FF9ECA20B90F3236028
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

I fucked my course mate - Empressleak

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

<script [^>]*src="[^"]*/popper\.js/([0-9.]+)
/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

122
Requests

98 %
HTTPS

72 %
IPv6

31
Domains

34
Subdomains

30
IPs

7
Countries

3305 kB
Transfer

5492 kB
Size

17
Cookies

10 Outgoing links

These are links going to different origins than the main page.

URL: http://videojs.com/html5-video-support/
Title: supports HTML5 video

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fb/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/instagram/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/twitter/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.reddit.com/user/reddit/
Title: Reddit

Search URL Search Domain Scan URL

URL: https://empressleak.biz/
Title: EMPRESS MEDIA GH

Search URL Search Domain Scan URL

URL: https://www.supercounters.com/stats/1617450
Title: 180 Users Online

Search URL Search Domain Scan URL

URL: https://lrqknpk.com/ad/visit.php?al=1

Search URL Search Domain Scan URL

URL: https://z.cdn.ftd.agency/go?z=1295245466&m=2096929604&c=1519956894&p0=1534494750&u=1030237a70d8efb0&t=1699987500&n=4529889769990882887&h=987686738

Search URL Search Domain Scan URL

URL: https://z.cdn.ftd.agency/go?z=1404129178&m=1961084159&c=1225780492&p0=1715844587&u=1030237a70d8efb0&t=1699987500&n=8325620305270092286&h=478900821

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 86

https://ybs2ffs7v.com/sn/pr/1995151?zoneid=1995151&jp=_clb9xx2m4gzz3mag61b0a3&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=4333535031514624&eclog=0&sp=0&im=0&freq=0 HTTP 302
https://coosync.com/sn/c?zoneid=1995151&freq=0&rd=ybs2ffs7v.com&h=cookie.user_id.pre_sync.final&tuid=0&sign=cd44f1acbe0d25a4 HTTP 302
https://ybs2ffs7v.com/sn/ps/1995151?freq=0&puid=7301390716112128231&so=1&zoneid=1995151

122 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request i-fucked-my-course-mate Show response
www.empressleak.biz/video/14272/ 82 KB
17 KB 261ms
161ms Document
text/html 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 81635dcb18a56d76c64044586307bc35eaf1d580d4c6667753d65b3a1e9721b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate
Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Tue, 14 Nov 2023 18:44:59 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive: timeout=15
Last-Modified: Tue, 14 Nov 2023 18:44:59 GMT
Pragma: no-cache
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding,User-Agent

GET
H2 200 jquery-3.1.0.min.js Show response
code.jquery.com/ 84 KB
30 KB 75ms
21ms Script
application/javascript 2a04:4e42:600::649
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.1.0.min.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:600::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Request headers

Referer: https://www.empressleak.biz/
Origin: https://www.empressleak.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:44:59 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 2897832
x-cache: HIT, HIT
content-length: 30019
x-served-by: cache-lga21948-LGA, cache-fra-eddf8230051-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1699987500.756523,VS0,VE0
etag: W/"28feccc0-1514f"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 7394, 11673

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 84ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empressleak.biz/
Origin: https://www.empressleak.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:44:59 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 568751
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6451
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o7JrJZmktT7a5WX7jmDqSyqM4u9r22dZ33T6zHtWlI0O%2FuCGKjmEsPKWr2AmRxM4vVtiTuWW11q99%2BPcrz%2BZb8gjXopMcoosdB9diw1egZA%2Fvp4OXhA4XbSdy%2BCxLsyMiNaeWFRzhJV9Jxr0lFIwGxqq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 826168b168042bc1-FRA
expires: Sun, 03 Nov 2024 18:44:59 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/ 50 KB
14 KB 98ms
36ms Script
application/javascript 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empressleak.biz/
Origin: https://www.empressleak.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 718
age: 1096969
cdn-cachedat: 11/11/2021 16:07:15
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.0
cdn-requestpullcode: 200
server: cloudflare
etag: W/"67176c242e1bdc20603c878dee836df3"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cdn-cache: HIT
access-control-allow-origin: *
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 2ab4035d7393d3254882ce334a62f5a1
timing-allow-origin: *
cdn-requestcountrycode: US
cdn-status: 200
cf-ray: 826168b18a1d3aa3-FRA
cdn-requestpullsuccess: True

GET
H2 200 bootstrap.min.css
stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/ 138 KB
22 KB 94ms
33ms Stylesheet
text/css 2606:4700::6812:acf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:acf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.empressleak.biz/
Origin: https://www.empressleak.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:44:59 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 601
age: 574413
cdn-cachedat: 12/11/2021 23:51:22
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-proxyver: 1.02
cdn-requestpullcode: 200
server: cloudflare
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 7ddb5d9cb9a3481695ecd8dfb14238ba
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 826168b18a193aa3-FRA
cdn-requestpullsuccess: True

GET
H/1.1 200
OK easy-autocomplete.min.css
www.empressleak.biz/templates/frontend/dark-magenta/css/ 8 KB
2 KB 68ms
37ms Stylesheet
text/css 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/css/easy-autocomplete.min.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 7c04585497e13fb2c8a8d9df52da676ee8d6df836c7c2e0e25bb5cdfbacadabb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 21:43:42 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1432
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK easy-autocomplete.themes.min.css
www.empressleak.biz/templates/frontend/dark-magenta/css/ 5 KB
1 KB 89ms
30ms Stylesheet
text/css 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/css/easy-autocomplete.themes.min.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 90af4122756f40dd0f42ebb25bd557d88dbf2b88df12d5857ff767ca2d82d2d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 21:43:42 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1086
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK style.css
www.empressleak.biz/templates/frontend/dark-magenta/css/ 50 KB
9 KB 91ms
31ms Stylesheet
text/css 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/css/style.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 83c34dfc545f0a4a9abf928abd74c5dbd88584f832d60fda13cdd24203af615a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 14 Mar 2022 09:13:17 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 9150
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.7.2/css/ 53 KB
12 KB 85ms
33ms Stylesheet
text/css 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf

Request headers

Referer: https://www.empressleak.biz/
Origin: https://www.empressleak.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:44:59 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 22 Sep 2023 01:45:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 478211
etag: W/"7b1d7f457d056ace7b230b587b9f3753"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kthRjFwuIj8LOOC2X8VpPd%2FGrkmkiJ98i1BPzJEusslaE%2BQ5L6Kq3p%2BZ%2BcMsF%2FWutwrRU22si4TgZiSfDHhUdmdQohOzF3Pla6OYFg6X5AE1aTiO8SgBUdZGkjDZDmNnKu%2BzvEQt1CsK3KLhweX6wYtG"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
cf-ray: 826168b178ec5d93-FRA
alt-svc: h3=":443"; ma=86400

GET
H/1.1 200
OK video-js.css
www.empressleak.biz/media/player/videojs/ 45 KB
14 KB 92ms
31ms Stylesheet
text/css 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/video-js.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: e98611a5c45de144fbc2595f9f24b414a84acaacc4c066ff5e1fbb51c00fa414

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 03:38:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 13811
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK videojs-resolution-switcher.css
www.empressleak.biz/media/player/videojs/plugins/videojs-resolution-switcher-master/lib/ 651 B
693 B 105ms
37ms Stylesheet
text/css 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/plugins/videojs-resolution-switcher-master/lib/videojs-resolution-switcher.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 11545f8cc65c7cd666ed66432a02c684ba6b903bcf5342df43b39aad9fa08377

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 16:11:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 322
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK videojs.logobrand.css
www.empressleak.biz/media/player/videojs/plugins/videojs-logobrand-master/src/ 1 KB
643 B 106ms
35ms Stylesheet
text/css 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/plugins/videojs-logobrand-master/src/videojs.logobrand.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 7b6b562ec62670d8abb9085933dfee2ac00873bed178a68be918d1493127d111

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 15:53:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 272
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK videojs.thumbnails.css
www.empressleak.biz/media/player/videojs/plugins/videojs-thumbnails-master/ 923 B
729 B 108ms
36ms Stylesheet
text/css 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/plugins/videojs-thumbnails-master/videojs.thumbnails.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 8b137655d52076b220b7929c1ebc320ce9eb92414c7d648a2a7f49e1b6947d35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Aug 2017 13:05:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 358
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK video-js-custom.css
www.empressleak.biz/media/player/videojs/ 8 KB
2 KB 120ms
31ms Stylesheet
text/css 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/video-js-custom.css
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 9d73813de8a9b0af2bb270760a99b3b2f3ce66215d4e3e3aff44b6255bcae621

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Jan 2020 16:26:04 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: text/css
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1650
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK videojs-ie8.min.js Show response
www.empressleak.biz/media/player/videojs/ie8/ 27 KB
9 KB 121ms
31ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/ie8/videojs-ie8.min.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 15:42:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 8924
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK video.js Show response
www.empressleak.biz/media/player/videojs/ 843 KB
162 KB 154ms
50ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/video.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: c9749f97681adc37e54cc71fd900cc604dfc97fc3e7cad7504d20fa80f819d83

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Jun 2017 03:24:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK videojs-resolution-switcher.js Show response
www.empressleak.biz/media/player/videojs/plugins/videojs-resolution-switcher-master/lib/ 14 KB
4 KB 141ms
36ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/plugins/videojs-resolution-switcher-master/lib/videojs-resolution-switcher.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: d825a9df663f280b8e0fc90257001b2aa39689d4a2fc13b5f8ef60a0c0d73562

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Jun 2017 16:11:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 3848
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK videojs.logobrand.js Show response
www.empressleak.biz/media/player/videojs/plugins/videojs-logobrand-master/src/ 1 KB
1013 B 145ms
37ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/plugins/videojs-logobrand-master/src/videojs.logobrand.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 52cea0b1bdae8a370373f0867e2a44537363ff9c90a890d08e3fe92f52774feb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Sep 2017 22:46:34 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 628
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK videojs.thumbnails.js Show response
www.empressleak.biz/media/player/videojs/plugins/videojs-thumbnails-master/ 6 KB
2 KB 151ms
30ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/plugins/videojs-thumbnails-master/videojs.thumbnails.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 0d119b3564451ba6007d49bc5843c85c1b2a88ff6f8a5b41b5a1570146106bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 25 Jul 2017 15:36:00 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1698
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK logo.png
www.empressleak.biz/images/logo/ 8 KB
9 KB 30ms
30ms Image
image/png 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/images/logo/logo.png
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: b14943e6c494a797aebba3e75753a8776bdb4eca0ddf73d41a3f329e417eeb13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Last-Modified: Mon, 28 Aug 2023 15:02:56 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 8666
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK 3.jpg
www.empressleak.biz/media/videos/tmb/717/ 16 KB
16 KB 31ms
30ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/717/3.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 2d31a332780a1dbfc0b421fd74894f752c034c14a80dc40fe906132d854f603b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Last-Modified: Fri, 22 Jan 2021 12:06:23 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 16010
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK 6.jpg
www.empressleak.biz/media/videos/tmb/13125/ 12 KB
13 KB 31ms
31ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/13125/6.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: bbb8aa36f8da8197f1bc89e5b06e9bc7a03436d38f452f170fa28248dc8a1aa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Last-Modified: Fri, 15 Sep 2023 21:17:45 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 12569
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK 18.jpg
www.empressleak.biz/media/videos/tmb/655/ 13 KB
13 KB 30ms
30ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/655/18.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: bc3de476b33e5eebbc244fc42ac16d5844e98607ac308c220be2090bef5d46d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Last-Modified: Tue, 12 Jan 2021 13:19:44 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 13010
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK 11.jpg
www.empressleak.biz/media/videos/tmb/670/ 16 KB
16 KB 31ms
30ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/670/11.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 26944f1d7e7aa78aa8d9fb1060c5b032edaff0cef6a557f30f42bde542d245cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Last-Modified: Thu, 14 Jan 2021 10:26:16 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 15941
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK 16.jpg
www.empressleak.biz/media/videos/tmb/741/ 14 KB
15 KB 32ms
32ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/741/16.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: a766e3fd396227d66bb64b22bcec830dafdd3621cf47e27172fbc55572507f7d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 26 Jan 2021 12:17:01 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14803
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 2.jpg
www.empressleak.biz/media/categories/video/ 17 KB
17 KB 37ms
37ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/categories/video/2.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 1e9fbe0aab86973726889adcfe10d83c9e3dea4d461b332b202a3b676f2a0eff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Fri, 20 Nov 2020 05:39:54 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 16913
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 6.jpg
www.empressleak.biz/media/categories/video/ 23 KB
23 KB 38ms
37ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/categories/video/6.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: d4ad44d03725bbfe46081701d113f7e77860cc72c76bb87f80c216204d4085c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Fri, 20 Nov 2020 05:55:25 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 23121
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 5.jpg
www.empressleak.biz/media/categories/video/ 25 KB
25 KB 40ms
39ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/categories/video/5.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 63a6302eda1b2f7918fcfea56411d720ffdd68e115bdb4106a70b4ef9c4bc703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Fri, 20 Nov 2020 05:52:27 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 25569
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 3.jpg
www.empressleak.biz/media/categories/video/ 33 KB
33 KB 30ms
30ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/categories/video/3.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 966fa0cb338bab08541c9609bbe0909f143eb2ae8fb2863f9e6ae095f4688520

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Fri, 20 Nov 2020 05:46:25 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 33937
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 4.jpg
www.empressleak.biz/media/categories/video/ 29 KB
30 KB 32ms
31ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/categories/video/4.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 5f0e9eb85dd384496757f5a771f68817a77e359a51112ca931e377cf7c02eb52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Fri, 20 Nov 2020 05:49:09 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 30032
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK jquery.comments.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 29 KB
4 KB 31ms
31ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/jquery.comments.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 345995a05e042593c0e0f87d6e4d5ed1a5006c1bb2c8e2160af1078c8f180471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 21:43:56 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 3849
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK jquery.voting.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 824 B
793 B 30ms
30ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/jquery.voting.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 527454ee4d586c044b06092744a9607511d9da884ef2fda227640c96f0fbe072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 21:43:50 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 408
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK jquery.video.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 4 KB
1 KB 30ms
30ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/jquery.video.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 4d9e9c7362c85be438389c81430866ef6e3059a4e666b831ebf2dd597047dc5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 21:43:52 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1147
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK default.jpg
www.empressleak.biz/media/videos/tmb/14272/ 14 KB
15 KB 40ms
33ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14272/default.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 1e0e54b9d0463292409afece648fbdddde1e1206fd56686d487fb52f80f5f095

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Mon, 13 Nov 2023 10:27:57 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14846
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H2 200 code.js Show response
ybs2ffs7v.com/lv/esnk/1995151/ 101 KB
38 KB 125ms
54ms Script
application/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ybs2ffs7v.com/lv/esnk/1995151/code.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 718e1c8710d0a1c5f965b223ba9ad1e0e869de40ccb643b2bb20fa96b42e009f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:44:59 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 15:20:11 GMT
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag: W/"65523eab-19502"
vary: Accept-Encoding
content-type: application/javascript
x-js-ab2: current
timing-allow-origin: *

GET
H/1.1 200
OK nopic-Male.gif
www.empressleak.biz/media/users/ 4 KB
4 KB 39ms
33ms Image
image/gif 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/users/nopic-Male.gif
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: e86558ec0e214497d1e95a16125ca9499ae87fe97073bbd7193f0420d2f89647

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Fri, 05 Sep 2014 17:24:44 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/gif
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 3684
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 17.jpg
www.empressleak.biz/media/videos/tmb/14298/ 19 KB
19 KB 76ms
33ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14298/17.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 1ea3c0a694bd042b706f9d6973754d3e9f202a208c108d28957ce00c9127c938

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 14 Nov 2023 13:13:03 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 19102
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 13.jpg
www.empressleak.biz/media/videos/tmb/14296/ 11 KB
11 KB 41ms
34ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14296/13.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 185a918933189b7cfac7e912d5315fae8e22df1f5bcdfbc7cb4a16edd1f55fb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 14 Nov 2023 07:28:25 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 11245
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 15.jpg
www.empressleak.biz/media/videos/tmb/14294/ 13 KB
13 KB 75ms
31ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14294/15.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: bc144a94b00b4bd215f45cdaa7d42441c4e4ce8492d425f5135c06198bd8cc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 14 Nov 2023 07:18:46 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 13284
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 2.jpg
www.empressleak.biz/media/videos/tmb/14293/ 16 KB
17 KB 86ms
35ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14293/2.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 6a9e1c654bc1f0c0ebffcad1766b57e69cbf954f285309952fb183de9e6ee778

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 14 Nov 2023 07:14:13 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 16817
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 1.jpg
www.empressleak.biz/media/videos/tmb/14292/ 11 KB
12 KB 59ms
38ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14292/1.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 16830da804bec72764ea56378fd486b847a7941028f54a3302af268c3947d1f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 14 Nov 2023 07:10:40 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 11582
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 1.jpg
www.empressleak.biz/media/videos/tmb/14291/ 14 KB
15 KB 76ms
32ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14291/1.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: f1c6fd77e5f351f9124aa049575e0fb69f1fbeb4d49bc04ba8c8c4e8d54feccc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 14 Nov 2023 07:03:37 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 14790
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 14.jpg
www.empressleak.biz/media/videos/tmb/14285/ 12 KB
12 KB 50ms
37ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14285/14.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 5adad35d1495d9f185f0367aa64c842bdbf6e130d8dec1ae9822d133a35e65ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Mon, 13 Nov 2023 18:54:40 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 12009
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H/1.1 200
OK 19.jpg
www.empressleak.biz/media/videos/tmb/14284/ 14 KB
14 KB 49ms
35ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14284/19.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 0151bb1053a776bafe51782b248c2cb9293458a4ca5ad133b0bb8347c446a96e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Mon, 13 Nov 2023 18:51:52 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 13983
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H2 200 code.js Show response
ybs2ffs7v.com/lv/esnk/1995152/ 101 KB
38 KB 129ms
84ms Script
application/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ybs2ffs7v.com/lv/esnk/1995152/code.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: e8a0bac2defbdc26b039b3c97b8ba799fb3a29afefca9411c804edc1b99879f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:44:59 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 15:20:11 GMT
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag: W/"65523eab-19502"
vary: Accept-Encoding
content-type: application/javascript
x-js-ab2: current
timing-allow-origin: *

GET
H/1.1 200
OK player.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 3 KB
1 KB 33ms
30ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/player.js?ver=1.0.35
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 5c77a46343eba005d89425635f6de8498be136ade0f3cca99255c48fb66951a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 16:52:15 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 877
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK decrypt.min.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 47 KB
17 KB 35ms
32ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/decrypt.min.js?ver=1.0.35
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 16:52:11 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 16592
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK player-init.min.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 92 KB
37 KB 46ms
43ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/player-init.min.js?ver=1.0.35
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 3022b08a70312b292bbd1bdb64e9b3c28019be5f94f4ccb631c42506344e2dec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 16:52:14 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 37026
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK jquery.rotator.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 3 KB
1 KB 33ms
31ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/jquery.rotator.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: ac750c411915309e6d642fb5555d2a1fe2a0bc1aa8de6cff5acf3a5c5c485bcf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 21:43:52 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1102
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK jquery.main.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 7 KB
2 KB 40ms
37ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/jquery.main.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: bc624d5946daa2e2c7ac3cf7dce07527637d5fafdc2b66c75a36be7f5dda0c85

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Mon, 20 Jan 2020 21:43:54 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1535
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK jquery.easy-autocomplete.min.js Show response
www.empressleak.biz/templates/frontend/dark-magenta/js/ 20 KB
7 KB 40ms
38ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/jquery.easy-autocomplete.min.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 19d3742399a2d2f2742629a53097010667b0a75b0a297e8ac686c621cb337100

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:44:59 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Mar 2023 00:31:58 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 6924
Expires: Thu, 14 Dec 2023 18:44:59 GMT

GET
H/1.1 200
OK video-js-events.js Show response
www.empressleak.biz/media/player/videojs/ 7 KB
2 KB 37ms
37ms Script
application/javascript 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/player/videojs/video-js-events.js?ver=1.0.20
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 7c2772b4662c742612e6bbce121ef4e1f0585cd4b11370f1489d2d2d9cf55336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Content-Encoding: gzip
Last-Modified: Mon, 15 May 2023 16:44:46 GMT
Server: Apache
Vary: Accept-Encoding,User-Agent
Content-Type: application/javascript
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1646
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H2 200 waWQiOjExMDQ0NDMsInNpZCI6MTE5ODI0NSwid2lkIjo0NDE4MTAsInNyYyI6Mn0=eyJ.js Show response
nwwais.com/pw/ 66 KB
25 KB 159ms
59ms Script
application/javascript 2606:4700:e0::ac40:600f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://nwwais.com/pw/waWQiOjExMDQ0NDMsInNpZCI6MTE5ODI0NSwid2lkIjo0NDE4MTAsInNyYyI6Mn0=eyJ.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e0::ac40:600f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cad7fa47a44fcf84d47a5f5a806b4a15ca134068c4053d5d53c54f3340e52858

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 14 Nov 2023 17:10:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
e-tag: d6aa2819407cbaf68962e64590cee201
age: 5679
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HlLVH6%2Fg%2B9sbGEeUEwN%2F2sIGSxPebD6wGN%2BfNCHS99m0zjn4f%2B4vqmGlSfnusw21QbvghyGxxIvT9vST0gOVTiPyPk6SbiaPhy1TaBxsm58c3daZhN311gNWlpRXBK46E%2F2SmAbZm3UA"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: https://www.empressleak.biz
cache-control: max-age=14400
cf-ray: 826168b39de399ae-CDG
alt-svc: h3=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
77 KB 94ms
36ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-E5TCQWTM1Z

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbe0992d47f28fe2e540e640ece6742f07cd78fd1898963a5dbc978d84cf4661

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78901
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 14 Nov 2023 18:45:00 GMT

GET
H2 200 s.js Show response
waust.at/ 8 KB
4 KB 98ms
30ms Script
application/x-javascript 2606:4700:20::ac43:4739
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://waust.at/s.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4739 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 12 Jan 2023 17:19:26 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 976
etag: W/"63c0411e-2170"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ATDtAw%2B9n59zrRR07hUWUXi4SRCZZ1F8JGm9vSsmuqBcrBoKpszq4SSJYlRC%2Brs2u488ioBGqnEQbtxg9hQWWhdLVAzlWV%2B%2FixiMffXzhAGKvVfeCg66QxNyw5Qk5Qrll2y%2BngUm"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 826168b36c4718e6-FRA
expires: Wed, 15 Nov 2023 18:28:44 GMT

GET
H/1.1 200
OK z-7533746 Show response
www.empressleak.biz/ 2 KB
2 KB 37ms
37ms Script
text/plain 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/z-7533746
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 07a98c8fe62529dbe43040f0b892ddf0c301df9b30bda85b47c573907482be0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 14 Nov 2023 18:01:02 GMT
Server: Apache
Vary: User-Agent
Cache-Control: max-age=172800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1793
Expires: Thu, 16 Nov 2023 18:45:00 GMT

GET
H2 200 JYVTvb5.js Show response
sub.yenidwa.com/ 231 KB
75 KB 152ms
75ms Script
application/javascript 2a01:4f8:161:6222::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sub.yenidwa.com/JYVTvb5.js

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:4f8:161:6222::2 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

09a63fd8278f241f3aff23d23ebb1e2b8c4a9156d1744c3f33625083b06a2abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 193
content-length: 76107
last-modified: Tue, 07 Nov 2023 13:54:27 GMT
server: nginx
etag: "654a4193-1294b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82261a539fab5b38-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 bJsi1A9.js Show response
sub.yenidwa.com/ 231 KB
75 KB 103ms
27ms Script
application/javascript 2a01:4f8:161:6222::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://sub.yenidwa.com/bJsi1A9.js

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2a01:4f8:161:6222::2 Berlin, Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

Software

nginx /

Resource Hash

09a63fd8278f241f3aff23d23ebb1e2b8c4a9156d1744c3f33625083b06a2abc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 193
content-length: 76107
last-modified: Tue, 07 Nov 2023 13:54:27 GMT
server: nginx
etag: "654a4193-1294b"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 82261a539fab5b38-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 online_t.js Show response
widget.supercounters.com/ssl/ 2 KB
1 KB 107ms
34ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.supercounters.com/ssl/online_t.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f56b0bd9e5cd22334b47cc1d10e2cf1ae6a2fd95c16ed5534e925f6dfae331ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Mar 2022 11:50:46 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 846
etag: W/"6220ab96-6b4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=begz0VcHR%2FluQGEji5dRDP19WL2kZFIB91%2FiwO5S9MJhgo6WsLbSz%2FxzKmTp8ti%2F2AQ6KKsz2VIKFKNzUo2vK3W6sApP1%2Fr%2F8LJfDD%2B3WawOSGvK8hYTdnGiLF7NBE1MvkG1B%2BrvXMQ9ghlrByN76VEUc0X4xgc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=300
cf-ray: 826168b33a799a11-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 73 KB
73 KB 34ms
33ms Font
font/woff2 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin: https://www.empressleak.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:44:59 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 407690
alt-svc: h3=":443"; ma=86400
content-length: 74348
last-modified: Fri, 22 Sep 2023 01:45:52 GMT
server: cloudflare
etag: "462806316fea535a6a57651bc2b000b0"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8i7GIc54s1Ss4sB1mqdueIewdwr91gqMpIxNW%2BaJtEBSQAyLXiXq%2By5VRChpNupW2um8n6eJd32jF087TQso%2BkCOZiSUazeKA9HSQFDglLbVNHjszu3AWO4axlxVMlWmqp4exHGPCi22kJIB5RyB%2BR4%2B"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 826168b2cac55d93-FRA

GET
H2 200 I Show response
refbanners.com/ Frame 73DE 639 B
640 B 122ms
29ms Document
text/html 83.147.204.12
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://refbanners.com/I?tag=d_35545m_4593c_&site=35545&ad=4593

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

49de48e17e2f16c2dc34bea64a1d86e72bd260ae2fd70639ae16b275dc2f0165

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.empressleak.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private
content-encoding: gzip
content-length: 416
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 18:45:00 GMT
server: nginx
server-timing: wf-uht;dur=0.009
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding
x-aspnetmvc-version: 5.0

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54

Request headers

Referer
Origin: https://www.empressleak.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 404 top10.js
cdn.avscms.com/ 0
0 140ms
42ms Script
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.avscms.com/top10.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/player-init.min.js?ver=1.0.35
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

GET
H/1.1 200
OK / Show response
nkfinsdg.com/async/ 177 B
575 B 131ms
50ms XHR
image/png 179.60.147.85
FLYSERVERS-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://nkfinsdg.com/async/?id=r59nhrtr9k7nd713228ii91ns4kn3a21
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/templates/frontend/dark-magenta/js/jquery.easy-autocomplete.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 179.60.147.85 Caracas, Venezuela, Bolivarian Republic Of, ASN209588 (FLYSERVERS-ASN, PA),
Reverse DNS
Software: nginx/1.17.1 / PHP/7.4.33
Resource Hash: 4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Nov 2023 18:45:00 GMT
Server: nginx/1.17.1
X-Powered-By: PHP/7.4.33
Transfer-Encoding: chunked
Content-Type: image/png
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 436d6cff-e86a-4051-b86a-25f83766ba1d.gif
refpa4948989.top/img/AdAgent_1/ Frame 73DE 45 KB
45 KB 153ms
66ms Image
image/gif 178.253.46.81
SGHL1-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://refpa4948989.top/img/AdAgent_1/436d6cff-e86a-4051-b86a-25f83766ba1d.gif

Requested by

Host: refbanners.com
URL: https://refbanners.com/I?tag=d_35545m_4593c_&site=35545&ad=4593

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

178.253.46.81 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

59cb1b26ea6277335a8c564a48b1f16ae4684c2135547e9233eff0ea4cdf1497

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refbanners.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Fri, 26 Jan 2018 08:25:08 GMT
server: nginx
etag: "0ac52c7f96d31:0"
content-type: image/gif
cache-control: max-age=86400
server-timing: wf-uht;dur=0.015
accept-ranges: bytes
content-length: 46048

GET
H2 200 checker.js Show response
refbanners.com/checker/ Frame 73DE 6 KB
2 KB 26ms
26ms Script
application/javascript 83.147.204.12
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://refbanners.com/checker/checker.js

Requested by

Host: refbanners.com
URL: https://refbanners.com/I?tag=d_35545m_4593c_&site=35545&ad=4593

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://refbanners.com/I?tag=d_35545m_4593c_&site=35545&ad=4593
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
last-modified: Thu, 24 Aug 2023 06:07:50 GMT
server: nginx
etag: W/"64e6f3b6-1843"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=3600
server-timing: wf-uht;dur=
expires: Tue, 14 Nov 2023 19:45:00 GMT

GET
H2 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.7.2/webfonts/ 70 KB
71 KB 36ms
36ms Font
font/woff2 2606:4700:e2::ac40:8c0d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.7.2/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:8c0d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Request headers

Referer: https://use.fontawesome.com/releases/v5.7.2/css/all.css
Origin: https://www.empressleak.biz
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 570556
alt-svc: h3=":443"; ma=86400
content-length: 72112
last-modified: Fri, 22 Sep 2023 01:45:52 GMT
server: cloudflare
etag: "4b115e1153a9ea339d6a0bb284cc8ed3"
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wTGXGrYSLoOMQ0p4DSqQW908JXGMxjDrN057RR7ISmX8cKQ%2FoQLaAEuWe%2FX0GqHFv6KI8TNAFDtAZI1GcrGF55EA0Fm61BRUKaaIY99v14ttKZ02jDhWSut%2FIJHkLmHzMBKIFAOQtbU7rCABodq3m2Yd"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 826168b53f0c5d93-FRA

GET
H/1.1 200
OK logo.png
www.empressleak.biz/media/player/logo/ 8 KB
9 KB 31ms
31ms Image
image/png 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/player/logo/logo.png
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: b14943e6c494a797aebba3e75753a8776bdb4eca0ddf73d41a3f329e417eeb13

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 29 Aug 2023 22:46:12 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/png
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 8666
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H2 200 e.js Show response
cdn.ftd.agency/libs/ 10 KB
5 KB 113ms
30ms Script
application/javascript 37.48.117.210
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ftd.agency/libs/e.js

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

37.48.117.210 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

nginx /

Resource Hash

796417b50e62fb7e68c0da9cccd869a33e9100d9e7ee43be2e9234137e91f27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
last-modified: Tue, 04 Apr 2023 14:18:39 GMT
server: nginx
etag: W/"642c31bf-2710"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 18:45:00 GMT

GET
H2 200 utils.js Show response
egldvmz.com/script/ 169 KB
52 KB 170ms
68ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://egldvmz.com/script/utils.js
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/z-7533746
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88f76d2cd8cefb5a4efc7c88599f112db6585ea98430ac55536457fb8614f352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2621
x-guploader-uploadid: ABPtcPp0mIS8mFA3N7sI9aaH1cW_EAyThpHHKYV1cQMlO7cWqTm3Yt6STPpytH_KmjlJFP2M1vGCbm2SsruLHfViH95OUr1FDDvk
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 12:24:01 GMT
server: cloudflare
etag: W/"f755b8712f35fc52eb444916b5d1076f"
vary: Accept-Encoding
x-goog-hash: crc32c=h7zj+A==, md5=91W4cS81/FLrREkWtdEHbw==
x-goog-generation: 1699878241761066
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EVm1PJQ%2BY%2FCK%2Bfy9FwICJL3GuFNnr0nTpEI0VYkLP%2BUSf3IxRk3lkYMdAPACzrOicSj8ULFqIjiaOVkttGuMTLoAWWejx8420QzyVO%2FH%2BZX49MijK9%2BOETUejUzPlIXjAN5k7vfr68QGsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 172787
cf-ray: 826168b629bd0bcb-AMS
expires: Tue, 14 Nov 2023 18:27:23 GMT

GET
H2 200 adgpt.js Show response
cdn.tapioni.com/ 2 KB
1 KB 108ms
38ms Script
application/javascript 2606:4700:10::6816:2647
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.tapioni.com/adgpt.js
Requested by: Host: sub.yenidwa.com
URL: https://sub.yenidwa.com/JYVTvb5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:2647 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f1693d43592f90bdbd5488cbb7118b3ec3d4d903f7f4ef0f910d6e479f2e790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 07 Nov 2023 13:54:27 GMT
server: cloudflare
age: 114809
etag: "654a4193-32e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
cf-ray: 826168b60af0bc01-FRA
content-length: 814
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 220429 Show response
sub.yenidwa.com/api/settings/ 33 B
211 B 75ms
25ms Fetch
application/json 2a01:4f8:161:6222::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sub.yenidwa.com/api/settings/220429
Requested by: Host: sub.yenidwa.com
URL: https://sub.yenidwa.com/JYVTvb5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:161:6222::2 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: private
x-robots-tag: noindex, nofollow

GET
H/1.1 206
Partial Content 14272_240.mp4
www.empressleak.biz/media/videos/h264/ 1 MB
1 MB 34ms
33ms Media
video/mp4 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to

Full URL: https://www.empressleak.biz/media/videos/h264/14272_240.mp4
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 982d814829dab648f0e19259f09ae2fada7089df26e66aff45346cc3459384b3

Request headers

Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Mon, 13 Nov 2023 10:28:06 GMT
Server: Apache
Vary: User-Agent
Content-Type: video/mp4
Content-Range: bytes 0-1541333/1541334
Cache-Control: max-age=172800
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 1541334
Expires: Thu, 16 Nov 2023 18:45:00 GMT

GET
H/1.1 200
OK sprite.jpg
www.empressleak.biz/media/videos/tmb/14272/ 91 KB
91 KB 36ms
35ms Image
image/jpeg 38.242.202.131
CONTABO

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.empressleak.biz/media/videos/tmb/14272/sprite.jpg
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 38.242.202.131 Düsseldorf, Germany, ASN51167 (CONTABO, DE),
Reverse DNS: vmi1007800.contaboserver.net
Software: Apache /
Resource Hash: 238757f8f15b6eb7e0ba35b63b3c76438d59e9bd7b74c6e7eadc13148211ce10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Last-Modified: Tue, 14 Nov 2023 18:44:59 GMT
Server: Apache
Vary: User-Agent
Content-Type: image/jpeg
Cache-Control: max-age=2592000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15
Content-Length: 93292
Expires: Thu, 14 Dec 2023 18:45:00 GMT

GET
H2 200 1995151 Show response
ybs2ffs7v.com/get/ 5 KB
2 KB 29ms
28ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ybs2ffs7v.com/get/1995151?zoneid=1995151&jp=_clb9xx2m4gzz3mag61b0a3&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=4333535031514624&eclog=0&sp=0&im=0&freq=0
Requested by: Host: ybs2ffs7v.com
URL: https://ybs2ffs7v.com/lv/esnk/1995151/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: b1ed466568ca5e5d67ce621f462e839ca45bed19841f15b93531f4684d4b9c01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-route-id: config
timing-allow-origin: *

GET
BLOB 200
OK 8bf9ee7a-84cd-4f1e-8bc8-5c390d59b7c6
https://www.empressleak.biz/ 91 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.empressleak.biz/8bf9ee7a-84cd-4f1e-8bc8-5c390d59b7c6
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Length: 91
Content-Type: application/javascript

GET
H/1.1 200
OK fc.php Show response
service.supercounters.com/ 72 B
318 B 325ms
103ms Script
application/x-javascript 172.104.29.90
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://service.supercounters.com/fc.php?id=1617450&w=1&v=1&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F119.0.6045.123%20Safari%2F537.36&url=https%3A%2F%2Fwww.empressleak.biz%2Fvideo%2F14272%2Fi-fucked-my-course-mate&ref=&sw=1600&sh=1200&rand=11&label=Users%20Online&fcolor=170ddb
Requested by: Host: widget.supercounters.com
URL: https://widget.supercounters.com/ssl/online_t.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.104.29.90 Cedar Knolls, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS: li1848-90.members.linode.com
Software: nginx/1.20.1 / PHP/7.4.13
Resource Hash: 46164742988e47c01e710dd8188ccdcdb3cef674e2ad8a607342ddb40b8365e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date: Tue, 14 Nov 2023 18:45:00 GMT
Content-Encoding: gzip
Server: nginx/1.20.1
Connection: keep-alive
X-Powered-By: PHP/7.4.13
Transfer-Encoding: chunked
Content-Type: application/x-javascript

POST
H2 204 collect
region1.analytics.google.com/g/ 0
248 B 80ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-E5TCQWTM1Z&gtm=45je3b81v9116307946&_p=1699987500382&_gaz=1&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=2027025803.1699987501&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699987500&sct=1&seg=0&dl=https%3A%2F%2Fwww.empressleak.biz%2Fvideo%2F14272%2Fi-fucked-my-course-mate&dt=I%20fucked%20my%20course%20mate%20-%20Empressleak&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1130
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E5TCQWTM1Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 18:45:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.empressleak.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
257 B 86ms
28ms Ping
text/plain 2a00:1450:400c:c02::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-E5TCQWTM1Z&cid=2027025803.1699987501&gtm=45je3b81v9116307946&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-E5TCQWTM1Z
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 18:45:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.empressleak.biz
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 111ms
60ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-E5TCQWTM1Z&cid=2027025803.1699987501&gtm=45je3b81v9116307946&aip=1&dma=1&dma_cps=sypham&gcd=11l1l1l1l1&z=917225607

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 18:45:00 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1995151 Show response
ybs2ffs7v.com/get/ 5 KB
2 KB 33ms
33ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ybs2ffs7v.com/get/1995151?zoneid=1995151&jp=_clkz2n9595i9ymgcnsutqk&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7429759775300096&eclog=0&sp=0&im=0&freq=0
Requested by: Host: ybs2ffs7v.com
URL: https://ybs2ffs7v.com/lv/esnk/1995151/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 864fc18da1d11f5fb4653d58c745cc3af07da0a4829eb1400e3118b47409f9ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-route-id: config
timing-allow-origin: *

GET
H2 200 1995152 Show response
ybs2ffs7v.com/get/ 6 KB
2 KB 30ms
29ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ybs2ffs7v.com/get/1995152?zoneid=1995152&jp=_clllta0rbwqoq9zhp1owbh&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7992709728761856&eclog=0&sp=0&im=0&freq=0
Requested by: Host: ybs2ffs7v.com
URL: https://ybs2ffs7v.com/lv/esnk/1995152/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 492c0cc43fe2f116c34331c974a114c74a5f8349596a09be57add01e374c4823

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
x-route-id: config
timing-allow-origin: *

GET
H2 200 / Show response
whos.amung.us/pingjs/ 30 B
184 B 299ms
241ms Script
text/javascript 2606:4700:10::ac43:88d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://whos.amung.us/pingjs/?k=nj42vpjkw4&t=I%20fucked%20my%20course%20mate%20-%20Empressleak&c=s&x=https%3A%2F%2Fwww.empressleak.biz%2Fvideo%2F14272%2Fi-fucked-my-course-mate&y=&a=0&d=1.138&v=27&r=9257
Requested by: Host: waust.at
URL: https://waust.at/s.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:88d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3cfb2dc4db1f1cac94e448994f6e8706e253f25bf8982b7658ed9f3d3e3fb4be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 826168b6f90d9a17-FRA
content-type: text/javascript;charset=UTF-8

GET
H2 200 / Show response
refbanners.com/redirect/stat/run/ Frame 73DE 14 B
157 B 28ms
27ms XHR
application/json 83.147.204.12
SGHL1-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://refbanners.com/redirect/stat/run/

Requested by

Host: refbanners.com
URL: https://refbanners.com/checker/checker.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

83.147.204.12 , Iran, Islamic Republic Of, ASN202492 (SGHL1-AS, SC),

Reverse DNS

Software

nginx /

Resource Hash

9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://refbanners.com/I?tag=d_35545m_4593c_&site=35545&ad=4593
x-requested-with: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: nginx
server-timing: wf-uht;dur=0.007
content-length: 14
content-type: application/json

GET
H2 200 load Show response
z.cdn.ftd.agency/ 5 KB
2 KB 47ms
30ms Script
application/javascript 37.48.117.210
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.ftd.agency/load?z=1404129178&div=zone_1404129178&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=1151&pl=3&mi=4&me=8&hc=4&n=1699987500579&url=www.empressleak.biz%2Fvideo%2F14272%2Fi-fucked-my-course-mate&vc=Intel%20Iris%20OpenGL%20Engine&ti=I%20fucked%20my%20course%20mate%20-%20Empressleak&zyx=4275454403
Requested by: Host: cdn.ftd.agency
URL: https://cdn.ftd.agency/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.117.210 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 555bf9d2c4690a7631745876e2239d13536bf2f11f0d09ca9210dc0799200418

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-length: 2012
expires: -1

GET
H2 200 load Show response
z.cdn.ftd.agency/ 5 KB
2 KB 47ms
31ms Script
application/javascript 37.48.117.210
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://z.cdn.ftd.agency/load?z=1295245466&div=zone_1295245466&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=1151&pl=3&mi=4&me=8&hc=4&n=1699987500579&url=www.empressleak.biz%2Fvideo%2F14272%2Fi-fucked-my-course-mate&vc=Intel%20Iris%20OpenGL%20Engine&ti=I%20fucked%20my%20course%20mate%20-%20Empressleak&zyx=4275454403
Requested by: Host: cdn.ftd.agency
URL: https://cdn.ftd.agency/libs/e.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.117.210 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6ec4e580e3d62ab9cd57d6e94675d8a7c3f9e070351517f896613f0dc06d8eed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
p3p: policyref="/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
content-length: 2142
expires: -1

GET
H2

200

1995151 Show response
ybs2ffs7v.com/sn/ps/ Frame 779F
Redirect Chain

https://ybs2ffs7v.com/sn/pr/1995151?zoneid=1995151&jp=_clb9xx2m4gzz3mag61b0a3&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20...
https://coosync.com/sn/c?zoneid=1995151&freq=0&rd=ybs2ffs7v.com&h=cookie.user_id.pre_sync.final&tuid=0&sign=cd44f1acbe0d25a4
https://ybs2ffs7v.com/sn/ps/1995151?freq=0&puid=7301390716112128231&so=1&zoneid=1995151

761 B
1 KB

30ms
29ms

Document
text/html

212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ybs2ffs7v.com/sn/ps/1995151?freq=0&puid=7301390716112128231&so=1&zoneid=1995151
Requested by: Host: ybs2ffs7v.com
URL: https://ybs2ffs7v.com/lv/esnk/1995151/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 8c1a74658e37219b91f55ab79688f24f03f30ccd1f6c1594bb47ab36737f300c

Request headers

Referer: https://www.empressleak.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 18:45:00 GMT
server: nginx
timing-allow-origin: *
vary: Accept-Encoding
x-route-id: cookie.user_id.pre_sync.final

Redirect headers

accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
content-length: 122
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 18:45:00 GMT
location: https://ybs2ffs7v.com/sn/ps/1995151?freq=0&puid=7301390716112128231&so=1&zoneid=1995151
server: nginx
timing-allow-origin: *
x-route-id: cookie.user_id.sync

GET
H2 200 tghr.js Show response
gmxvmvptfm.com/aas/r45d/vki/1997949/ 87 KB
34 KB 126ms
55ms Script
application/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gmxvmvptfm.com/aas/r45d/vki/1997949/tghr.js
Requested by: Host: ybs2ffs7v.com
URL: https://ybs2ffs7v.com/lv/esnk/1995151/code.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 9f4c2ec4f171b982965063518644669f0798cb24864f9ad6eba09e989462e0f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
last-modified: Mon, 13 Nov 2023 15:20:11 GMT
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
etag: W/"65523eab-15d35"
vary: Accept-Encoding
content-type: application/javascript
x-js-ab2: current
timing-allow-origin: *

GET
H2 200 d32244a16fab280f0b164ba3fc46794323da1554.gif
cdn.bncloudfl.com/bn/d32/244/a16/ Frame 532A 108 KB
109 KB 129ms
42ms Image
image/webp 2606:4700:3035::ac43:d656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bncloudfl.com/bn/d32/244/a16/d32244a16fab280f0b164ba3fc46794323da1554.gif
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4731e9949b7b075d1e5ff0f08f811ad50eb16f77938d26ab1c520249b6d8851

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 14 Nov 2023 18:45:00 GMT
x-openstack-request-id: tx3b96a3f9e12a4664b787f-00641e210f
cf-cache-status: HIT
age: 5447
cf-polished: origFmt=gif, origSize=442402
content-disposition: inline; filename="d32244a16fab280f0b164ba3fc46794323da1554.webp"
alt-svc: h3=":443"; ma=86400
content-length: 110376
x-trans-id: tx3b96a3f9e12a4664b787f-00641e210f
cf-bgj: imgq:100,h2pri
last-modified: Mon, 13 Mar 2023 11:12:59 GMT
server: cloudflare
etag: d2ff8088b2dc8ab41281c1b9cfca27d4
vary: Accept
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
x-timestamp: 1678705978.70168
accept-ranges: bytes
cf-ray: 826168b7cd861e71-AMS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Thu, 16 Nov 2023 17:14:13 GMT

GET
H2 200 ut.js Show response
egldvmz.com/script/ 80 KB
29 KB 53ms
53ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://egldvmz.com/script/ut.js?cb=1699987500679
Requested by: Host: egldvmz.com
URL: https://egldvmz.com/script/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c554d864880871a5e29b3c0db601eb91e8167ab51295654f3bfeb8877c704e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3131
x-guploader-uploadid: ABPtcPre6Q_FxvkwhTv10p1WgUkJBRzsW2_8vVrmec76k3oEHFjDyyf9AsKfWvno6RusillmBCUnfMDLiurwle8_4zqg7HCH9Lcc
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 12:23:48 GMT
server: cloudflare
etag: W/"3cd70505043507aef58472461932ab42"
vary: Accept-Encoding
x-goog-hash: crc32c=/bCyOg==, md5=PNcFBQQ1B671hHJGGTKrQg==
x-goog-generation: 1699878228878469
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LAowVq7BDfeA3qHaALHJ1KHMF3%2FR8fJLRyzpAfHxSyIGipG19IuEpeVddW2KQ5TJo4RorT9WogVDI1Oy8BwpRIRY%2FYJuEl7kWnmYGmnC4ruQAccijYFNx6fIsTHEYkPnsuUqi8UczkZGzg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 82036
cf-ray: 826168b75b7d0bcb-AMS
expires: Tue, 14 Nov 2023 18:16:00 GMT

GET
H2 200 suv5.js Show response
egldvmz.com/script/ 95 KB
32 KB 60ms
60ms Script
text/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://egldvmz.com/script/suv5.js
Requested by: Host: egldvmz.com
URL: https://egldvmz.com/script/utils.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 23d8154c712c2d0fc5e4b23037e7dd257fc2674cd80a152364f0cf27019e81af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2616
x-guploader-uploadid: ABPtcPrNx5xQhFU8gE6tJAqBkDQgg4b2XWmIy65FcNNxIpO8LMT_SaVxXwfacqoUwfWjzLQO7S7-MPT0Atd9PjK4YiLjmDSSulvS
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 Nov 2023 12:22:53 GMT
server: cloudflare
etag: W/"f06bc046730b3dfaf2fbb1704541c079"
vary: Accept-Encoding
x-goog-hash: crc32c=Y2OWGg==, md5=8GvARnMLPfry+7FwRUHAeQ==
x-goog-generation: 1699878172974593
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=14400
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iipycEet1GABXHxX9gs4bIUBqnewz4MqaGm5aKwocwgiUVz350%2Bh2TP3RkjqPV1M%2BFKfkVXKmO0BriTse3pR6CuV6kwQqoPh3so0c0OT9%2B8AiJf7hOhf7qA%2B1QIhBsXiFxEjC1vSZxz5oQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 97496
cf-ray: 826168b75b810bcb-AMS
expires: Tue, 14 Nov 2023 18:53:32 GMT

GET
H2 200 eac8e8369f822993a74bcd42cff79241c50fd011.gif
cdn.bncloudfl.com/bn/eac/8e8/369/ Frame 5F56 42 KB
42 KB 114ms
106ms Image
image/webp 2606:4700:3035::ac43:d656
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.bncloudfl.com/bn/eac/8e8/369/eac8e8369f822993a74bcd42cff79241c50fd011.gif
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::ac43:d656 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36b92415e51bccb974a8b2870d70b5b86072b23e17ad6856eb88b029113b4102

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 14 Nov 2023 18:45:00 GMT
x-openstack-request-id: tx7eaf42e3dbdf4da99a781-006441081f
cf-cache-status: HIT
age: 170477
cf-polished: origFmt=gif, origSize=59549
content-disposition: inline; filename="eac8e8369f822993a74bcd42cff79241c50fd011.webp"
alt-svc: h3=":443"; ma=86400
content-length: 43008
x-trans-id: tx7eaf42e3dbdf4da99a781-006441081f
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Apr 2023 09:38:39 GMT
server: cloudflare
etag: 8288ed0e1e132023537dfdcdda356cd2
vary: Accept
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=432000
x-timestamp: 1681983518.92304
accept-ranges: bytes
cf-ray: 826168b7cd871e71-AMS
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Tue, 14 Nov 2023 19:23:43 GMT

GET
H2 200 05d2e88b9dbcfdfc6afe2e0d262e7d3c811aab46.webp
cdn.pncloudfl.com/pn/05d/2e8/8b9/ Frame 56DA 17 KB
17 KB 82ms
33ms Image
application/octet-stream 2606:4700:10::ac43:19a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pncloudfl.com/pn/05d/2e8/8b9/05d2e88b9dbcfdfc6afe2e0d262e7d3c811aab46.webp
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::ac43:19a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db5691f200c5ed5dc75c3277972b32d4266f039f1a3fd9e0c999f16bb8d0570c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

x-proxy-cache: HIT
date: Tue, 14 Nov 2023 18:45:00 GMT
x-openstack-request-id: tx75e9e8b542c74ab2984cf-00645b713a
cf-cache-status: HIT
age: 133427
alt-svc: h3=":443"; ma=86400
content-length: 16994
x-trans-id: tx75e9e8b542c74ab2984cf-00645b713a
last-modified: Fri, 28 Apr 2023 11:34:01 GMT
server: cloudflare
etag: f2d231d6ba0f3ac9d15f42bb17968bd9
vary: Accept-Encoding
access-control-allow-methods: HEAD,GET,POST,PUT,PATCH,DELETE,OPTIONS
content-type: application/octet-stream
access-control-allow-origin: *
x-timestamp: 1682681640.44820
access-control-expose-headers: X-Container-Meta-Temp-Url-Key,X-Container-Bytes-Used,Last-Modified,X-Timestamp
cache-control: max-age=172800
accept-ranges: bytes
cf-ray: 826168b80afe3a64-FRA
access-control-allow-headers: Content-Type,X-Requested-With,X-Auth-Token,X-Openstack-Request-Id,X-Container-Meta-type,X-Container-Meta-Temp-URL-Key,Authorization
expires: Wed, 15 Nov 2023 05:41:13 GMT

GET
H2 200 index.html Show response
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/ Frame 27D6 1 KB
901 B 109ms
26ms Document
text/html 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1295245466&m=2096929604&c=1519956894&p0=1534494750&u=1030237a70d8efb0&t=1699987500&n=4529889769990882887&h=987686738

Requested by

Host: z.cdn.ftd.agency
URL: https://z.cdn.ftd.agency/load?z=1295245466&div=zone_1295245466&cw=1600&ch=1200&sr=1600x1200&df=1&tz=60&bh=2&tl=1151&pl=3&mi=4&me=8&hc=4&n=1699987500579&url=www.empressleak.biz%2Fvideo%2F14272%2Fi-fucked-my-course-mate&vc=Intel%20Iris%20OpenGL%20Engine&ti=I%20fucked%20my%20course%20mate%20-%20Empressleak&zyx=4275454403

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

3c407a6c58678f569bcea94beb5ef9bd2c9daab70aa2de1937bf48c8be6c0db0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

Referer: https://www.empressleak.biz/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-PINGOTHER
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: max-age=86400
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Tue, 14 Nov 2023 18:45:00 GMT
etag: W/"654e0628-49d"
expires: Wed, 15 Nov 2023 14:38:33 GMT
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;

GET
H2 200 event
z.cdn.ftd.agency/ 35 B
97 B 30ms
29ms Image
image/gif 37.48.117.210
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.ftd.agency/event?z=1295245466&m=2096929604&n=4529889769990882887&t=&u=1030237a70d8efb0
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.117.210 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
server: nginx
content-length: 35
content-type: image/gif

GET
H2 200 event
z.cdn.ftd.agency/ 35 B
97 B 34ms
33ms Image
image/gif 37.48.117.210
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://z.cdn.ftd.agency/event?z=1404129178&m=1961084159&n=8325620305270092286&t=&u=1030237a70d8efb0
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 37.48.117.210 Amsterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
server: nginx
content-length: 35
content-type: image/gif

GET
H2 200 Champions_Season_23-24_300x250.jpg
f8.cdn.ftd.agency/uploads/media/3/3/82533/v1/ 35 KB
36 KB 124ms
53ms Image
image/jpeg 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f8.cdn.ftd.agency/uploads/media/3/3/82533/v1/Champions_Season_23-24_300x250.jpg

Requested by

Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

a3c4c80d89131e88469ab1d602700ecaee3fdaa4f3969dce74306de9db10d9fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
x-content-type-options: nosniff
content-length: 36324
x-xss-protection: 1; mode=block;
last-modified: Tue, 19 Sep 2023 12:33:41 GMT
server: nginx
etag: "65099525-8de4"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 18:00:23 GMT

GET
H2 200 admc
wivyiz.com/ 0
0 323ms
103ms Fetch 2a02:b4a:1:7::9166:1
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://wivyiz.com/admc?a=2&pid=1104443&sid=1198245&wid=441810&fp=bcc4ff375a27fef5cf8eb25b0d11379e&f=8&tz=1
Requested by: Host: nwwais.com
URL: https://nwwais.com/pw/waWQiOjExMDQ0NDMsInNpZCI6MTE5ODI0NSwid2lkIjo0NDE4MTAsInNyYyI6Mn0=eyJ.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a02:b4a:1:7::9166:1 , Netherlands, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin: https://www.empressleak.biz
date: Tue, 14 Nov 2023 18:45:01 GMT
access-control-allow-credentials: true
server: nginx/1.18.0
accept-ch: Sec-CH-UA-Platform-Version
content-length: 0

GET
H2 203 suurl5.php Show response
youradexchange.com/script/ 1 B
534 B 235ms
171ms Fetch
text/html 2606:4700:e4::ac40:aa13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/script/suurl5.php?r=7533746&chmob=%3F0&cbur=0.35510805925188205&cbiframe=0&cbWidth=1600&cbHeight=1200&cbtitle=I%20fucked%20my%20course%20mate%20-%20Empressleak&cbpage=https%3A%2F%2Fwww.empressleak.biz%2Fvideo%2F14272%2Fi-fucked-my-course-mate&cbref=&cbdescription=I%20fucked%20my%20course%20mate&cbkeywords=pussy%2C%20black&cbcdn=egldvmz.com&ts=1699987500802&srs=aeb7221c8deda24eac48a33e4617d617&atv=38.0-sw-adbl-suv5&abtg=1
Requested by: Host: egldvmz.com
URL: https://egldvmz.com/script/suv5.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXzDGZngcIgYQlOET3JMQZiaOEdytASk4kXRW6WRwsn5WoBNjx2jc341HGIkOpceiRbOQWFelSu%2B%2Bm%2BcPn9RMI4fwLN%2Fs97W45k2QavDDy5EtUpooEUtR%2BVc71U%2FEHWRHNYw4VSEHWtzvJa%2FJSMvmDE%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
content-type: text/html; charset=utf-8
cf-ray: 826168b87a13048b-FRA
access-control-allow-headers: Content-Type
alt-svc: h3=":443"; ma=86400

POST
H2 204 hb.php
youradexchange.com/ut/ 0
417 B 221ms
155ms Ping
text/plain 2606:4700:e4::ac40:aa13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://youradexchange.com/ut/hb.php?cb=0.3499549232015844&v=1
Requested by: Host: egldvmz.com
URL: https://egldvmz.com/script/ut.js?cb=1699987500679
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e4::ac40:aa13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.empressleak.biz/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MXDle%2BWU11rsyfgPCOYykne%2Ff8TNcClQ4lWqBEkIXq4fc0owMn41uIqtQp1JSDwKvuGyNl9uGRaJvHkl5Mstq%2F2RCkM7kCxQ58jC%2BAUF8jMcj5x5tmIT7WpEwf4N3xfRzpflW3w6WPV%2FILuQcStOJwU%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 826168b878643689-FRA
alt-svc: h3=":443"; ma=86400

POST
H2 200 solid.gif
gmxvmvptfm.com/ 43 B
638 B 30ms
30ms Ping
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gmxvmvptfm.com/solid.gif?z=1997949&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=2363210194549248&eclog=0&sp=0&im=0
Requested by: Host: gmxvmvptfm.com
URL: https://gmxvmvptfm.com/aas/r45d/vki/1997949/tghr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
x-route-id: stats.tag.loaded
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 chicken.gif
ybs2ffs7v.com/ Frame 56DA 43 B
645 B 29ms
29ms Image
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ybs2ffs7v.com/chicken.gif?z=1995151&pb=652202910379dd76adb6cee480375c9c1699994700&psp=JUaurEvdkmvkkF1DKh3MT8jisTIVXQeeXS3BlyzGbOCDTKQ8KFO3077MB2W22phwqdlONebTRJqF2EbmisUeVhi_VZAEq86IAxMG6fcQrnTYGDb8GAi_eF2sx-E5HLpxu2cc3Nuf1UoSWLJtRIc41cIKJCp0RFh7uSQQ4b7F_vGVqUhT6yKiTIJSHx1z-pIxtfZPNeJL2Mikcj-UfqjhhTkFK5bHHat6HL_BfKmXlFUboIwOdMNdDkkjGwwupflcBuOlBZ4cNgm8f0f57Lbc9tkCLSAC3ek6Qa11Cyq2OhSYafR5EOoACivgh_Sm53FJfRL4hFGxgOcrm-KMi8nPNRFWXi3uvwZDBGxZ0tq6bG5lNEbEDpyDg5fsZDAurVPANVZiXtEkxXLtFKPvv_X7MSpP8dSyA-BA4Z9Lf2Pk8oYSnSpdtWBiY8-imFJNanbpgOa_ITXCGP6324Yya07GpZfLaplxsX4nSfYvQ_j3V4pXuD03HxMO9TIQ1Se4u48yP5Bo451NeXoFs5b8RNyVyMo44QVLaNlGHnNFZ3WTzUkaM_kncWxZ0SxBhRWlIvTdE5glbsleiLVPYR4zJ27JzJlP3RUk5X2dkFZxHamx9facJdnZjCEAjnpjRLuiWi5izzZZxspEm1XH_ovTNqHsVbHemsYi9NebQCWgrSZWX5mbJ-OZanJK7cBQtgyyHsRq2G0xju_rewnXJquLpwhcBZCOzOigkOconR_nfIklcORR2AiGzLgIL7E0zSJ8Fa1b38UYF18K0nHD2Q1VwMlJrMwBVMCQG-JQPj90FAzmVnqMDsyWn7GLtQvI_xHbRcncgKkqEBpfwVeXe-jIqMkiRs9HJTtvplk6u_Rk93gIcG0tt-OR7vPBLFsFnLzEO3snvmBX7zAoGNwt8lGinXR6RqekYE_7bKdoOgL9-cEIwa8gZ16XGo-9f5mR7yT9MHBKCrCK_asyDgqJlEjSOvYf93W4nFsKl5qnExfw&freq=0&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7429759775300096&puid=7301390716112128231&eclog=0&sp=0&im=0&pload=111
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
x-route-id: stats.impression
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 1997949 Show response
gmxvmvptfm.com/get/ 37 B
682 B 33ms
32ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gmxvmvptfm.com/get/1997949?zoneid=1997949&jp=_cl1aovl8qejmwgrk8ftvpt&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=2363210194549248&eclog=0&sp=0&im=0
Requested by: Host: gmxvmvptfm.com
URL: https://gmxvmvptfm.com/aas/r45d/vki/1997949/tghr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript
x-route-id: config
timing-allow-origin: *

POST
H2 200 solid.gif
gmxvmvptfm.com/ 43 B
638 B 29ms
28ms Ping
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gmxvmvptfm.com/solid.gif?z=1997949&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=2081735217830912&eclog=0&sp=0&im=0
Requested by: Host: gmxvmvptfm.com
URL: https://gmxvmvptfm.com/aas/r45d/vki/1997949/tghr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
x-route-id: stats.tag.loaded
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 1997949 Show response
gmxvmvptfm.com/get/ 37 B
681 B 34ms
32ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gmxvmvptfm.com/get/1997949?zoneid=1997949&jp=_cl7848l7yvp6j0hs0xazex&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=2081735217830912&eclog=0&sp=0&im=0
Requested by: Host: gmxvmvptfm.com
URL: https://gmxvmvptfm.com/aas/r45d/vki/1997949/tghr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript
x-route-id: config
timing-allow-origin: *

POST
H2 200 solid.gif
gmxvmvptfm.com/ 43 B
638 B 34ms
33ms Ping
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gmxvmvptfm.com/solid.gif?z=1997949&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=4896484984921600&eclog=0&sp=0&im=0
Requested by: Host: gmxvmvptfm.com
URL: https://gmxvmvptfm.com/aas/r45d/vki/1997949/tghr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
x-route-id: stats.tag.loaded
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 1997949 Show response
gmxvmvptfm.com/get/ 37 B
682 B 32ms
31ms Script
text/javascript 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://gmxvmvptfm.com/get/1997949?zoneid=1997949&jp=_cljylrxdxdnzr8ktaybngy&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=4896484984921600&eclog=0&sp=0&im=0
Requested by: Host: gmxvmvptfm.com
URL: https://gmxvmvptfm.com/aas/r45d/vki/1997949/tghr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
vary: Accept-Encoding
content-type: text/javascript
x-route-id: config
timing-allow-origin: *

GET
H2 200 chicken.gif
ybs2ffs7v.com/ Frame 5F56 43 B
479 B 30ms
30ms Image
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ybs2ffs7v.com/chicken.gif?z=1995152&pb=652202910379dd76adb6cee480375c9c1699994700&psp=1_UBmefoMQUlLkz4mJ2lYEKDcfsWF5FQbPCDgO7vlTaDMggLzmX7vSS-np4dq1UxHP7uVLrED8Q319NIPQX91DdcfTOFpgO4ioOqF-3tCHf2ZDWbk2Uq8z1AzC6vALymu3Yq-iN4-lPMWUpn5hr0It8gw6qkxdXDyZ7E_wrbWr8ItmpQEbRwp6IM4vdYBeieCpxxiJM7aYpgxonhlSaK9zvlLUX1fr_f9eicVuE8KuESGi8aAE8d1VxJBZG-TFwdYHUnu8jrBN_fkGz0c8EUGtk-WDRQSPH1Fz8Oun7lWa1mFqZGyMKkVtRP8mNHY6O_sZR9JfM38AFINd1zmamWO5QUKzuA3-Zkjd1SLlGckeLSvFOyLMuFyh7zYyB9igQisYJL-WHnBt-5vOUWV-2GqAtV-bq2O8h1xOishx-14aWm-9mIMgNPuQsc1VK9uj14J3GcGQ_Scu9jIep21baKcjf1GpWSTjVvB5Sxhne2zCa9YqPUc403GHdWF3lKo5woIsPp0S1UzYLpEQcbq3jEIss-TZIFEsH2mjFucdhdeF28xaxcLvkOuE4qbZjDdmWpu2PMxOVZZvG_2fBnZGnLNzbcvZN5IxPGWCVdhyBNrdVu5BHV4TFyGKCeFmW3ghylaMlvuyLGM1CiqOdzf3FM9kPz41-_1magQo6BgmzK46l1F15H6sC4TSxkOJzRQ_HQauOBr6kGrA8CHYdwwrrK30RQkSg-veQUJA-OKL17zjDB9a6Tzs3yuulOM_g_PWKnRaHtNLJh93joRnBWWc-v_s30jfHW4_IsqoSBvPHA0gqva2sluuJwQSOsU2NajSSXV54BbnBo4YM5cwhEIDMw83ZzJZtHOpVWdYDjNfarO3D8SS_bOJudksIbw47DsYTL34YkrOBSRTHXFUYKs8Et0WGaGqUTSpH7o0eK3glNr9SHak4LKZdae2qPOUQBvZCih1QJyh1F-R2aDeYDhLFRlomGmJuoIyJlvx67xwBC5x6isbJR-7v9UGRc5mLd3SXa5fj_cN1A4our3LkMK_nJLW6gGCRvLm6rgjMegR2PTQXAK8B2YFjYfGMrUMbd08SYKtUOADG2meA_uSjjtVpWNcFdt7aDLAsudhpGkiGtmElw25iSfONSKaGb90WN_yqZcF8MCziwFVac4rKFRtqjzOOVjHg50Zn0lwRA-O27GWOYYLVCXY0i0nBxOdNuBOogy1BM6minPNTusruZOgb-ub1ue-xfQmuXJCi81cHfqEA-B-ryRcMQ&freq=0&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=7992709728761856&puid=7301390716112128231&eclog=0&sp=0&im=0&pload=126
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
x-route-id: stats.impression
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
H2 200 style.css
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/ Frame 27D6 10 KB
3 KB 27ms
26ms Stylesheet
text/css 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css

Requested by

Host: f8.cdn.ftd.agency
URL: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1295245466&m=2096929604&c=1519956894&p0=1534494750&u=1030237a70d8efb0&t=1699987500&n=4529889769990882887&h=987686738

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

a806fd7acb95a502ddbae522c87011b5a767d2402fd9f8f47a429efd77d74ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1295245466&m=2096929604&c=1519956894&p0=1534494750&u=1030237a70d8efb0&t=1699987500&n=4529889769990882887&h=987686738
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
etag: W/"654e0628-2744"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 14:41:58 GMT

GET
H2 200 banner_html5.js Show response
f8.cdn.ftd.agency/libs/ Frame 27D6 2 KB
1 KB 28ms
27ms Script
application/javascript 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to

Full URL

https://f8.cdn.ftd.agency/libs/banner_html5.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

e5ea550aa4bcb9f327fa18006fbbb06b5df119f19af6e26de29ffae10e0af430

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1295245466&m=2096929604&c=1519956894&p0=1534494750&u=1030237a70d8efb0&t=1699987500&n=4529889769990882887&h=987686738
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
last-modified: Tue, 09 Apr 2019 12:08:21 GMT
server: nginx
etag: W/"5cac8b35-8b8"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 15:46:51 GMT

GET
H2 200 logo.svg
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/ Frame 27D6 1 KB
1 KB 47ms
46ms Image
image/svg+xml 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/logo.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

39049b8ae937a826675e5c28e751ae0f9546a62f9c4dde6174fc661f0f143125

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/index.html?clickTag=https://z.cdn.ftd.agency/go?z=1295245466&m=2096929604&c=1519956894&p0=1534494750&u=1030237a70d8efb0&t=1699987500&n=4529889769990882887&h=987686738
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block;
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
etag: W/"654e0628-4f0"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-max-age: 1728000
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 14:41:58 GMT

GET
H2 200 chicken.gif
ybs2ffs7v.com/ Frame 532A 43 B
645 B 28ms
28ms Image
image/gif 212.117.190.201
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ybs2ffs7v.com/chicken.gif?z=1995151&pb=652202910379dd76adb6cee480375c9c1699994700&psp=56fz3wRRsUrNrL_6hXLC0gpcry7Ar4MzmqSGzwmiYSYmSFnZvNgu_a-q8jK7bD1gEzfkWMDMxMN03dYq-mn2vEP6blgaaP57UDFP8KPolYDuA9HKP04G9jEabGbfAO56Ej6iMHQpckJA1GqiyF4rNnFbk0g77b6m8qaLSQf0jXFFC088ZvWYHHESeloIvK54ZCdbMWaV1MHuB8UUQzC7Q34I2IYzGC_qwI8-EEIhDAjLprbS2b_G6Xw4wH4l2XUNaUPBMKJ1Row7KMJGPY_dyBJOKlDwh5n_wWLaR1oleMN8zDT6YVPdMUFTaK3dr9m1F6tDY3g0YYsXMLB3NC2fOLL-ja2mrw-INVr_vyp1LuxROoP8nnNupzmYBKka_aRxF-WCosIxW4U0xnG7uagTOwxvT0FVANKCZuCWHe8uajPSyxRO4m_yh1vRc0OcKjePBMrqzvHwtqY9yiVmRl1Xth01o_qXHqNyOIT6bV9-d5G5A37twgJ-8mathWPl7i7ICcQqSnciuXuFbO842dHiXO1zqyq0Bx69fGnsWu-QAZYA87wQ58oFQaqWT_QiqmXseJpyfV0cnSiTneJx819hUgcyTisxbzhbEezs08Bbkjtbd_B3aX468DkgbGK6zyks5cLcjbCsGRqMIaGRSnS93B4akAq4qtojKs53jEdPCPWEslhbGxdV3VJQZay5XQIHOE-JUxElnSNgZgv1VQRHq7xsPG9NGAS2EkaQRR5i7mCJAteUYmSCyKL4FC8_4Ks24djhaqL6pB229iSDXPRoel8605raB-tSSN7w99AhWKamSO4tIxXkveXtE_dR4R6glWPuFj-TVMi4xJyNnB5w_shs42baCaVjymqkNUENYPoU3PRh7Wj1w8RoAnHOd4H07gYn6W5fA8o236h5VgweBcm0y82VLZ3Phmchqias9ZuXckbFdop0Td4ggoX33heEmzCghZCSsibXhRfro2TZRlbd2AEb7p8_b4ae&freq=0&nojs=0&abvar=0&febuild=1.0.176&t=0&wcks=1&wgl=1&cnvs=1&os=-60&ss=1&ls=1&bb=0&plu=Chrome%20PDF%20Plugin::Chrome%20PDF%20Viewer::Native%20Client&lang=en-US&pf=Win32&cd=24&ix=0&x=1600&y=1200&md=0&afid=4333535031514624&puid=7301390716112128231&eclog=0&sp=0&im=0&pload=214
Requested by: Host: www.empressleak.biz
URL: https://www.empressleak.biz/video/14272/i-fucked-my-course-mate
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 212.117.190.201 Luxembourg, Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx /
Resource Hash: 44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:00 GMT
x-route-id: stats.impression
server: nginx
accept-ch: sec-ch-ua-wow64,sec-ch-ua-full-version-list,sec-ch-ua,sec-ch-ua-platform,sec-ch-ua-mobile,sec-ch-ua-full-version,sec-ch-ua-platform-version,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-model,sec-ch-width,sec-ch-viewport-width,sec-ch-viewport-height,sec-ch-dpr,sec-ch-device-memory,sec-ch-rtt,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors,sec-ch-prefers-reduced-data
timing-allow-origin: *
content-length: 43
content-type: image/gif

GET
DATA 200
OK truncated
/ 439 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 css2
fonts.googleapis.com/ Frame 27D6 5 KB
1 KB 77ms
29ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@1,500;1,700&display=swap

Requested by

Host: f8.cdn.ftd.agency
URL: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7ec10790a827b24be9df2e5468b6258db314aad62b834b32ea55d2653cef932e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 14 Nov 2023 18:45:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 14 Nov 2023 18:45:00 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Nov 2023 18:45:00 GMT

GET
H2 200 bg-gradient.png
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/ Frame 27D6 6 KB
6 KB 27ms
26ms Image
image/png 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/bg-gradient.png

Requested by

Host: f8.cdn.ftd.agency
URL: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

ab3dcfbfe374dcdf4d5232c1b0b6fa6565b3ca612f38faa701f66de458a85cc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
x-content-type-options: nosniff
content-length: 6099
x-xss-protection: 1; mode=block;
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
etag: "654e0628-17d3"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 15:17:17 GMT

GET
H2 200 s1-img-1.png
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/ Frame 27D6 8 KB
8 KB 28ms
27ms Image
image/png 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/s1-img-1.png

Requested by

Host: f8.cdn.ftd.agency
URL: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

ad527939df398f66eb1b05a08f3944e0979c4ce4e37d1433962fef48a19173bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
x-content-type-options: nosniff
content-length: 8024
x-xss-protection: 1; mode=block;
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
etag: "654e0628-1f58"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 14:40:52 GMT

GET
H2 200 s1-img-2.png
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/ Frame 27D6 8 KB
8 KB 29ms
28ms Image
image/png 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/s1-img-2.png

Requested by

Host: f8.cdn.ftd.agency
URL: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

04e9dea819f43b9351460ae88365ad4f0f1e7d7af4aa142708ecb71a1d6d5dd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
x-content-type-options: nosniff
content-length: 8089
x-xss-protection: 1; mode=block;
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
etag: "654e0628-1f99"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 15:17:17 GMT

GET
H2 200 s1-sum.png
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/ Frame 27D6 6 KB
6 KB 29ms
28ms Image
image/png 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/s1-sum.png

Requested by

Host: f8.cdn.ftd.agency
URL: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

a0fd36c1d35c7185c02ab7c33fb7d794342a5e320e9ef5a9b7a91dc1ab188f5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
x-content-type-options: nosniff
content-length: 6185
x-xss-protection: 1; mode=block;
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
etag: "654e0628-1829"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 14:40:52 GMT

GET
H2 200 s1-title.png
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/ Frame 27D6 10 KB
10 KB 30ms
30ms Image
image/png 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/s1-title.png

Requested by

Host: f8.cdn.ftd.agency
URL: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

378bab7b6a382c210061280fc115d1e0bde71798820e8f48a06b70b02b633325

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
x-content-type-options: nosniff
content-length: 9827
x-xss-protection: 1; mode=block;
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
etag: "654e0628-2663"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 15:17:17 GMT

GET
H2 200 glare.png
f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/ Frame 27D6 1 KB
2 KB 31ms
30ms Image
image/png 84.16.235.200
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/img/glare.png

Requested by

Host: f8.cdn.ftd.agency
URL: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css

Protocol

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

84.16.235.200 , Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),

Reverse DNS

Software

nginx /

Resource Hash

5976d148779cb1f0d34a5db4683d218beb2a18f0eaee4bb1ce3cd053d589fbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f8.cdn.ftd.agency/uploads/media/9/4/87849/v1/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
x-content-type-options: nosniff
content-length: 1383
x-xss-protection: 1; mode=block;
last-modified: Fri, 10 Nov 2023 10:30:00 GMT
server: nginx
etag: "654e0628-567"
access-control-max-age: 1728000
access-control-allow-methods: GET, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
access-control-allow-headers: X-PINGOTHER
expires: Wed, 15 Nov 2023 14:40:52 GMT

GET
H2 200 KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 27D6 17 KB
17 KB 68ms
20ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@1,500;1,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://f8.cdn.ftd.agency
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Sat, 11 Nov 2023 09:21:37 GMT
x-content-type-options: nosniff
age: 293004
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17032
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:52 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 10 Nov 2024 09:21:37 GMT

GET
H2 200 220429 Show response
sub.yenidwa.com/api/users/ 562 B
626 B 25ms
24ms Script
text/javascript 2a01:4f8:161:6222::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sub.yenidwa.com/api/users/220429?host=www.empressleak.biz&ev=210&wh=1200&ww=1600&uuid=&kw=pussy%2Cblack
Requested by: Host: sub.yenidwa.com
URL: https://sub.yenidwa.com/JYVTvb5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:161:6222::2 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 6e1e07f693cd0e2e5de719229e5bd28cd32a0abb8c850be6c6545083d454cb76

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
cache-control: private
content-encoding: gzip
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET
H2 200 113235 Show response
sub.yenidwa.com/api/users/ 562 B
629 B 25ms
24ms Script
text/javascript 2a01:4f8:161:6222::2
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sub.yenidwa.com/api/users/113235?host=www.empressleak.biz&ev=210&wh=1200&ww=1600&uuid=&kw=pussy%2Cblack
Requested by: Host: sub.yenidwa.com
URL: https://sub.yenidwa.com/JYVTvb5.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a01:4f8:161:6222::2 Berlin, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software: nginx /
Resource Hash: 73ccd3d3a1dfbe75ff08f20aa96f9d93990b12a8b3713e0b7aab80bed3a7bb66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.empressleak.biz/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date: Tue, 14 Nov 2023 18:45:01 GMT
cache-control: private
content-encoding: gzip
server: nginx
x-robots-tag: noindex, nofollow
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8

GET wnload
tdmrfw.com/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tdmrfw.com
URL: https://tdmrfw.com/wnload?a=1&e=aeyJwaWQiOjExMDQ0NDMsInNpZCI6MTE5ODI0NSwid2lkIjo0NDE4MTAsImQiOiJlbXByZXNzbGVhay5iaXoiLCJsaSI6Mn0=&tz=1&if=0&u=aHR0cHM6Ly93d3cuZW1wcmVzc2xlYWsuYml6L3ZpZGVvLzE0MjcyL2ktZnVja2VkLW15LWNvdXJzZS1tYXRl&inc=0

Verdicts & Comments Add Verdict or Comment

183 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

17 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.empressleak.biz/video/14272	1969-12-31 23:59:59	Name: asgfp2 Value: bcc4ff375a27fef5cf8eb25b0d11379e
www.empressleak.biz/	1969-12-31 23:59:59	Name: AVS Value: 0e7887e45314ae9836edc5de92bd78c8
.empressleak.biz/	1970-01-21 01:49:07	Name: _ga_E5TCQWTM1Z Value: GS1.1.1699987500.1.0.1699987500.60.0.0
.empressleak.biz/	1970-01-21 01:49:07	Name: _ga Value: GA1.1.2027025803.1699987501
ybs2ffs7v.com/	1970-01-21 01:47:41	Name: CHCK Value: 1
ybs2ffs7v.com/	1970-01-21 01:47:41	Name: UID Value: 2311141345fafb4dfd36954e378800a02094
.cdn.ftd.agency/	1970-01-21 01:49:07	Name: AU Value: 1030237a70d8efb0
www.empressleak.biz/	1969-12-31 23:59:59	Name: bnState_1995152 Value: {"impressions":1,"delayStarted":0}
coosync.com/	1970-01-21 01:47:41	Name: SUID Value: 7301390716112128231
www.empressleak.biz/	1969-12-31 23:59:59	Name: bnState_1995151 Value: {"impressions":2,"delayStarted":0}
ybs2ffs7v.com/	1970-01-21 01:47:41	Name: DUID Value: 7301390716112128231
www.empressleak.biz/	1970-01-21 01:47:37	Name: __PPU_puid Value: 7301390716112128231
gmxvmvptfm.com/	1970-01-21 01:47:41	Name: CHCK Value: 1
ybs2ffs7v.com/	1970-01-20 16:56:19	Name: OACICAP Value: ACim3QAAAAAAAAAB
ybs2ffs7v.com/	1970-01-20 16:56:19	Name: OACIBLOCK Value: ACim3QAAAABlUv7Q
gmxvmvptfm.com/	1970-01-21 01:47:41	Name: UID Value: 2311141345de860ca52e3e4572a4a07c4a34
sub.yenidwa.com/	1970-01-21 01:49:07	Name: nauid Value: DfBORP1IQKazA3FssW3v

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.avscms.com/top10.js Message: Failed to load resource: the server responded with a status of 404 ()
security	warning	URL: https://ybs2ffs7v.com/lv/esnk/1995151/code.js(Line 15) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://ybs2ffs7v.com/lv/esnk/1995152/code.js(Line 15) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security	warning	URL: https://ybs2ffs7v.com/lv/esnk/1995151/code.js(Line 15) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.avscms.com
cdn.bncloudfl.com
cdn.ftd.agency
cdn.pncloudfl.com
cdn.tapioni.com
cdnjs.cloudflare.com
code.jquery.com
coosync.com
egldvmz.com
f8.cdn.ftd.agency
fonts.googleapis.com
fonts.gstatic.com
gmxvmvptfm.com
nkfinsdg.com
nwwais.com
refbanners.com
refpa4948989.top
region1.analytics.google.com
service.supercounters.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
sub.yenidwa.com
tdmrfw.com
use.fontawesome.com
waust.at
whos.amung.us
widget.supercounters.com
wivyiz.com
www.empressleak.biz
www.google.de
www.googletagmanager.com
ybs2ffs7v.com
youradexchange.com
z.cdn.ftd.agency
tdmrfw.com
172.104.29.90
178.253.46.81
179.60.147.85
2001:4860:4802:32::36
212.117.190.201
2606:4700:10::6816:2647
2606:4700:10::ac43:19a1
2606:4700:10::ac43:88d
2606:4700:20::ac43:4739
2606:4700:3035::ac43:d656
2606:4700::6811:180e
2606:4700::6812:acf
2606:4700:e0::ac40:600f
2606:4700:e2::ac40:8c0d
2606:4700:e4::ac40:aa13
2a00:1450:4001:800::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:811::200a
2a00:1450:4001:82b::2008
2a00:1450:400c:c02::9a
2a01:4f8:161:6222::2
2a02:b4a:1:7::9166:1
2a04:4e42:600::649
2a06:98c1:3120::3
2a06:98c1:3121::3
37.48.117.210
38.242.202.131
83.147.204.12
84.16.235.200
0151bb1053a776bafe51782b248c2cb9293458a4ca5ad133b0bb8347c446a96e
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
04e9dea819f43b9351460ae88365ad4f0f1e7d7af4aa142708ecb71a1d6d5dd0
07a98c8fe62529dbe43040f0b892ddf0c301df9b30bda85b47c573907482be0e
09a63fd8278f241f3aff23d23ebb1e2b8c4a9156d1744c3f33625083b06a2abc
0d119b3564451ba6007d49bc5843c85c1b2a88ff6f8a5b41b5a1570146106bd4
11545f8cc65c7cd666ed66432a02c684ba6b903bcf5342df43b39aad9fa08377
16830da804bec72764ea56378fd486b847a7941028f54a3302af268c3947d1f2
185a918933189b7cfac7e912d5315fae8e22df1f5bcdfbc7cb4a16edd1f55fb6
198a55310d4d5b786ff571ff4f16a66505bb17545c557818c8de810851616955
19d3742399a2d2f2742629a53097010667b0a75b0a297e8ac686c621cb337100
1e0e54b9d0463292409afece648fbdddde1e1206fd56686d487fb52f80f5f095
1e9fbe0aab86973726889adcfe10d83c9e3dea4d461b332b202a3b676f2a0eff
1ea3c0a694bd042b706f9d6973754d3e9f202a208c108d28957ce00c9127c938
2052a227c361a7e99ea70f5bdcf54cd9e6c6b493dd4d20b73b376d94ce0dc0d1
238757f8f15b6eb7e0ba35b63b3c76438d59e9bd7b74c6e7eadc13148211ce10
23d8154c712c2d0fc5e4b23037e7dd257fc2674cd80a152364f0cf27019e81af
26944f1d7e7aa78aa8d9fb1060c5b032edaff0cef6a557f30f42bde542d245cf
2d054b502d829accd15ff9cb78d1431df1c3ec2c67ca18d4008d2cbc973c6384
2d31a332780a1dbfc0b421fd74894f752c034c14a80dc40fe906132d854f603b
3022b08a70312b292bbd1bdb64e9b3c28019be5f94f4ccb631c42506344e2dec
345995a05e042593c0e0f87d6e4d5ed1a5006c1bb2c8e2160af1078c8f180471
36b92415e51bccb974a8b2870d70b5b86072b23e17ad6856eb88b029113b4102
378bab7b6a382c210061280fc115d1e0bde71798820e8f48a06b70b02b633325
39049b8ae937a826675e5c28e751ae0f9546a62f9c4dde6174fc661f0f143125
3c407a6c58678f569bcea94beb5ef9bd2c9daab70aa2de1937bf48c8be6c0db0
3cea9fd4486e2820f34fdeb7970fd29c4fa531e79a285bf58aaab1ecdadfa99a
3cfb2dc4db1f1cac94e448994f6e8706e253f25bf8982b7658ed9f3d3e3fb4be
44251f61629e2bfeead421241a917f43ad047af351659f01cd8fd937f0417f84
46164742988e47c01e710dd8188ccdcdb3cef674e2ad8a607342ddb40b8365e5
492c0cc43fe2f116c34331c974a114c74a5f8349596a09be57add01e374c4823
49de48e17e2f16c2dc34bea64a1d86e72bd260ae2fd70639ae16b275dc2f0165
4c554d864880871a5e29b3c0db601eb91e8167ab51295654f3bfeb8877c704e8
4d9e9c7362c85be438389c81430866ef6e3059a4e666b831ebf2dd597047dc5f
4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2
4f9ee3d8f6e621642979e6a8f7e75c57cb9da34918cc08a38abfe178dbae1dd2
527454ee4d586c044b06092744a9607511d9da884ef2fda227640c96f0fbe072
52cea0b1bdae8a370373f0867e2a44537363ff9c90a890d08e3fe92f52774feb
555bf9d2c4690a7631745876e2239d13536bf2f11f0d09ca9210dc0799200418
56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4
5976d148779cb1f0d34a5db4683d218beb2a18f0eaee4bb1ce3cd053d589fbf4
59cb1b26ea6277335a8c564a48b1f16ae4684c2135547e9233eff0ea4cdf1497
5adad35d1495d9f185f0367aa64c842bdbf6e130d8dec1ae9822d133a35e65ee
5c77a46343eba005d89425635f6de8498be136ade0f3cca99255c48fb66951a7
5f0e9eb85dd384496757f5a771f68817a77e359a51112ca931e377cf7c02eb52
5f1693d43592f90bdbd5488cbb7118b3ec3d4d903f7f4ef0f910d6e479f2e790
63a6302eda1b2f7918fcfea56411d720ffdd68e115bdb4106a70b4ef9c4bc703
6a9e1c654bc1f0c0ebffcad1766b57e69cbf954f285309952fb183de9e6ee778
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6be97ca17228a69c406231d89c003194c3dfba7401eaa9fe9e9ed0ef1c18dc38
6e1e07f693cd0e2e5de719229e5bd28cd32a0abb8c850be6c6545083d454cb76
6ec4e580e3d62ab9cd57d6e94675d8a7c3f9e070351517f896613f0dc06d8eed
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
718e1c8710d0a1c5f965b223ba9ad1e0e869de40ccb643b2bb20fa96b42e009f
72d79d0ad9a70ef53c1bab65c588d44bffb1a1b5aba0eb2f9f6a886c4c3aec4f
73ccd3d3a1dfbe75ff08f20aa96f9d93990b12a8b3713e0b7aab80bed3a7bb66
7928b5ab63c6e89ee0ee26f5ef201a58c72baf91abb688580a1aa26eb57b3c11
796417b50e62fb7e68c0da9cccd869a33e9100d9e7ee43be2e9234137e91f27a
7b6b562ec62670d8abb9085933dfee2ac00873bed178a68be918d1493127d111
7c04585497e13fb2c8a8d9df52da676ee8d6df836c7c2e0e25bb5cdfbacadabb
7c2772b4662c742612e6bbce121ef4e1f0585cd4b11370f1489d2d2d9cf55336
7ec10790a827b24be9df2e5468b6258db314aad62b834b32ea55d2653cef932e
81635dcb18a56d76c64044586307bc35eaf1d580d4c6667753d65b3a1e9721b4
83c34dfc545f0a4a9abf928abd74c5dbd88584f832d60fda13cdd24203af615a
864fc18da1d11f5fb4653d58c745cc3af07da0a4829eb1400e3118b47409f9ae
88f76d2cd8cefb5a4efc7c88599f112db6585ea98430ac55536457fb8614f352
8b137655d52076b220b7929c1ebc320ce9eb92414c7d648a2a7f49e1b6947d35
8c1a74658e37219b91f55ab79688f24f03f30ccd1f6c1594bb47ab36737f300c
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
90af4122756f40dd0f42ebb25bd557d88dbf2b88df12d5857ff767ca2d82d2d4
966fa0cb338bab08541c9609bbe0909f143eb2ae8fb2863f9e6ae095f4688520
9682f312f23e078bb135f23ea5a178b178e75c02d33672f20044d18c6d258928
982d814829dab648f0e19259f09ae2fada7089df26e66aff45346cc3459384b3
9c099acc093abd2df85eaa34052ad36fe69b6ed16582c14aecd2928baa3b63bf
9d73813de8a9b0af2bb270760a99b3b2f3ce66215d4e3e3aff44b6255bcae621
9f4c2ec4f171b982965063518644669f0798cb24864f9ad6eba09e989462e0f6
a0fd36c1d35c7185c02ab7c33fb7d794342a5e320e9ef5a9b7a91dc1ab188f5d
a39d9acefe24437ed2d4031241c6a1e19751f7e2010681b9320dd2264d27ef54
a3c4c80d89131e88469ab1d602700ecaee3fdaa4f3969dce74306de9db10d9fd
a766e3fd396227d66bb64b22bcec830dafdd3621cf47e27172fbc55572507f7d
a806fd7acb95a502ddbae522c87011b5a767d2402fd9f8f47a429efd77d74ea2
ab3dcfbfe374dcdf4d5232c1b0b6fa6565b3ca612f38faa701f66de458a85cc4
ac750c411915309e6d642fb5555d2a1fe2a0bc1aa8de6cff5acf3a5c5c485bcf
ad527939df398f66eb1b05a08f3944e0979c4ce4e37d1433962fef48a19173bf
b14943e6c494a797aebba3e75753a8776bdb4eca0ddf73d41a3f329e417eeb13
b1ed466568ca5e5d67ce621f462e839ca45bed19841f15b93531f4684d4b9c01
bbb8aa36f8da8197f1bc89e5b06e9bc7a03436d38f452f170fa28248dc8a1aa3
bbe0992d47f28fe2e540e640ece6742f07cd78fd1898963a5dbc978d84cf4661
bc144a94b00b4bd215f45cdaa7d42441c4e4ce8492d425f5135c06198bd8cc15
bc3de476b33e5eebbc244fc42ac16d5844e98607ac308c220be2090bef5d46d4
bc624d5946daa2e2c7ac3cf7dce07527637d5fafdc2b66c75a36be7f5dda0c85
c4731e9949b7b075d1e5ff0f08f811ad50eb16f77938d26ab1c520249b6d8851
c94588c2c490281057748a6bc21191dae810fb22ce8cc638b5e3fc7d390eb165
c9749f97681adc37e54cc71fd900cc604dfc97fc3e7cad7504d20fa80f819d83
cad7fa47a44fcf84d47a5f5a806b4a15ca134068c4053d5d53c54f3340e52858
d4ad44d03725bbfe46081701d113f7e77860cc72c76bb87f80c216204d4085c5
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
d825a9df663f280b8e0fc90257001b2aa39689d4a2fc13b5f8ef60a0c0d73562
db5691f200c5ed5dc75c3277972b32d4266f039f1a3fd9e0c999f16bb8d0570c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5ea550aa4bcb9f327fa18006fbbb06b5df119f19af6e26de29ffae10e0af430
e86558ec0e214497d1e95a16125ca9499ae87fe97073bbd7193f0420d2f89647
e8a0bac2defbdc26b039b3c97b8ba799fb3a29afefca9411c804edc1b99879f4
e98611a5c45de144fbc2595f9f24b414a84acaacc4c066ff5e1fbb51c00fa414
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1c6fd77e5f351f9124aa049575e0fb69f1fbeb4d49bc04ba8c8c4e8d54feccc
f56b0bd9e5cd22334b47cc1d10e2cf1ae6a2fd95c16ed5534e925f6dfae331ed
f6d82f567d08ec91a1b6ef0d4abf21be7a2d3dbc0a41c122584ea3536755b3ac
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

www.empressleak.biz Open in urlscan Pro 38.242.202.131 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

122 Requests

98 %HTTPS

72 %IPv6

31 Domains

34 Subdomains

30 IPs

7 Countries

3305 kBTransfer

5492 kBSize

17 Cookies

10 Outgoing links

Redirected requests

122 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.empressleak.biz Open in urlscan Pro
38.242.202.131 Public Scan

Screenshot
Live screenshot

Full Image

122
Requests

98 %
HTTPS

72 %
IPv6

31
Domains

34
Subdomains

30
IPs

7
Countries

3305 kB
Transfer

5492 kB
Size

17
Cookies

122 HTTP transactions
3 data transactions