urlscan.io logo urlscan.io
SecurityTrails logo

www.irdleak.nz Open in urlscan Pro
13.237.233.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.ird-leak.nz/
Effective URL: https://www.irdleak.nz/
Submission: On September 18 via manual from NZ — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 5 countries across 14 domains to perform 34 HTTP transactions. The main IP is 13.237.233.226, located in Sydney, Australia and belongs to AMAZON-02, US. The main domain is www.irdleak.nz.
TLS certificate: Issued by R10 on September 13th 2024. Valid for: 3 months.
This is the only time www.irdleak.nz was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 172.67.187.207 13335 (CLOUDFLAR...)
1 1 75.2.70.75 16509 (AMAZON-02)
1 13.237.233.226 16509 (AMAZON-02)
10 104.18.161.117 13335 (CLOUDFLAR...)
1 2404:6800:400... 15169 (GOOGLE)
1 2a04:4e42:200... 54113 (FASTLY)
3 13.210.94.93 16509 (AMAZON-02)
2 104.17.25.14 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 142.251.221.68 15169 (GOOGLE)
1 13.35.148.61 16509 (AMAZON-02)
1 2404:6800:400... 15169 (GOOGLE)
2 2620:1ec:bdf::30 8075 (MICROSOFT...)
3 139.59.182.151 14061 (DIGITALOC...)
3 20.122.63.128 8075 (MICROSOFT...)
2 2404:6800:400... 15169 (GOOGLE)
1 2404:6800:400... 15169 (GOOGLE)
1 2 52.231.230.148 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
34 16
1    172.67.187.207 (United States)

ASN13335 (CLOUDFLARENET, US)
www.ird-leak.nz
1    75.2.70.75 (United States)

ASN16509 (AMAZON-02, US)
PTR: aacb0a264e514dd48.awsglobalaccelerator.com
irdleak.nz
1    13.237.233.226 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-237-233-226.ap-southeast-2.compute.amazonaws.com
www.irdleak.nz
10    104.18.161.117 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.prod.website-files.com
1    2404:6800:4006:810::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2a04:4e42:200::649 (United States)

ASN54113 (FASTLY, US)
code.jquery.com
3    13.210.94.93 (Sydney, Australia)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-210-94-93.ap-southeast-2.compute.amazonaws.com
app.campaign.engineering
2    104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2606:4700::6811:f8cb (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    142.251.221.68 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: syd09s31-in-f4.1e100.net
www.google.com
1    13.35.148.61 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-148-61.syd1.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net
1    2404:6800:4006:80a::200a (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2620:1ec:bdf::30 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
3    139.59.182.151 (Slough, United Kingdom)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: 1060250.cloudwaysapps.com
wordpress-1060250-4073233.cloudwaysapps.com
3    20.122.63.128 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.clarity.ms
2    2404:6800:4006:809::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2404:6800:4006:804::2003 (Sydney, Australia)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    52.231.230.148 (Busan, Korea, Republic Of)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::237 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
Apex Domain
Subdomains		 Transfer
10 website-files.com
cdn.prod.website-files.com — Cisco Umbrella Rank: 6185
1 MB
7 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 682
p.clarity.ms — Cisco Umbrella Rank: 6570
c.clarity.ms — Cisco Umbrella Rank: 1382
30 KB
3 gstatic.com
fonts.gstatic.com
www.gstatic.com
310 KB
3 cloudwaysapps.com
wordpress-1060250-4073233.cloudwaysapps.com
36 KB
3 campaign.engineering
app.campaign.engineering
10 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 215
6 KB
2 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 407
fonts.googleapis.com — Cisco Umbrella Rank: 31
9 KB
2 irdleak.nz
irdleak.nz
www.irdleak.nz
6 KB
1 bing.com
c.bing.com — Cisco Umbrella Rank: 231
776 B
1 cloudfront.net
d3e54v103j8qbb.cloudfront.net
30 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 3
988 B
1 unpkg.com
unpkg.com — Cisco Umbrella Rank: 797
16 KB
1 jquery.com
code.jquery.com — Cisco Umbrella Rank: 808
86 KB
1 ird-leak.nz
www.ird-leak.nz
517 B
34 14
Domain Requested by
10 cdn.prod.website-files.com www.irdleak.nz
cdn.prod.website-files.com
3 p.clarity.ms www.clarity.ms
3 wordpress-1060250-4073233.cloudwaysapps.com www.irdleak.nz
3 app.campaign.engineering www.irdleak.nz
2 c.clarity.ms 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.clarity.ms cdn.prod.website-files.com
www.clarity.ms
2 cdnjs.cloudflare.com www.irdleak.nz
1 c.bing.com 1 redirects
1 www.gstatic.com www.google.com
1 fonts.googleapis.com ajax.googleapis.com
1 d3e54v103j8qbb.cloudfront.net www.irdleak.nz
1 www.google.com www.irdleak.nz
1 unpkg.com www.irdleak.nz
1 code.jquery.com www.irdleak.nz
1 ajax.googleapis.com www.irdleak.nz
1 www.irdleak.nz
1 irdleak.nz 1 redirects
1 www.ird-leak.nz 1 redirects
34 19

This site contains links to these domains. Also see Links.

Domain
www.taxpayers.org.nz
verifalia.com
Subject Issuer Validity Valid
www.irdleak.nz
R10		 2024-09-13 -
2024-12-12		 3 months crt.sh
prod.website-files.com
WE1		 2024-08-23 -
2024-11-21		 3 months crt.sh
upload.video.google.com
WR2		 2024-08-26 -
2024-11-18		 3 months crt.sh
*.jquery.com
Sectigo ECC Domain Validation Secure Server CA		 2024-06-25 -
2025-06-25		 a year crt.sh
*.campaign.engineering
Sectigo RSA Domain Validation Secure Server CA		 2024-06-14 -
2025-06-14		 a year crt.sh
cdnjs.cloudflare.com
WE1		 2024-07-31 -
2024-10-29		 3 months crt.sh
unpkg.com
WE1		 2024-07-28 -
2024-10-26		 3 months crt.sh
*.google.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2024-09-04 -
2025-09-04		 a year crt.sh
*.cloudwaysapps.com
Sectigo RSA Domain Validation Secure Server CA		 2024-04-05 -
2025-05-06		 a year crt.sh
a.clarity.ms
Microsoft Azure RSA TLS Issuing CA 08		 2024-06-23 -
2025-06-18		 a year crt.sh
*.gstatic.com
WR2		 2024-08-12 -
2024-11-04		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://www.irdleak.nz/
Frame ID: E0A5F220690EA139CD56025B6E222AF8
Requests: 34 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IRD Data Leak

Page URL History Show full URLs

  1. http://www.ird-leak.nz/ HTTP 307
    https://www.ird-leak.nz/ HTTP 301
    https://irdleak.nz/ HTTP 301
    https://www.irdleak.nz/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
  • googleapis\.com/.+webfont
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

34
Requests

97 %
HTTPS

42 %
IPv6

14
Domains

19
Subdomains

16
IPs

5
Countries

1805 kB
Transfer

8205 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.ird-leak.nz/ HTTP 307
    https://www.ird-leak.nz/ HTTP 301
    https://irdleak.nz/ HTTP 301
    https://www.irdleak.nz/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=810AAA1BA7EE40AEB4DBF0A989DF5CDE&RedC=c.clarity.ms&MXFR=16CEFE2EE2C365D9269BEAD0E6C36B45 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=810AAA1BA7EE40AEB4DBF0A989DF5CDE&MUID=2813F25FCF8C6B7418A4E6A1CE1D6A26

34 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.irdleak.nz/
Redirect Chain
  • http://www.ird-leak.nz/
  • https://www.ird-leak.nz/
  • https://irdleak.nz/
  • https://www.irdleak.nz/
15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.irdleak.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
13.237.233.226 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-237-233-226.ap-southeast-2.compute.amazonaws.com
Software
/
Resource Hash
553b0ddf20f8fb901d93fd81d1b4738fed15e745e95521a4ea037992e6da95c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
71639
content-encoding
gzip
content-length
5587
content-type
text/html
date
Wed, 18 Sep 2024 23:58:32 GMT
strict-transport-security
max-age=31536000
vary
x-wf-forwarded-proto, Accept-Encoding
x-cache
HIT
x-cache-hits
0
x-cluster-name
ap-southeast-2-prod-hosting-red
x-lambda-id
0bde981d-def9-4d1f-88e6-8048f6411a3e
x-served-by
cache-syd10174-SYD
x-timer
S1726703913.878789,VS0,VE1

Redirect headers

content-length
166
content-type
text/html
date
Wed, 18 Sep 2024 23:58:32 GMT
location
https://www.irdleak.nz/
strict-transport-security
max-age=31536000
ird-data-leak.webflow.5efe17c68.css
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/css/ 		45 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/css/ird-data-leak.webflow.5efe17c68.css
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96cb95e08f4393dc95cfaedebe8752c20b5d61cf5f0e649ca9d6a1e858b73949

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"50aabc230cc1a7b7eb78df7b9f3a0dab"
x-amz-version-id
YiAOFLF3wVD8wUDE9aOPFz8IRlIG_3IY
age
76396
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:32 GMT
content-type
text/css
last-modified
Wed, 18 Sep 2024 02:45:16 GMT
vary
Accept-Encoding
x-amz-id-2
L/A3n61sHcXa6mhNWaw/PKvAR4dXoC1+gRP4yxCAm+T5SnPveiG3H91aMUdDEmC7Z03apQSQad4=
cache-control
public, max-age=31536000, immutable
x-amz-request-id
WR94DZWKGVQHHSAZ
cf-ray
8c5548e029f1d9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
10098
server
cloudflare
x-amz-server-side-encryption
AES256
webfont.js
ajax.googleapis.com/ajax/libs/webfont/1.6.26/ 		13 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:810::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

content-encoding
gzip
age
369619
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 17:18:14 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 17:18:14 GMT
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
5437
x-xss-protection
0
server
sffe
66e262fac8062a18d07bf3a9%2F652d31f3dc22d7b4ee708e44%2F66e7a4c50c466b8920c7282e%2Fclarity_script-1.9.8.js
cdn.prod.website-files.com/ 		318 B
663 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9%2F652d31f3dc22d7b4ee708e44%2F66e7a4c50c466b8920c7282e%2Fclarity_script-1.9.8.js
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a07dbf7f3db26a66812a10b0e5c3f460085769a07d5ba7100589733d51457ef6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"4a72708fa5e19fab327c84b819d4db43"
x-amz-version-id
ylSY9hIFIONL5H.BU3TaEkNBULTh9Oc7
age
77310
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:32 GMT
content-type
application/javascript
last-modified
Mon, 16 Sep 2024 03:23:50 GMT
vary
Accept-Encoding
x-amz-id-2
oAmod9zTy/Uy8p94qXF0YVtPpsD8ZnDC/O6p2jDIQg16EM75BHK55ePGt2mgfhLR4vuiSNTPASE=
cache-control
max-age=84600, must-revalidate
x-amz-request-id
SA52K6B1T6XE2MD4
cf-ray
8c5548e029ecd9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
249
server
cloudflare
x-amz-server-side-encryption
AES256
66e26a38214f0dac23d4d7a8_Matrix.jpg
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/ 		637 KB
638 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/66e26a38214f0dac23d4d7a8_Matrix.jpg
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55717bd622325ff656aea338c78132f5753774549821a114cca12e1a72661eb2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cf-bgj
h2pri
etag
"543083db778f4b40693e17b961af993b"
x-amz-version-id
l.M7T2VU0vAerTvCsd5MiOe0xVpHqFXc
cf-cache-status
HIT
age
589549
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:32 GMT
content-type
image/jpeg
last-modified
Thu, 12 Sep 2024 04:12:42 GMT
vary
Accept-Encoding
x-amz-id-2
23YRYNc2Z8jCs0jpIo8BylzwFh6ndJhL7/g6rmu9SfPkZiOB9WH0P7tbVbbAqC4lJAf84b2dxiw=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
VJZYHPQRH5E0CKJN
cf-ray
8c5548e029efd9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
652439
server
cloudflare
x-amz-server-side-encryption
AES256
jquery-1.12.4.js
code.jquery.com/ 		287 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.jquery.com/jquery-1.12.4.js
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::649 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

content-encoding
gzip
etag
W/"28feccc0-47a36"
age
3774988
x-cache
HIT, HIT
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Fri, 18 Oct 1991 12:00:00 GMT
x-cache-hits
16009, 67979
x-served-by
cache-lga21970-LGA, cache-akl10334-AKL
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=604800
x-timer
S1726703913.011410,VS0,VE0
cross-origin-resource-policy
cross-origin
via
1.1 varnish, 1.1 varnish
accept-ranges
bytes
access-control-allow-origin
*
content-length
87176
server
nginx
get-form-js-code
app.campaign.engineering/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app.campaign.engineering/get-form-js-code
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.210.94.93 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-94-93.ap-southeast-2.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
0108a69a794037504d6e55537b7882eb6d062834bdf8879f185c5895ebbc57bd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
Content-Encoding
gzip
Pragma
no-cache
Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Access-Control-Allow-Origin
*
Content-Length
1742
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Sep 2024 23:58:34 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
Apache/2.4.52 (Ubuntu)
Access-Control-Allow-Headers
Content-Type
toastr.min.js
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.min.js
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"659946f7-75c"
age
1138597
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n17Mqr5rrS7N8xPE4pUUpt7FXs9%2F1AEhvfYEaRU3XTk8UCB2x0KfSsom3TD6Gx3TcooJHLXBUdGVuCwn0FMZZpoU8jcbsxZ5G69uHTOaiqHVFCdhIDBWySJc4qIToxb86nqgmIxI"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 08 Sep 2025 23:58:33 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 06 Jan 2024 13:26:31 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8c5548e1e86ad9bf-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
1884
server
cloudflare
toastr.css
cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/ 		8 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/toastr.js/latest/toastr.css
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c7290b870b4b3785b24bb7296a6db28943b0afbd3db6f17737fafbfa038cc49c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cf-cdnjs-via
cfworker/kv
content-encoding
br
cf-cache-status
HIT
etag
"659946f5-ae9"
age
110914
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yybyf58YtFyNuxOlY4lwqa%2Fy4xxQSzY827z9yYYihSBd%2BwVa2%2BXl53INgdY2ffYYxe9hsTKSkns6otY%2FXsGSRiXtGiJwlBk0WFEo2XwZB0hp%2BmO%2FqxXHWGQ3NNg0BszzcR523OG3"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
expires
Mon, 08 Sep 2025 23:58:33 GMT
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
text/css; charset=utf-8
last-modified
Sat, 06 Jan 2024 13:26:29 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15780000
cache-control
public, max-age=30672000
timing-allow-origin
*
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy
cross-origin
cf-ray
8c5548e238f5d9bf-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2793
server
cloudflare
verifalia-widget.js
unpkg.com/verifalia-widget@1.12.1/dist/ 		41 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/verifalia-widget@1.12.1/dist/verifalia-widget.js
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:f8cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d04de3f350166dc937c3ea2688b905ec73f4549f9800aadfcc6e0af7db91ecc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.irdleak.nz
Referer
https://www.irdleak.nz/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
"a266-yYr3Owuoe1UNUkqSVhxDX2PIjGc"
age
702310
x-content-type-options
nosniff
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
application/javascript; charset=utf-8
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01J7EVCQX4H8RT2K8A5RSJB8FK-syd
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=31536000
via
1.1 fly.io
cf-ray
8c5548e3dce2d994-AKL
access-control-allow-origin
*
server
cloudflare
api.js
www.google.com/recaptcha/ 		1 KB
988 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.221.68 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
syd09s31-in-f4.1e100.net
Software
ESF /
Resource Hash
560b99bb3fb6d44f83a0162ea951c19e59c9c26b512f5d942ba696338885e16a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 23:58:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 18 Sep 2024 23:58:33 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3e54v103j8qbb.cloudfront.net/js/jquery-3.5.1.min.dc5e7f18c8.js?site=66e262fac8062a18d07bf3a9
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.35.148.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-35-148-61.syd1.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.irdleak.nz
Referer
https://www.irdleak.nz/

Response headers

access-control-max-age
3000
content-encoding
br
etag
W/"dc5e7f18c8d36ac1d3d4753a87c98d0a"
age
9528
access-control-allow-methods
GET
x-cache
Hit from cloudfront
x-amz-cf-id
bCdhVSLkSIYTItHlB9ldzo0xj_4NQdvwEJIEtpgOihs05LphftC-9w==
date
Wed, 18 Sep 2024 21:19:46 GMT
content-type
application/javascript
last-modified
Mon, 20 Jul 2020 17:53:02 GMT
vary
Accept-Encoding
cache-control
max-age=84600, must-revalidate
via
1.1 31e699f4ddea861ea4db5babb1fbf9d4.cloudfront.net (CloudFront)
access-control-allow-origin
*
x-amz-cf-pop
SYD1-C1
server
AmazonS3
webflow.cb81bc6cd.js
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/js/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/js/webflow.cb81bc6cd.js
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c31914467db8e455b281bcd8df76705989ba314f835c04951345b07480cec9d7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

content-encoding
gzip
cf-cache-status
HIT
etag
"08a8e06d43f1347cff5f528e93dbd833"
x-amz-version-id
2QAlTfqjfWXlRU9lnuAT2t81WiwIq4bc
age
520690
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
text/javascript
last-modified
Thu, 12 Sep 2024 23:19:58 GMT
vary
Accept-Encoding
x-amz-id-2
QO5L9otuBTiiAehS2GouCVtN7BLtVsjwxOqGROUslqlsINCXhvGGY3uDdV07q/CyBtPDIBH7v9GmcOw8r3wyOw==
cache-control
public, max-age=31536000, immutable
x-amz-request-id
AZ2E00K8WY4030VJ
cf-ray
8c5548e36fc3d9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
16838
server
cloudflare
x-amz-server-side-encryption
AES256
css
fonts.googleapis.com/ 		55 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/webfont/1.6.26/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:80a::200a Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 18 Sep 2024 23:58:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
text/css; charset=utf-8
last-modified
Wed, 18 Sep 2024 23:03:30 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
o3x48x184k
www.clarity.ms/tag/ 		637 B
1001 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/o3x48x184k?ref=Webflow
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9%2F652d31f3dc22d7b4ee708e44%2F66e7a4c50c466b8920c7282e%2Fclarity_script-1.9.8.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::30 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
ddeb178c5008c3d0700309a11110af60c49587d8fa0bf1297f191de81cc643c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cache-control
no-cache, no-store
request-context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
expires
-1
accept-ranges
bytes
x-cache
CONFIG_NOCACHE
content-length
637
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
application/x-javascript
x-azure-ref
20240918T235833Z-1596549d49bxkc22aekyacgv2c00000008zg00000000bmpn
66e272575c1aa1d3d5007b7b_Rectangle%2035.png
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/ 		247 KB
248 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/66e272575c1aa1d3d5007b7b_Rectangle%2035.png
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/css/ird-data-leak.webflow.5efe17c68.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb05e0a1e68e235d5c980a873a9c40d1ab6456e5404d294268b01bd87f199341

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/css/ird-data-leak.webflow.5efe17c68.css

Response headers

cf-cache-status
HIT
etag
"551a5ef64384a6e429360a0d25f1cb45"
x-amz-version-id
hVsXWgkAryijREsV1JNgpk04Rn8wmveO
age
587472
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
image/png
last-modified
Thu, 12 Sep 2024 04:47:21 GMT
vary
Accept-Encoding
x-amz-id-2
kWUPQQevwG7ZZohZyHKhlU6urog0YTCiJpIFpAkkQMOnfeGzxxmEEwLJHEz/XMgVHeKgZmo0Xh0=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
HTG1F6BNN39BNGFN
cf-ray
8c5548e38805d9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
253058
server
cloudflare
x-amz-server-side-encryption
AES256
66e26556be74b03ad5316522_digital-7.ttf
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/66e26556be74b03ad5316522_digital-7.ttf
Requested by
Host: cdn.prod.website-files.com
URL: https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/css/ird-data-leak.webflow.5efe17c68.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec3ac662132b9a60e3b09b8a971a131a55aeee1447146aa38ea7b32d777bc3c8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.irdleak.nz
Referer
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/css/ird-data-leak.webflow.5efe17c68.css

Response headers

access-control-max-age
3000
cf-cache-status
HIT
etag
"1e670d88b23c7ab956f1829e3828a210"
x-amz-version-id
Jay4gI7epzSA4t4CcZLpCTBlC7xl5kdG
age
247212
access-control-allow-methods
GET, HEAD
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
application/x-font-ttf
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified
Thu, 12 Sep 2024 03:53:11 GMT
x-amz-id-2
/6gVhCfW/DulQKz3ew6vnwhUn3xlzUChq+cIgXwofIMktgdc/09cx8wqU9ycQE6VefQXoJSxg6A=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
QC3JE6ESJ5SRR67K
cf-ray
8c5548e3dbe7d9b8-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
34360
server
cloudflare
x-amz-server-side-encryption
AES256
66e268e6c8062a18d0822bff_Arrow-down.png
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/ 		705 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/66e268e6c8062a18d0822bff_Arrow-down.png
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97c15d266cfb147a061ad486e9ea5fafee0c16e1bcb290b974c4c1b245304fd9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cf-cache-status
HIT
etag
"66fbfd6a0e3173ad5cb3452cffb17ae8"
x-amz-version-id
G3WbCQunudSSwaIa2FiSYtnP6V81v5u.
age
589886
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
image/png
last-modified
Thu, 12 Sep 2024 04:07:06 GMT
vary
Accept-Encoding
x-amz-id-2
t9deT5dV8eGzH8RA79yHsxHy0V9uQ7a5yAJeDEUPvkz24znBknSKvEh8gpble175tzHHkBo7yBs=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
SDNBE71CBH78HDEV
cf-ray
8c5548e39836d9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
705
server
cloudflare
x-amz-server-side-encryption
AES256
66e7aad6c20ab457e13cff4b_IRD-data-sharing-social-madia-platforms-1.png
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/ 		299 KB
299 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/66e7aad6c20ab457e13cff4b_IRD-data-sharing-social-madia-platforms-1.png
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35a2ed253720d4e877bdbf2903f55a5c23f1ca62ddb7bd4a2a31eac11faf1604

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cf-cache-status
HIT
etag
"59e3b4ca88720a1c0703ca65b0dd9599"
x-amz-version-id
Q3a.kG1v5UDkY6T0vYhVaBsGSwJTC9f6
age
245323
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
image/png
last-modified
Mon, 16 Sep 2024 03:49:44 GMT
vary
Accept-Encoding
x-amz-id-2
IRUudEr1P9HFlZ3U3iaTtuZlPCj0S/OknGClM+LSG+EVn+89Ag5iWkxBeMkQTn4pCtrZ2XhNJHY=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
AJXHDCY31QBWDQ7V
cf-ray
8c5548e39839d9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
305844
server
cloudflare
x-amz-server-side-encryption
AES256
Binary-Matrix-Background-Animation-Videos-_-No-Copyright-_-Visual-Effects-Video.mp4
wordpress-1060250-4073233.cloudwaysapps.com/wp-content/uploads/2024/09/ 		32 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://wordpress-1060250-4073233.cloudwaysapps.com/wp-content/uploads/2024/09/Binary-Matrix-Background-Animation-Videos-_-No-Copyright-_-Visual-Effects-Video.mp4
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.59.182.151 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1060250.cloudwaysapps.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.irdleak.nz/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=0-

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=31536000
etag
"66e4bf44-578f9a"
Content-Range
bytes 0-5738393/5738394
Content-Length
5738394
date
Wed, 18 Sep 2024 23:58:34 GMT
content-type
video/mp4
last-modified
Fri, 13 Sep 2024 22:40:04 GMT
server
nginx
clarity.js
www.clarity.ms/s/0.7.47/ 		64 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.47/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/o3x48x184k?ref=Webflow
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2620:1ec:bdf::30 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

x-azure-ref
20240918T235833Z-1596549d49bxkc22aekyacgv2c00000008zg00000000bmpz
cache-control
public, max-age=86400
x-ms-version
2018-03-28
content-encoding
br
etag
W/"0x8DCD7C9A888BF71"
x-fd-int-roxy-purgeid
51562430
x-ms-request-id
33f99c07-601e-0050-34c1-09ec8b000000
access-control-allow-origin
*
x-cache
TCP_HIT
date
Wed, 18 Sep 2024 23:58:33 GMT
content-type
application/javascript;charset=utf-8
vary
Accept-Encoding
last-modified
Wed, 18 Sep 2024 10:07:09 GMT
collect
p.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.irdleak.nz/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.irdleak.nz
Date
Wed, 18 Sep 2024 23:58:34 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 		47 KB
48 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.irdleak.nz
Referer
https://fonts.googleapis.com/

Response headers

age
440686
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sat, 13 Sep 2025 21:33:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 13 Sep 2024 21:33:48 GMT
last-modified
Thu, 14 Dec 2023 02:08:40 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
48236
x-xss-protection
0
server
sffe
memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
fonts.gstatic.com/s/opensans/v40/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v40/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:300,300italic,400,400italic,600,600italic,700,700italic,800,800italic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:809::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.irdleak.nz
Referer
https://fonts.googleapis.com/

Response headers

age
369773
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Sun, 14 Sep 2025 17:15:41 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 14 Sep 2024 17:15:41 GMT
last-modified
Thu, 14 Dec 2023 02:10:01 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
50296
x-xss-protection
0
server
sffe
get-form-code
app.campaign.engineering/ 		13 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://app.campaign.engineering/get-form-code?id=145
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.210.94.93 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-94-93.ap-southeast-2.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
c7d1b71cf8c5425273f24e1035ce62795942e9888124ecce86e0100a282189f4

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

Cache-Control
no-store, no-cache, must-revalidate, no-store, max-age=0, no-cache
Content-Encoding
gzip
Pragma
no-cache
Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Access-Control-Allow-Origin
*
Content-Length
2189
Keep-Alive
timeout=5, max=100
Date
Wed, 18 Sep 2024 23:58:34 GMT
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Server
Apache/2.4.52 (Ubuntu)
Access-Control-Allow-Headers
Content-Type
66e774442414abaeaf6beafd_image-nav-newbrand-white-p-500.png
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/66e774442414abaeaf6beafd_image-nav-newbrand-white-p-500.png
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
728d4e618d00351efeb35455cce673129a2f805381ae234000b0780fa26fb7e1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cf-cache-status
HIT
etag
"35a2f4bd6165f091754ab23e90118075"
x-amz-version-id
O7I5pgmWgSuLwgVuRGtC4iYWynlyAElo
age
259283
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:34 GMT
content-type
image/png
last-modified
Sun, 15 Sep 2024 23:56:55 GMT
vary
Accept-Encoding
x-amz-id-2
/S+ZPNStFSHNLTxy6YBk3R1dLfWKSpfoqpLK03ciujoFkTEA9sQTh1b2Q1SeIi6Rf6CcNTbFwfA=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
QEHM2SMW3CR6E40V
cf-ray
8c5548e8c9c4d9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
17468
server
cloudflare
x-amz-server-side-encryption
AES256
recaptcha__en.js
www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/ 		538 KB
213 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/EGbODne6buzpTnWrrBprcfAY/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onloadCallback&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4006:804::2003 Sydney, Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://www.irdleak.nz
Referer
https://www.irdleak.nz/

Response headers

content-encoding
gzip
age
145852
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 17 Sep 2025 07:27:42 GMT
alt-svc
h3=":443"; ma=2592000
date
Tue, 17 Sep 2024 07:27:42 GMT
last-modified
Tue, 03 Sep 2024 02:00:38 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
217247
x-xss-protection
0
server
sffe
ajax-loader.gif
app.campaign.engineering/assets/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://app.campaign.engineering/assets/images/ajax-loader.gif
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.210.94.93 Sydney, Australia, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-210-94-93.ap-southeast-2.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

ETag
"1052-61bc80b748391"
Connection
Keep-Alive
Access-Control-Allow-Methods
GET, POST, PUT, DELETE, OPTIONS
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
4178
Keep-Alive
timeout=5, max=99
Date
Wed, 18 Sep 2024 23:58:34 GMT
Last-Modified
Wed, 26 Jun 2024 09:57:39 GMT
Content-Type
image/gif
Server
Apache/2.4.52 (Ubuntu)
Access-Control-Allow-Headers
Content-Type
Binary-Matrix-Background-Animation-Videos-_-No-Copyright-_-Visual-Effects-Video.mp4
wordpress-1060250-4073233.cloudwaysapps.com/wp-content/uploads/2024/09/ 		36 KB
36 KB 		Media
General
Check archive.org
Download Go to
Full URL
https://wordpress-1060250-4073233.cloudwaysapps.com/wp-content/uploads/2024/09/Binary-Matrix-Background-Animation-Videos-_-No-Copyright-_-Visual-Effects-Video.mp4
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.59.182.151 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1060250.cloudwaysapps.com
Software
nginx /
Resource Hash
109e23a90faeba8c97eff0dfa85b0f0c68004174e7b866de66883d92aa83b7aa

Request headers

Referer
https://www.irdleak.nz/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=5701632-

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=31536000
etag
"66e4bf44-578f9a"
Content-Range
bytes 5701632-5738393/5738394
Content-Length
36762
date
Wed, 18 Sep 2024 23:58:35 GMT
last-modified
Fri, 13 Sep 2024 22:40:04 GMT
content-type
video/mp4
server
nginx
collect
p.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.irdleak.nz/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.irdleak.nz
Date
Wed, 18 Sep 2024 23:58:35 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true
Binary-Matrix-Background-Animation-Videos-_-No-Copyright-_-Visual-Effects-Video.mp4
wordpress-1060250-4073233.cloudwaysapps.com/wp-content/uploads/2024/09/ 		5 MB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://wordpress-1060250-4073233.cloudwaysapps.com/wp-content/uploads/2024/09/Binary-Matrix-Background-Animation-Videos-_-No-Copyright-_-Visual-Effects-Video.mp4
Requested by
Host: www.irdleak.nz
URL: https://www.irdleak.nz/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
139.59.182.151 Slough, United Kingdom, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
1060250.cloudwaysapps.com
Software
nginx /
Resource Hash

Request headers

Referer
https://www.irdleak.nz/
Accept-Encoding
identity;q=1, *;q=0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Range
bytes=32768-

Response headers

x-robots-tag
noindex, nofollow
cache-control
public, max-age=31536000
etag
"66e4bf44-578f9a"
Content-Range
bytes 32768-5738393/5738394
Content-Length
5705626
date
Wed, 18 Sep 2024 23:58:36 GMT
last-modified
Fri, 13 Sep 2024 22:40:04 GMT
content-type
video/mp4
server
nginx
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=810AAA1BA7EE40AEB4DBF0A989DF5CDE&RedC=c.clarity.ms&MXFR=16CEFE2EE2C365D9269BEAD0E6C36B45
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=810AAA1BA7EE40AEB4DBF0A989DF5CDE&MUID=2813F25FCF8C6B7418A4E6A1CE1D6A26
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=810AAA1BA7EE40AEB4DBF0A989DF5CDE&MUID=2813F25FCF8C6B7418A4E6A1CE1D6A26
Protocol
H2
Server
52.231.230.148 Busan, Korea, Republic Of, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cache-control
private, no-cache, proxy-revalidate, no-store
pragma
no-cache
etag
"3bd2d078c5edda1:0"
accept-ranges
bytes
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
42
date
Wed, 18 Sep 2024 23:58:37 GMT
content-type
image/gif
last-modified
Tue, 13 Aug 2024 21:12:15 GMT
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET

Redirect headers

cache-control
private, no-cache, proxy-revalidate, no-store
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=810AAA1BA7EE40AEB4DBF0A989DF5CDE&MUID=2813F25FCF8C6B7418A4E6A1CE1D6A26
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 0B9F8F7AA1934A4F93E95999591B416B Ref B: SYD03EDGE1920 Ref C: 2024-09-18T23:58:37Z
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-length
0
date
Wed, 18 Sep 2024 23:58:36 GMT
x-powered-by
ASP.NET
66e3be698e62667cce385154_favic0n-32.png
cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/ 		2 KB
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.website-files.com/66e262fac8062a18d07bf3a9/66e3be698e62667cce385154_favic0n-32.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.161.117 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d43e5710aed858b94a3c948535269edf3404139f57aadfe09976078dea188ebd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://www.irdleak.nz/

Response headers

cf-cache-status
HIT
etag
"4c4d0d52260585d8c07872fca41645cf"
x-amz-version-id
zFkayWjf9rwU68HIzkGThS0jjuow.tvX
age
502466
alt-svc
h3=":443"; ma=86400
date
Wed, 18 Sep 2024 23:58:36 GMT
content-type
image/png
last-modified
Fri, 13 Sep 2024 04:24:10 GMT
vary
Accept-Encoding
x-amz-id-2
PmOPTuDHO4hbUdMmX7GyQOLpxCvigsjfvmrS+taTQobw9tEDpomUZQSDSXeVUiEtBRU2U4y5Xww=
cache-control
max-age=31536000, must-revalidate
x-amz-request-id
H28B1ZC0XJ9YEGKB
cf-ray
8c5548f4d9acd9bb-AKL
accept-ranges
bytes
access-control-allow-origin
*
content-length
2105
server
cloudflare
x-amz-server-side-encryption
AES256
collect
p.clarity.ms/ 		0
278 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.47/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.122.63.128 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Accept
application/x-clarity-gzip
Referer
https://www.irdleak.nz/

Response headers

Request-Context
appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64
Access-Control-Allow-Origin
https://www.irdleak.nz
Date
Wed, 18 Sep 2024 23:58:38 GMT
Vary
Origin
Server
nginx
Connection
keep-alive
Access-Control-Allow-Credentials
true

Verdicts & Comments Add Verdict or Comment

14 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| WebFont function| clarity function| $ function| jQuery function| verifyForm object| toastr object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client function| tram object| Webflow object| VerifaliaWidget object| recaptcha

10 Cookies

Domain/Path Name / Value
www.clarity.ms/ Name: CLID
Value: 51824437a3514e639f92cf5daa32bbd3.20240918.20250918
.irdleak.nz/ Name: _clck
Value: gaus7l%7C2%7Cfpa%7C0%7C1722
.irdleak.nz/ Name: _clsk
Value: 1btwtmt%7C1726703914807%7C1%7C1%7Cp.clarity.ms%2Fcollect
.bing.com/ Name: MUID
Value: 2813F25FCF8C6B7418A4E6A1CE1D6A26
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 2813F25FCF8C6B7418A4E6A1CE1D6A26
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 2813F25FCF8C6B7418A4E6A1CE1D6A26
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
app.campaign.engineering
c.bing.com
c.clarity.ms
cdn.prod.website-files.com
cdnjs.cloudflare.com
code.jquery.com
d3e54v103j8qbb.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
irdleak.nz
p.clarity.ms
unpkg.com
wordpress-1060250-4073233.cloudwaysapps.com
www.clarity.ms
www.google.com
www.gstatic.com
www.ird-leak.nz
www.irdleak.nz
104.17.25.14
104.18.161.117
13.210.94.93
13.237.233.226
13.35.148.61
139.59.182.151
142.251.221.68
172.67.187.207
20.122.63.128
2404:6800:4006:804::2003
2404:6800:4006:809::2003
2404:6800:4006:80a::200a
2404:6800:4006:810::200a
2606:4700::6811:f8cb
2620:1ec:bdf::30
2620:1ec:c11::237
2a04:4e42:200::649
52.231.230.148
75.2.70.75
0108a69a794037504d6e55537b7882eb6d062834bdf8879f185c5895ebbc57bd
0d8601a776b7dc777cd23bc42392d05a43df0d6402328e8913b58811083b513d
109e23a90faeba8c97eff0dfa85b0f0c68004174e7b866de66883d92aa83b7aa
1d04de3f350166dc937c3ea2688b905ec73f4549f9800aadfcc6e0af7db91ecc
30adbc7e799238c336b56a1e20db67910f2a114fc3bc6ced6c550b4c873318aa
35a2ed253720d4e877bdbf2903f55a5c23f1ca62ddb7bd4a2a31eac11faf1604
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
430f36f9b5f21aae8cc9dca6a81c4d3d84da5175eaedcf2fdc2c226302cb3575
4943e91f7f53318d481ca07297395abbc52541c2be55d7276ecda152cd7ad9c3
553b0ddf20f8fb901d93fd81d1b4738fed15e745e95521a4ea037992e6da95c1
55717bd622325ff656aea338c78132f5753774549821a114cca12e1a72661eb2
560b99bb3fb6d44f83a0162ea951c19e59c9c26b512f5d942ba696338885e16a
728d4e618d00351efeb35455cce673129a2f805381ae234000b0780fa26fb7e1
81016ac6be850b72df5d4faa0c3cec8e2c1b0ba0045712144a6766adfad40bee
96cb95e08f4393dc95cfaedebe8752c20b5d61cf5f0e649ca9d6a1e858b73949
97c15d266cfb147a061ad486e9ea5fafee0c16e1bcb290b974c4c1b245304fd9
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
a07dbf7f3db26a66812a10b0e5c3f460085769a07d5ba7100589733d51457ef6
b17609553b24140fc01409b78fa834fe878de6410fe9e8996b0a5f6a984ddd6d
bb05e0a1e68e235d5c980a873a9c40d1ab6456e5404d294268b01bd87f199341
c31914467db8e455b281bcd8df76705989ba314f835c04951345b07480cec9d7
c7290b870b4b3785b24bb7296a6db28943b0afbd3db6f17737fafbfa038cc49c
c7d1b71cf8c5425273f24e1035ce62795942e9888124ecce86e0100a282189f4
d43e5710aed858b94a3c948535269edf3404139f57aadfe09976078dea188ebd
ddb96c25de07962ffbc0243e6e68177ce74aee9fd950cb4f5d8d3c8e6c524a09
ddeb178c5008c3d0700309a11110af60c49587d8fa0bf1297f191de81cc643c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
ec3ac662132b9a60e3b09b8a971a131a55aeee1447146aa38ea7b32d777bc3c8
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d