Submitted URL: https://5vh.qleak.click/%F0%9F%8D%92-I%27m-ready-for-your-seed-Scrolller-%F0%9F%8D%8C/0.6245845464355562
Effective URL: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
Submission: On December 16 via api from US — Scanned from CA

Summary

This website contacted 5 IPs in 2 countries across 4 domains to perform 17 HTTP transactions. The main IP is 104.21.32.1, located in and belongs to CLOUDFLARENET, US. The main domain is dihaurefuidkuilopsee.life.
TLS certificate: Issued by WE1 on December 1st 2024. Valid for: 3 months.
This is the only time dihaurefuidkuilopsee.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 104.21.37.28 13335 (CLOUDFLAR...)
1 6 172.67.217.77 13335 (CLOUDFLAR...)
6 104.21.32.1 13335 (CLOUDFLAR...)
2 104.18.94.41 13335 (CLOUDFLAR...)
17 5
Apex Domain
Subdomains
Transfer
6 dihaurefuidkuilopsee.life
dihaurefuidkuilopsee.life
71 KB
6 q1eak.click
matomo.q1eak.click
myf4.q1eak.click
27 KB
2 cloudflare.com
challenges.cloudflare.com — Cisco Umbrella Rank: 3147
16 KB
2 qleak.click
5vh.qleak.click
2 KB
17 4
Domain Requested by
6 dihaurefuidkuilopsee.life dihaurefuidkuilopsee.life
5 matomo.q1eak.click 5vh.qleak.click
matomo.q1eak.click
2 challenges.cloudflare.com dihaurefuidkuilopsee.life
challenges.cloudflare.com
2 5vh.qleak.click
1 myf4.q1eak.click 1 redirects
17 5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
qleak.click
WE1
2024-11-25 -
2025-02-23
3 months crt.sh
q1eak.click
WE1
2024-11-25 -
2025-02-23
3 months crt.sh
dihaurefuidkuilopsee.life
WE1
2024-12-01 -
2025-03-01
3 months crt.sh
challenges.cloudflare.com
WE1
2024-11-03 -
2025-02-01
3 months crt.sh

This page contains 2 frames:

Primary Page: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
Frame ID: 4C38B9FE177553FBBC7B676778C2BB96
Requests: 14 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yqz58/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 15CF29DBF4F5A74672464E0CCA5C6C3A
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://5vh.qleak.click/%F0%9F%8D%92-I%27m-ready-for-your-seed-Scrolller-%F0%9F%8D%8C/0.624584546435... Page URL
  2. https://myf4.q1eak.click/leak-id-VmZENXFJSmZsV0Y2NWxuV3FEUTNNYy9yRUJQVU11cklCOENPM2w4MFRIQlJ4ZG5yVGp3... HTTP 302
    https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

17
Requests

88 %
HTTPS

0 %
IPv6

4
Domains

5
Subdomains

5
IPs

2
Countries

115 kB
Transfer

249 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://5vh.qleak.click/%F0%9F%8D%92-I%27m-ready-for-your-seed-Scrolller-%F0%9F%8D%8C/0.6245845464355562 Page URL
  2. https://myf4.q1eak.click/leak-id-VmZENXFJSmZsV0Y2NWxuV3FEUTNNYy9yRUJQVU11cklCOENPM2w4MFRIQlJ4ZG5yVGp3VHNwbUtjeWdRa2Z2bHZDRWtERldZQ1oyZnE2b0NnSUxsV1VNNkJiYzFGRzk0SHpOQ2JkZnNRUjF5WHdYb3c5d01abE4zSlBQZEJVdmJyclBiL0dzcUxNb2xaWVVZVVZmSVRDTHZEa0N6UU9Md04rWUlkSUFNSU55VjRqR1JXZXV6NWRZZEtlZzVia2lOd0V3QzY1clZFcHE5RmJiK09xNERoQT09 HTTP 302
    https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
0.6245845464355562
5vh.qleak.click/%F0%9F%8D%92-I%27m-ready-for-your-seed-Scrolller-%F0%9F%8D%8C/
2 KB
2 KB
Document
General
Full URL
https://5vh.qleak.click/%F0%9F%8D%92-I%27m-ready-for-your-seed-Scrolller-%F0%9F%8D%8C/0.6245845464355562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.37.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55248aef6fa8dff2077cc0424847989799c21f394be37c1b2aa1f14b40401469

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f2f12e6491ea214-YYZ
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Mon, 16 Dec 2024 13:38:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AWg9LVmlj6CS5fDRXQb6pmShdMTUnu8SJeqPGjw%2BxELeh%2F6SycNPgg49PUWiE2rB1QqBEPuAk6qfUF0A75G63GcFTsN2KvdLxf12thfOEkC2ym8VruMFacKp9ZHl2onQmb0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=18484&min_rtt=18354&rtt_var=3064&sent=14&recv=11&lost=0&retrans=0&sent_bytes=4223&recv_bytes=4598&delivery_rate=638&cwnd=12000&unsent_bytes=0&cid=bb6a341b6b998e19&ts=400&x=1" cfExtPri cfHdrFlush;dur=0
piwik.js
matomo.q1eak.click/
64 KB
23 KB
Script
General
Full URL
https://matomo.q1eak.click/piwik.js
Requested by
Host: 5vh.qleak.click
URL: https://5vh.qleak.click/%F0%9F%8D%92-I%27m-ready-for-your-seed-Scrolller-%F0%9F%8D%8C/0.6245845464355562
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.217.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://5vh.qleak.click/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"64a9baf6-10132"
age
1747244
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DPcpoSipi%2F2Cp69LQDOBqDFqhUQMHcLNboJn8rBJGnAF6jN65uNHuHDmNFeAacGsSXKnCsDSA0s%2Fvn0NKWoHWajw2PQK%2FlZTPhQO9Y7J13OQBmXgz8%2BoXLQU5OtKFLPffA2triE%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=20058&min_rtt=19886&rtt_var=7579&sent=11&recv=7&lost=0&retrans=0&sent_bytes=4121&recv_bytes=4232&delivery_rate=143196&cwnd=12000&unsent_bytes=0&cid=d2a721aef06f9bdb&ts=40&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 13:38:27 GMT
content-type
application/javascript
last-modified
Sat, 08 Jul 2023 19:37:26 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f2f12e8ceb6abbe-YYZ
server
cloudflare
piwik.php
matomo.q1eak.click/
0
643 B
Ping
General
Full URL
https://matomo.q1eak.click/piwik.php?action_name=%25F0%259F%258D%2592%20I%2527m%20ready%20for%20your%20seed%20Scrolller%20%25F0%259F%258D%258C&idsite=971&rec=1&r=444855&h=5&m=38&s=27&url=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&urlref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&_id=7c9d8d7db113143c&_idn=1&send_image=0&_refts=1734356307&_ref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=y4SRgX&pf_net=195&pf_srv=238&pf_tfr=2&pf_dm1=63&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.q1eak.click
URL: https://matomo.q1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.217.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://5vh.qleak.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=khq8WTBu5Rc2e9DtxRQ2pvVXjdcVGHYKABldOCNbzL3sca1CABlJf2PuoV01ppkcxGQJloNe5KOQma%2BV30cg4Js%2BtaskUMcUjiRVNhaPQpmesb5Rlor%2Fepb4WOFVsjbKgjDexHc%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f2f12e95f2cabbe-YYZ
access-control-allow-origin
https://5vh.qleak.click
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21852&min_rtt=18630&rtt_var=4166&sent=36&recv=23&lost=0&retrans=0&sent_bytes=28299&recv_bytes=6603&delivery_rate=401950&cwnd=21300&unsent_bytes=0&cid=d2a721aef06f9bdb&ts=371&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 13:38:27 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=4,i
piwik.php
matomo.q1eak.click/
0
644 B
Ping
General
Full URL
https://matomo.q1eak.click/piwik.php?action_name=%25F0%259F%258D%2592%20I%2527m%20ready%20for%20your%20seed%20Scrolller%20%25F0%259F%258D%258C&idsite=1&rec=1&r=576421&h=5&m=38&s=27&url=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&urlref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&_id=6deb863b71266edb&_idn=1&send_image=0&_refts=1734356307&_ref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=TJFaY6&pf_net=195&pf_srv=238&pf_tfr=2&pf_dm1=63&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.q1eak.click
URL: https://matomo.q1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.217.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://5vh.qleak.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YGjeyZyZ8RGF43b6Q5YY5og15LSIFTwRCvwsmkSVmgAzShpAXgBgsgpf%2BPGasOicN4fREmC8u482Eqi7oa%2FucihVnppNUsdH%2B9ZT9iayyUtWNLnRmMcDSTg5paktOOVRHWtLrdI%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f2f12e95f2eabbe-YYZ
access-control-allow-origin
https://5vh.qleak.click
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=21626&min_rtt=18630&rtt_var=3577&sent=37&recv=24&lost=0&retrans=0&sent_bytes=28965&recv_bytes=6647&delivery_rate=2203&cwnd=21300&unsent_bytes=0&cid=d2a721aef06f9bdb&ts=430&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 13:38:27 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=4,i
favicon.ico
5vh.qleak.click/
571 B
818 B
Other
General
Full URL
https://5vh.qleak.click/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.37.28 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50b9852ce176350c41f3a8b9bc01132659f8b18b9ccec1cdea6e98d28176daf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://5vh.qleak.click/%F0%9F%8D%92-I%27m-ready-for-your-seed-Scrolller-%F0%9F%8D%8C/0.6245845464355562

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6efqu1mKonUWu1L61K4XXca7F03y2VtVZEjdKioU1zBG3niafXWBtUpeC%2FEPPR31a1ZT2NbIzp2wmAXmcTE%2B1yA4vsg4UmBghXYJ5CcMWs4FKQCuGlnM5DgMYTtIQvsH6zY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2f12e98b39a214-YYZ
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=18582&min_rtt=18354&rtt_var=2495&sent=17&recv=13&lost=0&retrans=0&sent_bytes=5869&recv_bytes=5343&delivery_rate=84133&cwnd=12000&unsent_bytes=0&cid=bb6a341b6b998e19&ts=904&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 13:38:27 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
piwik.php
matomo.q1eak.click/
0
644 B
Ping
General
Full URL
https://matomo.q1eak.click/piwik.php?idgoal=1&idsite=971&rec=1&r=054307&h=5&m=38&s=27&url=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&urlref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&_id=7c9d8d7db113143c&_idn=0&send_image=0&_refts=1734356307&_ref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=y4SRgX&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.q1eak.click
URL: https://matomo.q1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.217.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://5vh.qleak.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v24iHrndsIkL6F0fw4hz9iIOfZyZ3ew4kIQCAh7Ojn5TygLZW0FKEZBULbyxjsVyfaDT0aCWT8tnalhWQhRDO9qBo3NirClcQxoY%2Bxv8dgKxIWdzFSBIdnHXNdvNO95OmbgaCQ0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f2f12ee6c4dabbe-YYZ
access-control-allow-origin
https://5vh.qleak.click
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22493&min_rtt=18630&rtt_var=4417&sent=40&recv=27&lost=0&retrans=0&sent_bytes=30739&recv_bytes=8256&delivery_rate=12452&cwnd=21300&unsent_bytes=0&cid=d2a721aef06f9bdb&ts=1057&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 13:38:28 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=4,i
piwik.php
matomo.q1eak.click/
410 B
1 KB
Ping
General
Full URL
https://matomo.q1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=075268&h=5&m=38&s=27&url=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&urlref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&_id=6deb863b71266edb&_idn=0&send_image=0&_refts=1734356307&_ref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=TJFaY6&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.q1eak.click
URL: https://matomo.q1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.217.77 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://5vh.qleak.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4K1GbqFp5R7pGVBvcMEQBvJmhXbpMUn78Gg6Or7zKaKYjGGTJrsLt6uLA6ZKWtijaTiMKf840iO7Z2AsgA9Q7O2j8uYrGilOi9VOKQWrIX%2FseEdZX2ba%2BF%2BlOHiEjEfLfvQ2XVY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f2f12ee6c51abbe-YYZ
access-control-allow-origin
https://5vh.qleak.click
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22493&min_rtt=18630&rtt_var=4417&sent=39&recv=27&lost=0&retrans=0&sent_bytes=29655&recv_bytes=8256&delivery_rate=12452&cwnd=21300&unsent_bytes=0&cid=d2a721aef06f9bdb&ts=1049&x=1", cfExtPri, cfHdrFlush;dur=0
date
Mon, 16 Dec 2024 13:38:28 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=4,i
Primary Request /
dihaurefuidkuilopsee.life/
Redirect Chain
  • https://myf4.q1eak.click/leak-id-VmZENXFJSmZsV0Y2NWxuV3FEUTNNYy9yRUJQVU11cklCOENPM2w4MFRIQlJ4ZG5yVGp3VHNwbUtjeWdRa2Z2bHZDRWtERldZQ1oyZnE2b0NnSUxsV1VNNkJiYzFGRzk0SHpOQ2JkZnNRUjF5WHdYb3c5d01abE4zSlBQ...
  • https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
9 KB
8 KB
Document
General
Full URL
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ed7e43c77a15928f33270318ae912507959b02e4603f39878b9d97642e8e7ad
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://5vh.qleak.click/%F0%9F%8D%92-I%27m-ready-for-your-seed-Scrolller-%F0%9F%8D%8C/0.6245845464355562
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
MDQ1VdHCHUFbWfJBb1Gz9YUsZ048DiUngSq93VQgPKLs6itudtWTW0ik2+fanOHZ26ZzUesVT2NTGjbDB/D8WHBjVgybT4h4QSSJ27gozoHv6PzgnCLbizVQUvP7vdk2kpF1uScmnfsbQprUdTowMg==$M7QrOBdZj1gUQHcGi1DnUg==
cf-mitigated
challenge
cf-ray
8f2f12f37ade36b7-YYZ
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Mon, 16 Dec 2024 13:38:29 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ya2VriBuTVbJ2hF5kClWWF8ZUrgIdbKeMqWk0i%2BHf%2FbjfXMWuOUFRHybzlTtBlUfCnaiang%2FajyEMbP7So0vR5sXN86SsolPk3DhPFVghROWY2VSCaaeLMBy8UChKzgDZrV8SFlconxPYrv3"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f2f12f19b32ab16-YYZ
content-type
text/html; charset=UTF-8
date
Mon, 16 Dec 2024 13:38:28 GMT
location
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1eywVeF6xyryYg5NfatmYkk%2BHrjspjgF2swPDJwhdU57T0LsA8N%2B8zNH2bYu7nqkPf5kQ3fSWWfGxBtULzQYxycRTl1lFOccztISmnh3vGxifpTxiQAt%2BmR0YSV4mV5%2B%2Fo4W"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=18733&min_rtt=18320&rtt_var=3447&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4203&recv_bytes=4785&delivery_rate=616&cwnd=12000&unsent_bytes=0&cid=f58c078919eec7ee&ts=499&x=1" cfExtPri cfHdrFlush;dur=0
v1
dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/
97 KB
38 KB
Script
General
Full URL
https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f2f12f37ade36b7
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da70c00f9bd575bd1d7e1b1465b34d214d7ac2e5422520d475d872a814ba9834

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971&__cf_chl_rt_tk=QRhj7GKx4RCizbFv0How2qqASXgN1Ksz7WYeq.X0JNI-1734356309-1.0.1.1-95J.S3a541fdGPbIXz6JI_8wkfYEuN_2RP8rt2m2JQ4

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lHJDi4wJPG7Ne26iyWNV1dlK5F64X7mAeQFpLFwP%2BZ8NkigI6c0Je5b0pSChnw%2BN1%2BCrOmvqpK%2BTD0rpUyLT3H1c4zrjaEr7ui%2B0Rb5Yrg0r3K2Usy%2FBjGOTNih4W9N3Ym5Kg2ATFusCECQJ"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2f12f55ae136b7-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 13:38:29 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
2a8486c7-2b56-4e1e-919b-ac5c450e3d48
https://dihaurefuidkuilopsee.life/ Frame
0
0

api.js
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/
47 KB
16 KB
Script
General
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f2f12f37ade36b7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dihaurefuidkuilopsee.life
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f2f12f5fd7138e4-YYZ
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Mon, 16 Dec 2024 13:38:29 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Dec 2024 18:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
dihaurefuidkuilopsee.life/
7 KB
7 KB
Image
General
Full URL
https://dihaurefuidkuilopsee.life/favicon.ico
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b427a41d6dd7e62a01b6d1ea8db40d27c77a1f42d56ff02fe1e3e7de312c25cc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=utAe83H%2FAZ2vpKWcRSmkJjA45YAwo4iRs8y%2FPkZzr%2Fpg4OKtoqQh38Axz2VfuL5nPxoA8TiNVNiXAQ0xkjPl1EB1R8BsBs1Rqfsgh9scq8hQryFAJOtpSnoSfbQHlfN0O18NVYwwHEI87%2BRw"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Mon, 16 Dec 2024 13:38:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
IqJsDz6vTzaSyrhNo5aKP1lA0UwqSSKmuHvxO/541xOzs9Qv75D9vuADXXBrw5QmbMBBWF69ximfX4A3ipuTpfl6cLef3vS5RjBvogTzoUm8V53spszlyT6xY1GxIiu72rzyciUCCFFq/f9vtB7dIw==$HMEk36M+ObB+Fw/ChOTmZQ==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f2f12f5fae236b7-YYZ
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
dihaurefuidkuilopsee.life/
7 KB
6 KB
Other
General
Full URL
https://dihaurefuidkuilopsee.life/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
837dbd648396ea9fb239a83eac9d9f8df4607afce59926b1298041ac08a376a6
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ihkfz0%2BLc04CDHrI%2BEadJJWGmwpfLQmV7UfoXodpGoyQ4Ot60n9OIHZxB%2FAgF%2B%2FP59jMMg%2FS103ihLAkqwL4QLVxmR9I2QiJNRrPgJGN24gJwTUWBVUuv23estb%2FPVQmbwJHbtQ7jFukQDwm"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Mon, 16 Dec 2024 13:38:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
B+vb+01mZCm+cAM7PBCxobwbLVMYN20SQfesMG4BUfAkiJ+tqxyQmOcmA1koBgscnqMr6ZfAfWntRQsIOI8u7R1TB574ApJxBDA7AsU46wc80u678HhLBC6MqToTscEYKtMIjtEEOvOgjNuIXjRfjA==$4BO+FvtFn024kbr4TEl/9Q==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f2f12f66ae336b7-YYZ
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
VYeyza1VcrHBNZNKWm1_VR54t0a6tuc1VMRGu68DhoU-1734356309-1.2.1.1-M1ka_jwqNQGNaFBfAw1f43twwwPUWS5qzMF8bOs45by0hiisRt3GWD7GUdlgkhyh
dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/flow/ov1/1411121230:1734351856:AonI7A-9YB3p3hW4YdD9G0JjNqR2zo8uG6PzjnpMDGU/8f2f12f37ade36b7/
13 KB
9 KB
XHR
General
Full URL
https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/flow/ov1/1411121230:1734351856:AonI7A-9YB3p3hW4YdD9G0JjNqR2zo8uG6PzjnpMDGU/8f2f12f37ade36b7/VYeyza1VcrHBNZNKWm1_VR54t0a6tuc1VMRGu68DhoU-1734356309-1.2.1.1-M1ka_jwqNQGNaFBfAw1f43twwwPUWS5qzMF8bOs45by0hiisRt3GWD7GUdlgkhyh
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f2f12f37ade36b7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2b6c71074c5727aced116806377c11fc1270c9de8e8c0254627afa5e9eb35b6

Request headers

Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
VYeyza1VcrHBNZNKWm1_VR54t0a6tuc1VMRGu68DhoU-1734356309-1.2.1.1-M1ka_jwqNQGNaFBfAw1f43twwwPUWS5qzMF8bOs45by0hiisRt3GWD7GUdlgkhyh

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SBzhGgDESCjmWI4FvHATyNOD2U0oisCHEgqM0bAlxPeYDo20YL7Xg1qSGWkPymKLaTVWuTmEE2%2Bz%2F8IbrJTaXXoG8R1hAE6kEQlxlqoqvUuHrVbmWkgXWBdkMFvImMTx%2Bnx%2BVpInpAuu%2F7iS"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2f12f6aae436b7-YYZ
alt-svc
h3=":443"; ma=86400
date
Mon, 16 Dec 2024 13:38:29 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
PCVM+ROhY39LA2YfQCi7DOh6bw3Iql+iJrDBoSPiIIMDzqUTHc6c6xNrQR53PzpGoK5l/BOAhnk=$gTbIH9fhUU/Feszz
server
cloudflare
6a4c43da-0995-4d20-b92f-eb932fad3d9c
https://dihaurefuidkuilopsee.life/ Frame
0
0

/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yqz58/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 15CF
0
0
Document
General
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/yqz58/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.94.41 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f2f12f7482ab406-YYZ
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Mon, 16 Dec 2024 13:38:29 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
VYeyza1VcrHBNZNKWm1_VR54t0a6tuc1VMRGu68DhoU-1734356309-1.2.1.1-M1ka_jwqNQGNaFBfAw1f43twwwPUWS5qzMF8bOs45by0hiisRt3GWD7GUdlgkhyh
dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/flow/ov1/1411121230:1734351856:AonI7A-9YB3p3hW4YdD9G0JjNqR2zo8uG6PzjnpMDGU/8f2f12f37ade36b7/
2 KB
2 KB
XHR
General
Full URL
https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/flow/ov1/1411121230:1734351856:AonI7A-9YB3p3hW4YdD9G0JjNqR2zo8uG6PzjnpMDGU/8f2f12f37ade36b7/VYeyza1VcrHBNZNKWm1_VR54t0a6tuc1VMRGu68DhoU-1734356309-1.2.1.1-M1ka_jwqNQGNaFBfAw1f43twwwPUWS5qzMF8bOs45by0hiisRt3GWD7GUdlgkhyh
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f2f12f37ade36b7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.32.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b0404d8745c0c4aa7a2b83c8c85f28d386c21587551b85ddffb7ae57b7e69c5

Request headers

Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
VYeyza1VcrHBNZNKWm1_VR54t0a6tuc1VMRGu68DhoU-1734356309-1.2.1.1-M1ka_jwqNQGNaFBfAw1f43twwwPUWS5qzMF8bOs45by0hiisRt3GWD7GUdlgkhyh

Response headers

cf-chl-out
Y6UoLCgOHd9GfLNSRzBuGU3W4AaPCdum5VOJYe/0WoslZhSDEqt2SqowCV2MMB2ZYv2iJLH3DZZrsfVOPhA3MnJciF62iLuC1VbRXrzRyi9I+wCdyc3jFRk=$sX5IQSNmM4vBjZvg
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2F05qMAdalYM8cQHY4POxCHX7%2BaSAKm9qrpVdmE9r57qFFHi7QapaAANmGjVz5Cv8vegMz%2BuHYLa1oUqDekC7fzqVFB62izPgPCj%2B7YOMMxCrHfd%2BuNtzHf6DLvehl%2F032pDLiFvRTyVx596S"}],"group":"cf-nel","max_age":604800}
cf-ray
8f2f12fdfae936b7-YYZ
alt-svc
h3=":443"; ma=86400
cf-chl-out-s
e9puT/TEgC9ZAWwy1zOP5Ec9OfBOCldwb/7rdVpioyBowfF0cJgkxW9vgWjCIA9iC+RQruwzI1a9isB1/PJWoniZ4L1kUUYH7w/xpcqkQlWLCMLH8PJbgQvktGq6IexCrtpuvnxaewHp4hBIDIFOaJYznfU91VwOvU6bXLiTWwr+JSXCSXSWWpGLwCLEMqegavGaMOXa4YyaKn1vSovSy5+M/0Wa17CfNULdGRnbjwM9wTTNGTM6gmYMRMgly07IOi/cEQEpMTsciJtTu1BqiqXaXxzznYqDAbmbyGfXtwrDmUwPJhntxyXhX1rfjT5WJegxwpVL3Jd9pF6aHWjmvSGNCaRJNo/6RKjba/oj8uIRzLGi9gs=$FmFv0s+kgRDk7Sfq
date
Mon, 16 Dec 2024 13:38:30 GMT
content-type
text/html; charset=UTF-8
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dihaurefuidkuilopsee.life
URL
blob:https://dihaurefuidkuilopsee.life/2a8486c7-2b56-4e1e-919b-ac5c450e3d48
Domain
dihaurefuidkuilopsee.life
URL
blob:https://dihaurefuidkuilopsee.life/6a4c43da-0995-4d20-b92f-eb932fad3d9c

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| fjGVd3 boolean| xAqqm6 function| spwE7 function| huBu8 function| HCGH4 function| roxIF0 object| uBNhi5 object| vEte4 function| jWrr7 function| nWsSX2 function| INuv4 object| ZUPr1 number| OCenw1 object| angular object| hfdFG3 object| turnstile boolean| RtWm0 function| _ string| DSJv8 boolean| aumSQ3

7 Cookies

Domain/Path Name / Value
5vh.qleak.click/ Name: _pk_ref.971.20bc
Value: %5B%22%22%2C%22%22%2C1734356307%2C%22https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562%22%5D
5vh.qleak.click/ Name: _pk_id.971.20bc
Value: 7c9d8d7db113143c.1734356307.
5vh.qleak.click/ Name: _pk_ses.971.20bc
Value: 1
5vh.qleak.click/ Name: _pk_ref.1.20bc
Value: %5B%22%22%2C%22%22%2C1734356307%2C%22https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562%22%5D
5vh.qleak.click/ Name: _pk_id.1.20bc
Value: 6deb863b71266edb.1734356307.
5vh.qleak.click/ Name: _pk_ses.1.20bc
Value: 1
dihaurefuidkuilopsee.life/ Name: cf_chl_rc_ni
Value: 1

5 Console Messages

Source Level URL
Text
network error URL: https://5vh.qleak.click/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://matomo.q1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=075268&h=5&m=38&s=27&url=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&urlref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&_id=6deb863b71266edb&_idn=0&send_image=0&_refts=1734356307&_ref=https%3A%2F%2Ftelegra.ph%2FIm-ready-for-your-seed-Scrolller-0.6245845464355562&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=TJFaY6&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=971
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dihaurefuidkuilopsee.life/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dihaurefuidkuilopsee.life/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()