starhealthleak.st Open in urlscan Pro
2606:4700:3032::6815:4a12  Public Scan

4 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response starhealthleak.st/	27 KB 8 KB	128ms 100ms	Document text/html	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9b1a166d77609684251dd71f73058b928d2fcb3f54674e8277c8ba4e02cf8954 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers access-control-allow-origin * cache-control no-cache cf-cache-status DYNAMIC cf-ray 8cc60513cfd00418-FRA content-disposition inline; filename=home.html content-encoding br content-type text/html; charset=utf-8 date Wed, 02 Oct 2024 16:20:26 GMT last-modified Wed, 02 Oct 2024 14:57:35 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=An8bRJhR7sa2l5lPKdeG9mqGrhe7sC%2FYV62HwMpi%2BMO8OUmQW%2BHXg%2BaY0whYfGuJAt5A3gm5ysqNo4pBKrjVhhiFbWDGh2hwE6pTmbigFQdCtbD8Y4HGNm8xi43YTSN75JSGeQgsWj1GYC31tHWrIQ%3D%3D"}],"group":"cf-nel","max_age":604800} server cloudflare speculation-rules "/cdn-cgi/speculation"
GET H2	200	speculation starhealthleak.st/cdn-cgi/	128 B 478 B	16ms 16ms	Other application/speculationrules+json	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://starhealthleak.st/cdn-cgi/speculation Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://starhealthleak.st Referer https://starhealthleak.st/ Response headers nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p%2Fe16u%2BBd%2BJeHw0fEFGoKeYSqK6euyHPu6tvU1ke%2BELkZPozr6P46Zn90qNUfCdE28JjwT72qKg84cWjTTFF%2FnzCCS5tx7WpDhtlPgWKC0UrWsCbPJQpdbzhhrqoEcPCDkfP1Osox42idRsa4pq%2FNA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051478720418-FRA access-control-allow-origin https://starhealthleak.st content-length 128 date Wed, 02 Oct 2024 16:20:26 GMT content-type application/speculationrules+json vary Origin, Accept-Encoding server cloudflare
GET H2	200	tailwind.min.css cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/	3 MB 151 KB	31ms 7ms	Stylesheet text/css	2a04:4e42:200::485 FASTLY
General Check archive.org Show headers Download Go to Full URL https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US), Reverse DNS Software / Resource Hash b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers access-control-expose-headers * content-encoding br etag W/"2cc503-cyTPK4s7rX9aC3Y3NNaHIxjV1fQ" age 488434 x-content-type-options nosniff x-jsd-version-type version alt-svc h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 x-cache HIT date Wed, 02 Oct 2024 16:20:26 GMT content-type text/css; charset=utf-8 x-served-by cache-fra-eddf8230091-FRA vary Accept-Encoding strict-transport-security max-age=31536000; includeSubDomains; preload cache-control public, max-age=31536000, s-maxage=31536000, immutable timing-allow-origin * cross-origin-resource-policy cross-origin accept-ranges bytes access-control-allow-origin * content-length 154109 x-jsd-version 2.2.19
GET H2	200	animation.js Show response starhealthleak.st/	1012 B 751 B	102ms 101ms	Script text/javascript	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://starhealthleak.st/animation.js Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2651b1e9fd1a34ccf2985cd848869f8b561a12929c3556aaab62b9b46f372d18 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED etag W/"1727881131.7323022-1012-1966934319" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D4slm4v%2BrIiTdmFgzTHo%2B9KDpzNiJyuYMMrbQdLJBW%2Bh5JUWkLVrT07fzeIiKqgB0%2FkeWhhGelf3PNWABFfnOZMhhw5ZaApCcFasbnEi%2BziZIYxluA0YAvqTUtM8jCzI8mB6pifXbJSVaZu8lc%2BcdA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051478730418-FRA access-control-allow-origin * date Wed, 02 Oct 2024 16:20:27 GMT content-type text/javascript; charset=utf-8 content-disposition inline; filename=animation.js vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:58:51 GMT
GET H2	200	typewriter.js Show response starhealthleak.st/	13 KB 5 KB	104ms 103ms	Script text/javascript	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://starhealthleak.st/typewriter.js Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b2082ce042eeb13a7343c05a4edf782b38ed5900d709935e145a5b83abf91df2 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED etag W/"1727881134.78433-13199-2168981966" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Qrfmsy7tH7Wi%2BVaH1wfTWSxsxBvsN9pEH%2Be5HWTAobMUJ2EIdj18yjWugmoKNgV9RibSO2%2FEN3yXNgiBT4Gqu2oqlKCCErDDHBq94vfXRusDBaKEAIwE3Gs34s2nDJhKALteQFkKdJy9vxg%2F5Whtlw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051478750418-FRA access-control-allow-origin * date Wed, 02 Oct 2024 16:20:27 GMT content-type text/javascript; charset=utf-8 content-disposition inline; filename=typewriter.js vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:58:54 GMT
GET H2	200	particles.min.js Show response starhealthleak.st/	23 KB 6 KB	122ms 121ms	Script text/javascript	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://starhealthleak.st/particles.min.js Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED etag W/"1727881143.6554031-23364-2650344104" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=KXXcscIDiUdcccNf8luFJEkqwpAJy2qcn4vaal0kDaScY0SeSUL%2BauO6dToXsg%2B3Wjb8XPcSLK%2BNoFivTNAPFLEUqiKORc2NYornbkJ3iue0I7x3BAiQ6b32hHVD1uEuq0EOE%2F6eLeIQONixB0akAQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051478760418-FRA access-control-allow-origin * date Wed, 02 Oct 2024 16:20:27 GMT content-type text/javascript; charset=utf-8 content-disposition inline; filename=particles.min.js vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:59:03 GMT
GET H2	200	typed.min.js Show response starhealthleak.st/	12 KB 4 KB	100ms 99ms	Script text/javascript	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://starhealthleak.st/typed.min.js Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 5154391ed1d39ada814f7298e5c77802f238ee9a74809c0833eab8e470fda0b9 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED etag W/"1727881034.9120138-11792-1958742279" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AAaLWPBYYjb38W%2Fec52V8D1rIFzqemd6TukHFb5AST1SzIIYZ3h6blDYG6I7bCquymLwiTZ81w2dAHcQ4%2FoUjF5%2FDhhVLj8keVer9VFeTHD3fsMctbxxtogmj1dQK6IuqHphQDC0kALvLyKGPx%2BALg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051478770418-FRA access-control-allow-origin * date Wed, 02 Oct 2024 16:20:27 GMT content-type text/javascript; charset=utf-8 content-disposition inline; filename=typed.min.js vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:57:14 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	312 KB 104 KB	46ms 25ms	Script application/javascript	2a00:1450:4001:803::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-9L0L4LFLF9 Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:803::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 99432c9f04638d8228e5317fe5c4118d160d636f58d61552e86fcd880dd21214 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers content-encoding br report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],} expires Wed, 02 Oct 2024 16:20:27 GMT alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 16:20:27 GMT content-type application/javascript; charset=UTF-8 vary Accept-Encoding access-control-allow-headers Cache-Control strict-transport-security max-age=31536000; includeSubDomains cache-control private, max-age=900 cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0 access-control-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 106005 x-xss-protection 0 server Google Tag Manager
GET H2	200	Star_Health_and_Allied_Insurance.svg starhealthleak.st/	73 KB 22 KB	133ms 133ms	Image image/svg+xml	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://starhealthleak.st/Star_Health_and_Allied_Insurance.svg Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0ea3f523824564a4248191dea4d497cd7cb771790745228afce6d7d04ec003f8 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} content-encoding br cf-cache-status EXPIRED etag W/"1727881149.8024485-75119-3254915700" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zW13l%2FzoAfK5B%2BfmJQa4f2KexAAS%2ByxF3NqK7TtBBwj9AL7njlhDSJmEokYTMCZv4QA4XQtEUVSQG7UcL1F918YfrgcojrI7DmovXEQAB1T7U2VG48RV8QpU3QSYGqpgnB32VI4ieSNdByNpzlrtzA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051478780418-FRA access-control-allow-origin * date Wed, 02 Oct 2024 16:20:27 GMT content-type image/svg+xml; charset=utf-8 content-disposition inline; filename=Star_Health_and_Allied_Insurance.svg vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:59:09 GMT
GET H2	200	image2.png starhealthleak.st/	147 KB 148 KB	123ms 123ms	Image image/png	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://starhealthleak.st/image2.png Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b23de92781fefb04e1e8c65f3184e54114c1c38d35a30f4f5c16657296bc2db5 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status EXPIRED etag "1727881092.9827526-150921-1632438284" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0H0v%2B44zSt%2BZ6UDBjznk8jqktQ5Q%2FPSFaINkdqV1wzFVIq1028Eqv20F6y0Tf2fDJcseKfWyIsv4nJhSFVnUbrFkzl1JEqfab%2BCn4fSp4tO4A9tI2eRMjSVNYjvDkT058d%2B9NDLnWHKX9THlWkMGTw%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051478790418-FRA accept-ranges bytes access-control-allow-origin * content-length 150921 date Wed, 02 Oct 2024 16:20:27 GMT content-type image/png content-disposition inline; filename=image2.png vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:58:12 GMT
GET H2	200	bot1.gif starhealthleak.st/	1 MB 1 MB	106ms 104ms	Image image/gif	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://starhealthleak.st/bot1.gif Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 68d77c7509405e5a46a73c8fd4cea0b47c85055cc2b62c603eee49aec5257d47 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status EXPIRED etag "1727881110.3270564-1108787-1359284030" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DgccOu2WAJLeMwFVSv1x2l91m7X%2Fnuto5eyJ3TGjB0auEwgTVoEGLe25ieqw6OFsDpje%2BU4nWPQW6HSWVYld2Ka7g3CRFKtMmcgx3X1udWD63cEKxa6g1ihZDeWqFrRpMYYAWejQHIkxUWgJkXvb2g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051549650418-FRA accept-ranges bytes access-control-allow-origin * content-length 1108787 date Wed, 02 Oct 2024 16:20:27 GMT content-type image/gif content-disposition inline; filename=bot1.gif vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:58:30 GMT
GET H2	200	telegram.png starhealthleak.st/	105 KB 105 KB	135ms 133ms	Image image/png	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://starhealthleak.st/telegram.png Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eeb69561452bfcafbbceaa4cb48effa7443894749b0d1246651c431261ee85bc Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status MISS etag "1727881059.1910968-107474-1966999848" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XYFEdr3khysXzkvRq%2B5giud43l0SVaGvXnCurv%2BynimohY2sJ4cz0VK%2BTpPhQhODaNpRHIQ3JUBlkumSOolltGvx0c6Wr9K9oaLnqcbVJLA50cBOL4e%2Ftyst06JiMW3hCo9%2BxKVodHpI%2BEZ9RmM%2F%2Fg%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051549680418-FRA accept-ranges bytes access-control-allow-origin * content-length 107474 date Wed, 02 Oct 2024 16:20:27 GMT content-type image/png content-disposition inline; filename=telegram.png vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:57:39 GMT
GET H2	200	bot2.gif starhealthleak.st/	3 MB 3 MB	125ms 124ms	Image image/gif	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://starhealthleak.st/bot2.gif Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 7bad14d0be5b0fc922c54f76cf47ed11bd5131ac78a6ed7a66bd4d7b31031f03 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status EXPIRED etag "1727881105.189979-2749389-1359611711" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gQP%2BA6NvbCc94uD5WgFaxfh8gRilHYhjDQA10O99J6wo4JCgyGVdr3egG4sI2rWxUIVWWH6Pkzc7Mybf%2F6qnC1o7tooclXldN5ovHJOyFM7jUXFLIQ0ei1wSadSEkkQIvU3D6t1qh%2B4xpjbJUscQoA%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc6051549690418-FRA accept-ranges bytes access-control-allow-origin * content-length 2749389 date Wed, 02 Oct 2024 16:20:27 GMT content-type image/gif content-disposition inline; filename=bot2.gif vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:58:25 GMT
GET H2	200	vcd15cbe7772f49c399c6a5babf22c1241717689176015 Show response static.cloudflareinsights.com/beacon.min.js/	19 KB 7 KB	48ms 28ms	Script text/javascript	2606:4700::6810:4f49 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://static.cloudflareinsights.com/beacon.min.js/vcd15cbe7772f49c399c6a5babf22c1241717689176015 Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Origin https://starhealthleak.st Referer https://starhealthleak.st/ Response headers cache-control public, max-age=86400 content-encoding gzip etag W/"2024.6.1" cross-origin-resource-policy cross-origin cf-ray 8cc605156a4cd270-FRA access-control-allow-origin * date Wed, 02 Oct 2024 16:20:27 GMT content-type text/javascript;charset=UTF-8 last-modified Thu, 06 Jun 2024 15:52:56 GMT vary Accept-Encoding server cloudflare
GET H2	200	553521 archive.org/embed/ Frame 133D	0 0	550ms 231ms	Document text/html	207.241.224.2 INTERNET-ARCHIVE
General Check archive.org Show headers Download Go to Full URL https://archive.org/embed/553521 Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 207.241.224.2 , United States, ASN7941 (INTERNET-ARCHIVE, US), Reverse DNS www.archive.org Software nginx/1.24.0 (Ubuntu) / Resource Hash Security Headers Name Value Strict-Transport-Security max-age=15724800 Request headers Referer https://starhealthleak.st/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Response headers content-encoding gzip content-type text/html; charset=UTF-8 date Wed, 02 Oct 2024 16:20:27 GMT onion-location https://archive6zg5vrdwm4ljllgxleekeoj43lqayscd4d4kmhnyblq4h3ead.onion/embed/553521 referrer-policy no-referrer-when-downgrade server nginx/1.24.0 (Ubuntu) strict-transport-security max-age=15724800
GET H2	200	sample.csv Show response starhealthleak.st/	148 KB 149 KB	155ms 155ms	Fetch text/csv	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://starhealthleak.st/sample.csv Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 1c994517318389f14ffaf49c7b6049181f84bd8868977d2c51e76455cfebbe62 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status EXPIRED etag "1727881113.0370939-151604-1660880992" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jBlyrCcGplA9SdEAS%2FVbvccZt%2BtNdbU%2FmDN6VgiPKZ8%2B1C5Rz8FtGWAzQaBqZWqc7Rc19r2aIlRVtz%2BJA%2BDvqeBWAg0NaoP2a9uzuibAIsX9eHtcsIHHWzVpqWByLeQ0HuosdEptrjEddMAElQi9pQ%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc60515a9e00418-FRA accept-ranges bytes access-control-allow-origin * content-length 151604 date Wed, 02 Oct 2024 16:20:27 GMT content-type text/csv; charset=utf-8 content-disposition inline; filename=sample.csv vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:58:33 GMT
GET H2	200	sample2.csv Show response starhealthleak.st/	10 KB 11 KB	134ms 133ms	Fetch text/csv	2606:4700:3032::6815:4a12 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://starhealthleak.st/sample2.csv Requested by Host: starhealthleak.st URL: https://starhealthleak.st/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3032::6815:4a12 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8bbf10bb83b8bd69a2bcd163a6493bb45777610f699d86d73dfbdc1f6344a010 Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers server cloudflare cache-control max-age=14400 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-cache-status EXPIRED etag "1727881118.347161-10724-1793001618" report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6AWw0qZA5Bxh5yopbon6PJ3hhFPq09b2xHuaYFVPmx7tWIGda4OoZMnFSw4lGwNcx%2BcY8Gk8zF1YU7%2FCDEkQKSgGcH6oJFY%2BqqXsmZ1pUlgvUt22yXPPFI4Ly5VTOr6dBnfICTYcWRY7I90f824J8g%3D%3D"}],"group":"cf-nel","max_age":604800} cf-ray 8cc60515a9e20418-FRA accept-ranges bytes access-control-allow-origin * content-length 10724 date Wed, 02 Oct 2024 16:20:27 GMT content-type text/csv; charset=utf-8 content-disposition inline; filename=sample2.csv vary Accept-Encoding last-modified Wed, 02 Oct 2024 14:58:38 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 0	45ms 16ms	Fetch text/plain	2001:4860:4802:32::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-9L0L4LFLF9&gtm=45je4a10v9195679288za200&_p=1727886027075&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=101671035~101747727&cid=88634365.1727886027&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&_s=1&sid=1727886027&sct=1&seg=0&dl=https%3A%2F%2Fstarhealthleak.st%2F&dt=Star%20Health%20Leaks%20by%20xenZen&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=389 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-9L0L4LFLF9 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash Request headers User-Agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Referer https://starhealthleak.st/ Response headers cache-control no-cache, no-store, must-revalidate pragma no-cache cross-origin-resource-policy cross-origin access-control-allow-credentials true content-security-policy-report-only script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:86:0 report-to {"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:86:0"}],} expires Fri, 01 Jan 1990 00:00:00 GMT access-control-allow-origin https://starhealthleak.st cross-origin-opener-policy-report-only same-origin; report-to=coop_reporting content-length 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 date Wed, 02 Oct 2024 16:20:27 GMT content-type text/plain server Golfe2

22 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| Typewriter function| hexToRgb function| clamp function| isInArray function| pJS function| requestAnimFrame function| cancelRequestAnimFrame object| pJSDom function| particlesJS function| Typed function| gtag object| dataLayer function| loadCSV function| loadCSV2 boolean| ___TYPEWRITER_JS_STYLES_ADDED___ function| logVisitor object| __cfBeacon object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.starhealthleak.st/	1970-01-21 09:34:06	Name: _ga_9L0L4LFLF9 Value: GS1.1.1727886027.1.0.1727886027.0.0.0
			.starhealthleak.st/	1970-01-21 09:34:06	Name: _ga Value: GA1.1.88634365.1727886027

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

archive.org
cdn.jsdelivr.net
region1.google-analytics.com
starhealthleak.st
static.cloudflareinsights.com
www.googletagmanager.com
2001:4860:4802:32::36
207.241.224.2
2606:4700:3032::6815:4a12
2606:4700::6810:4f49
2a00:1450:4001:803::2008
2a04:4e42:200::485
0ea3f523824564a4248191dea4d497cd7cb771790745228afce6d7d04ec003f8
11a2142988720cd49ff000e5d488493947b3d34821301c5a706b3495b8381f7d
1c994517318389f14ffaf49c7b6049181f84bd8868977d2c51e76455cfebbe62
2651b1e9fd1a34ccf2985cd848869f8b561a12929c3556aaab62b9b46f372d18
5154391ed1d39ada814f7298e5c77802f238ee9a74809c0833eab8e470fda0b9
68d77c7509405e5a46a73c8fd4cea0b47c85055cc2b62c603eee49aec5257d47
7bad14d0be5b0fc922c54f76cf47ed11bd5131ac78a6ed7a66bd4d7b31031f03
8a18d13015336bc184819a5a768447462202ef3105ec511bf42ed8304a7ed94f
8bbf10bb83b8bd69a2bcd163a6493bb45777610f699d86d73dfbdc1f6344a010
99432c9f04638d8228e5317fe5c4118d160d636f58d61552e86fcd880dd21214
9b1a166d77609684251dd71f73058b928d2fcb3f54674e8277c8ba4e02cf8954
b2082ce042eeb13a7343c05a4edf782b38ed5900d709935e145a5b83abf91df2
b23de92781fefb04e1e8c65f3184e54114c1c38d35a30f4f5c16657296bc2db5
b6ad97402eddb903e7a5d7a73ee47a679204efbdda4521a391cbad9df509b932
eeb69561452bfcafbbceaa4cb48effa7443894749b0d1246651c431261ee85bc
faee7815a5fd27e938d1e01c8392b66332024908eb118048f608eee671371df6