urlscan.io logo urlscan.io
SecurityTrails logo

ofleaksdaily.com Open in urlscan Pro
2606:4700:3037::6815:b3e  Public Scan

Go To Rescan Add Verdict Report
URL: https://ofleaksdaily.com/serendipitoussav/
Submission: On December 28 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 5 countries across 7 domains to perform 24 HTTP transactions. The main IP is 2606:4700:3037::6815:b3e, located in United States and belongs to CLOUDFLARENET, US. The main domain is ofleaksdaily.com.
TLS certificate: Issued by E1 on November 10th 2022. Valid for: 3 months.
This is the only time ofleaksdaily.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
11 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
3 67.22.50.23 29789 (REFLECTED)
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
1 2a00:1450:400... 15169 (GOOGLE)
1 66.254.114.233 29789 (REFLECTED)
24 8
11    2606:4700:3037::6815:b3e (United States)

ASN13335 (CLOUDFLARENET, US)
ofleaksdaily.com
cdn.ofleaksdaily.com
1    2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    67.22.50.23 (Netherlands)

ASN29789 (REFLECTED, US)
cdn1.traffichaus.com
cdn1ht.traffichaus.com
2    2606:4700:3035::ac43:9863 (United States)

ASN13335 (CLOUDFLARENET, US)
adsrv.rstrc.cc
jscdn.rstrc.cc
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
1    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    66.254.114.233 (United States)

ASN29789 (REFLECTED, US)
PTR: reflectededge.reflected.net
syndication.traffichaus.com
Apex Domain
Subdomains		 Transfer
11 ofleaksdaily.com
ofleaksdaily.com
cdn.ofleaksdaily.com
543 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 7498
2 KB
4 traffichaus.com
cdn1.traffichaus.com — Cisco Umbrella Rank: 253780
syndication.traffichaus.com — Cisco Umbrella Rank: 54254
cdn1ht.traffichaus.com — Cisco Umbrella Rank: 100393
99 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 1851
73 KB
2 rstrc.cc
adsrv.rstrc.cc
jscdn.rstrc.cc
601 B
1 gstatic.com
fonts.gstatic.com
27 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 127
1 KB
24 7
Domain Requested by
8 cdn.ofleaksdaily.com ofleaksdaily.com
7 mc.yandex.com 3 redirects ofleaksdaily.com
3 mc.yandex.ru 2 redirects ofleaksdaily.com
3 ofleaksdaily.com ofleaksdaily.com
2 cdn1.traffichaus.com ofleaksdaily.com
1 cdn1ht.traffichaus.com ofleaksdaily.com
1 syndication.traffichaus.com cdn1.traffichaus.com
1 fonts.gstatic.com fonts.googleapis.com
1 jscdn.rstrc.cc ofleaksdaily.com
1 adsrv.rstrc.cc ofleaksdaily.com
1 fonts.googleapis.com ofleaksdaily.com
24 11

This site contains links to these domains. Also see Links.

Domain
syndication.traffichaus.com
Subject Issuer Validity Valid
*.ofleaksdaily.com
E1		 2022-11-10 -
2023-02-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.traffichaus.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-30 -
2023-10-01		 a year crt.sh
*.rstrc.cc
E1		 2022-12-20 -
2023-03-20		 3 months crt.sh
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
traffichaus.com
R3		 2022-12-15 -
2023-03-15		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ofleaksdaily.com/serendipitoussav/
Frame ID: 5624DBB183A6442CAABCE8A777683790
Requests: 25 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Serendipitoussav Leaks

Detected technologies

Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

88 %
HTTPS

71 %
IPv6

7
Domains

11
Subdomains

8
IPs

5
Countries

743 kB
Transfer

973 kB
Size

10
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9866.888E5WdOCFYhRP1ggblaxQJOzv2x3nQBnVrASVs-MgwW6t3D1ZgWnYaF9mHwjA-q.J-IK3k-7NUP2fqrD09AwNkTEoWM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9866.U1CKUCKP2QS5TA37T1J432XQlH5f0mPLUAWUVD57L02oBrhBhwoCc9odjHV5sM481A8F7DmbwGPYKRbfI4n75sM8rOiTIbp33o8NWnJyCjs%2C.93eV49ENIU3J1Xd9QSHwXCRb170%2C
Request Chain 22
  • https://mc.yandex.com/watch/73600747?wmode=7&page-url=https%3A%2F%2Fofleaksdaily.com%2Fserendipitoussav%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A732223765276%3Ahid%3A1048219040%3Az%3A0%3Ai%3A20221228050432%3Aet%3A1672203873%3Ac%3A1%3Arn%3A525871994%3Arqn%3A1%3Au%3A1672203873607562634%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C22%2C439%2C1%2C0%2C0%2C%2C216%2C269%2C%2C%2C%2C889%3Aco%3A0%3Acpf%3A1%3Ans%3A1672203871478%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672203873%3At%3ASerendipitoussav%20Leaks&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/73600747/1?wmode=7&page-url=https%3A%2F%2Fofleaksdaily.com%2Fserendipitoussav%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A732223765276%3Ahid%3A1048219040%3Az%3A0%3Ai%3A20221228050432%3Aet%3A1672203873%3Ac%3A1%3Arn%3A525871994%3Arqn%3A1%3Au%3A1672203873607562634%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C22%2C439%2C1%2C0%2C0%2C%2C216%2C269%2C%2C%2C%2C889%3Aco%3A0%3Acpf%3A1%3Ans%3A1672203871478%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672203873%3At%3ASerendipitoussav%20Leaks&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 23
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9866.0wFw1ouXsD_VMOYl3IDVQD7gvg373xgPQ_QOoskol_xsAwRI-fDRfVXfU7dgaOnb.bDBjk9XXRuZFHWV61lntYrp8AlM%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9866.sjXgaR1cH4eA6aKb24EKd8dXFUVV1Da-H1lRyp9mpXVwIgCAn_JFPsL3sFVzqQmfE0NcnSQU9I_F7Zmv9dyDD-mJIINshaefmLQrJNLFCCk%2C.5N8-a1IJ_ap7jDqtc42GP5Q6RuM%2C

24 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ofleaksdaily.com/serendipitoussav/ 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
16a1c9c1cd64a6210642bfb0cc8b57bc08324ec12613283632a08aca179a33f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7807c1763f35bbbf-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Wed, 28 Dec 2022 05:04:32 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6SDM1MmmFTFhW6FiBZaEVVujMjHZ8tbbCjYO8eTJtk6rsLw7tpkvro1TjqyJMRp%2Bkel%2BXotU%2FWwDbXxYTmut8LGDdyT4oZx1xxK4pM%2FnRIWlUnCLZBIRROmEtvzdexnD9yznz2ilmh%2FecRQy76Y"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
1; mode=block
style.css
ofleaksdaily.com/ 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ofleaksdaily.com/style.css?ver=1273838533
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f8cbc76c86f9c8d935b4d9e1788f9a72b3cfcc58cd5e3973f29f21e4c2903eb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/serendipitoussav/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished
origSize=25412
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Fri, 27 Aug 2021 10:27:54 GMT
server
cloudflare
etag
W/"6128be2a-6344"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H6me9XCyvGI%2FGHeOtPHd2CbZLQq8gosBWR3FxmZGKspjqsvvGtLOEjOv7%2BzgNcNY1Y8sPjB%2BYcovrB5yTUCif2wIrYr0cmMJGbzIB78ueujDrp6B8eUrblZSIK5Q9d6uJyY%2FwkA0DKvsbFo0shRF"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding
cache-control
max-age=14400
cf-ray
7807c178fc0bbbbf-FRA
css2
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Mulish:wght@400;700&display=swap
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f93324da0993c5b28b6af505c7df2f31eabd0b31fac1c8237a81f3ba4c523a9a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 28 Dec 2022 05:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 28 Dec 2022 04:50:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 28 Dec 2022 05:04:32 GMT
thPopV3.js
cdn1.traffichaus.com/scripts/ 		96 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.traffichaus.com/scripts/thPopV3.js
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.22.50.23 , Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
eb54a04589a411b65156cc76f870c1dea9a13f83732352e13e0165460236d72b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
content-encoding
gzip
last-modified
Wed, 26 Oct 2022 11:07:40 GMT
etag
"9815b7-181fe-5ebee087dd0ae"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=21600, public
x-cdn-diag
mil1-25001-2-59133-h-0-0---;25002-18-39504----0-0-0
accept-ranges
bytes
content-length
35792
expires
Wed, 26 Oct 2022 17:08:55 GMT
ThFpushV1.js
cdn1.traffichaus.com/scripts/ 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn1.traffichaus.com/scripts/ThFpushV1.js
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.22.50.23 , Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
9c9a062c2101544bc70cdce713ec6fdf0a982c25d50ebf58abc10a6e8ffc5aa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
content-encoding
gzip
last-modified
Thu, 14 Jul 2022 13:11:30 GMT
etag
"9816ff-3a4c-5e3c3a3d7e3b2"
vary
Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=21600, public
x-cdn-diag
mil1-25002-3-9299-h-0-0---;25002-18-39504----0-0-0
accept-ranges
bytes
content-length
6346
expires
Thu, 14 Jul 2022 19:13:37 GMT
asyncjs.php
adsrv.rstrc.cc/www/delivery/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://adsrv.rstrc.cc/www/delivery/asyncjs.php
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
jqueryaddons.js
jscdn.rstrc.cc/ 		0
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://jscdn.rstrc.cc/jqueryaddons.js
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3035::ac43:9863 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1382
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
x-xss-protection
1; mode=block
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 11:24:17 GMT
server
cloudflare
etag
"63888ee1-0"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=c9UedUNim8OEVeDjIsV6DD21vwqSmStjiKKKcLpsgKBzqdV%2BiJt0WdjGsPcNg1dyv9OA9NDTPpodxjvtfEG18ZFjHb3lZPgBz0jD6Q9dWnhof3CW%2B5utzro8x%2FLF0Nx9HxUXp8vwvrgcQ4t9OQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
vary
Accept-Encoding
cache-control
max-age=300
accept-ranges
bytes
cf-ray
7807c17938d2914c-FRA
serendipitoussav_avatar.jpg
cdn.ofleaksdaily.com/img/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ofleaksdaily.com/img/serendipitoussav_avatar.jpg
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7ac0abe05569bb8a43fea3bf1707d7e0778867157e2b4fa69173446903e1c8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
74732
pragma
public
last-modified
Mon, 15 Aug 2022 13:04:30 GMT
server
cloudflare
etag
"62fa445e-123ec"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KOHLn0dP3IVrL8dV8t%2B5LRMzgUhUSM3zKNpST6VDdCTO7nnB7y9pqCoZ7JX0lUBrvdKxfqQceKkVei%2B%2BmDAvdierGzmF6EmzkoPwg69kr8vKiWY0rcEfscrn2dm9xR%2BrQR3OPZYBwvDLCGJd7CEZvboxSg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7807c17a4e0ebbbf-FRA
expires
Mon, 26 Jun 2023 05:04:32 GMT
email-decode.min.js
ofleaksdaily.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ofleaksdaily.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/serendipitoussav/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Dec 2022 16:36:20 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"63a1e484-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dowBAvVW90qiTg00i1RHjjA2nUjzciKTqH2X7r0umdHTO4Uc0Noay75rsJPzVTxoZ2FF%2Bsni78IqhbMKbrV0ak6ZsVoaW9FnrATtb%2F3Ep4ZT8ewEaUSH4ZWkClgCniIHODVhEBeVb7PyKZV7G0ht"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7807c17a08c6920e-FRA
expires
Fri, 30 Dec 2022 05:04:32 GMT
tag.js
mc.yandex.ru/metrika/ 		211 KB
72 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Fri, 09 Dec 2022 16:09:11 GMT
etag
"63933377-12019"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
73753
expires
Wed, 28 Dec 2022 06:04:32 GMT
1Ptvg83HX_SGhgqk3wot.woff2
fonts.gstatic.com/s/mulish/v12/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/mulish/v12/1Ptvg83HX_SGhgqk3wot.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Mulish:wght@400;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ofleaksdaily.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 12:50:21 GMT
x-content-type-options
nosniff
age
490451
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27428
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 18:57:51 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 12:50:21 GMT
serendipitoussav.jpg
cdn.ofleaksdaily.com/img/ 		61 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ofleaksdaily.com/img/serendipitoussav.jpg
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c68cd9b031c44589ca2b0d6d915679b194fec04ac3234f439fb0e7f2886ec494

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
62306
pragma
public
last-modified
Mon, 15 Aug 2022 13:04:30 GMT
server
cloudflare
etag
"62fa445e-f362"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iRmFwmjEAAblEypZhfTqoVq6Vuhjki87lagwmfZddUEitT%2B5mxQt9NpPP78575xMLMclQXUcbSE8urN%2BjWKnhJDxaJc1JibGGgoCUmXnSHy4vLZbRJGdqnEUElKPpmsanNwXegCZ7XRvUw0AXMVAGepvhA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7807c17a5e13bbbf-FRA
expires
Mon, 26 Jun 2023 05:04:32 GMT
babykittylips3.jpg
cdn.ofleaksdaily.com/img/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ofleaksdaily.com/img/babykittylips3.jpg
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
704f0433ab8d8dc1f681f380aa39fe9f7d5bf458a6ff6f05e04e476566644c91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
34353
pragma
public
last-modified
Mon, 15 Aug 2022 12:16:00 GMT
server
cloudflare
etag
"62fa3900-8631"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=seUY5ZN9qZCGhAvUq3L12T%2BCL0PH3lff756I2qhqSYZwGulZp1q99m6EEXV%2Fhza9%2BerJ%2FScwGzvc%2BJRs8gwSlS3upEqu5pDP93oZ1g7%2FfNxeFCij7t0o00j1hasc92B1q9HbaSVACKVJ1GguuFPULQDsWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7807c17a5e17bbbf-FRA
expires
Mon, 26 Jun 2023 05:04:32 GMT
sexxyebonyy.jpg
cdn.ofleaksdaily.com/img/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ofleaksdaily.com/img/sexxyebonyy.jpg
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5742fb54fca9de868e8893158e02af36b77a7ded65aa4b6a77df63098011bb2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
96968
pragma
public
last-modified
Mon, 15 Aug 2022 13:59:56 GMT
server
cloudflare
etag
"62fa515c-17ac8"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tLQpmcMS5OELACejS%2F8cXZfGUJu3d7RxqsRfG3d1hvQVHmyok6h2evurYQI5eOIVFjdP8vDKp90kVUzmhVN2ZYReON33uNCWvlryLq%2BAfY0rOt6SXxUKYAfsuXZlyBN204Af6ijoLrB4EXht6bwjx9XnTw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7807c17a5e12bbbf-FRA
expires
Mon, 26 Jun 2023 05:04:32 GMT
littleffox.jpg
cdn.ofleaksdaily.com/img/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ofleaksdaily.com/img/littleffox.jpg
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7bf874886f5a3e44a52f940b2f907a93552e02bdad3380d7a6362cb1fda6850

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19166
pragma
public
last-modified
Mon, 15 Aug 2022 12:25:00 GMT
server
cloudflare
etag
"62fa3b1c-4ade"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J4MJZXdEDOsksZpP14Trui9YiWe%2BiAJGhQpN7Ey9fcQENUhnTK2BZE%2BNlCOREVn3KaqaejCUzYhry2%2BfZC7Yw4IdsyXMwKaM9pTYaaSfBXZucOLyP8rnLMygBzukmEeZGL26BkWWuYf8pThWygaEzdY1vQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7807c17a5e0fbbbf-FRA
expires
Mon, 26 Jun 2023 05:04:32 GMT
index.php
syndication.traffichaus.com/adserve/ 		795 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://syndication.traffichaus.com/adserve/index.php?z=259288&loc=https%20ofleaksdaily%20com%20serendipitoussav%20Serendipitoussav%20Leaks&cb=1672203872368&c1=
Requested by
Host: cdn1.traffichaus.com
URL: https://cdn1.traffichaus.com/scripts/ThFpushV1.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
66.254.114.233 , United States, ASN29789 (REFLECTED, US),
Reverse DNS
reflectededge.reflected.net
Software
nginx /
Resource Hash
a13df169f9d586213396daa2415e1e2ad1ea1b3a52905617b59796297d912531

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
content-encoding
gzip
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Full-Version,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
transfer-encoding
chunked
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ofleaksdaily.com
access-control-allow-credentials
true
x-request-id
63ABCE60-42FE72E901BB9314-2031D20
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1ace07e0ea3b00071ccca06ebdec681a1d3a7be7e0afe1429f6bb197190e20ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
19f0f82a9cc228dad979d297919fa87c__636413a749f41.png
cdn1ht.traffichaus.com/uploads/19/ 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn1ht.traffichaus.com/uploads/19/19f0f82a9cc228dad979d297919fa87c__636413a749f41.png
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.22.50.23 , Netherlands, ASN29789 (REFLECTED, US),
Reverse DNS
Software
/
Resource Hash
c04f6a82813ea5fa6838771f7d32c554812d2a45ad483fb0738df6a274f8f1a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
last-modified
Thu, 03 Nov 2022 19:17:13 GMT
etag
"5bd143d0d-dcc6-5ec95ce003d23"
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=2592000, public
x-cdn-diag
mil1-25003-3-9764-h-0-0---;25002-20-39504----0-0-2
accept-ranges
bytes
content-length
56518
lil_holly.jpg
cdn.ofleaksdaily.com/img/ 		81 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ofleaksdaily.com/img/lil_holly.jpg
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ec070c74da230be5c7110306f1ab456d6999b7f0f1a67fcd3b3c5192a801600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
83332
pragma
public
last-modified
Mon, 15 Aug 2022 12:24:42 GMT
server
cloudflare
etag
"62fa3b0a-14584"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qUl9bCMBfeFASKhhgb1BvZy93Z67pK96U0RqC3AD8E1eNF%2BoqvSc%2BbH0E1gqyW59Wy7CskCzC49KHIOJ68LUvpKvMpaVsFPuNV69%2BfgMQ%2BRpRC2EYFFUJ0i56qFTlxqJ%2F8DTHmxCQMOjdKpqn7Ia11c2%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7807c17c0b85920e-FRA
expires
Mon, 26 Jun 2023 05:04:32 GMT
johnnyfx.jpg
cdn.ofleaksdaily.com/img/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ofleaksdaily.com/img/johnnyfx.jpg
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997cb35984ffab45a5a6b3f2aaabe12f4ee737b4a78fe8a4bd57db371450b96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49495
pragma
public
last-modified
Mon, 15 Aug 2022 12:22:48 GMT
server
cloudflare
etag
"62fa3a98-c157"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9fBY7mfj9h3ogG57v%2B29tbQ4GYj9BJp04V62l33oAy%2FGo24aXRa7O6YfhIMnQrI1t341VcPm4W%2Fmte%2FhmiwDt%2BJr2CEakpwCWFSjT8kS%2BMZbA3iYzIZnwPYLYkwlzmWlWyv6MbUgUgC3tPWaIPR2tYT%2Blw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7807c17c0b89920e-FRA
expires
Mon, 26 Jun 2023 05:04:32 GMT
thelovelyhoney.jpg
cdn.ofleaksdaily.com/img/ 		119 KB
120 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ofleaksdaily.com/img/thelovelyhoney.jpg
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3037::6815:b3e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
798cfc81d8b1a948d28eb494df7e28d12788a29900c85db6b11cce54b83f4bfd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
122037
pragma
public
last-modified
Mon, 15 Aug 2022 13:24:16 GMT
server
cloudflare
etag
"62fa4900-1dcb5"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w%2BXXEZpyKD7b1w0Nt2o9Viq4iXlduqeSCjOwg8F1dcl2WctReErSLqwi5jVbS5fKSV%2BvJJRnWmPhfsabNwa6SEhzaMPvxSPOXmVaPrszdZAtS3ZTi5ufkqFfu21lhRHPsmRjgQ0THUX6nPpvXpX2s1lTNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=15552000
accept-ranges
bytes
cf-ray
7807c17c0b8c920e-FRA
expires
Mon, 26 Jun 2023 05:04:32 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9866.888E5WdOCFYhRP1ggblaxQJOzv2x3nQBnVrASVs-MgwW6t3D1ZgWnYaF9mHwjA-q.J-IK3k-7NUP2fqrD09AwNkTEoWM%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9866.U1CKUCKP2QS5TA37T1J432XQlH5f0mPLUAWUVD57L02oBrhBhwoCc9odjHV5sM481A8F7DmbwGPYKRbfI4n75sM8rOiTIbp33o8NWnJyCjs%2C.93eV49ENIU3J1Xd9QSHwXCRb170%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9866.U1CKUCKP2QS5TA37T1J432XQlH5f0mPLUAWUVD57L02oBrhBhwoCc9odjHV5sM481A8F7DmbwGPYKRbfI4n75sM8rOiTIbp33o8NWnJyCjs%2C.93eV49ENIU3J1Xd9QSHwXCRb170%2C
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9866.U1CKUCKP2QS5TA37T1J432XQlH5f0mPLUAWUVD57L02oBrhBhwoCc9odjHV5sM481A8F7DmbwGPYKRbfI4n75sM8rOiTIbp33o8NWnJyCjs%2C.93eV49ENIU3J1Xd9QSHwXCRb170%2C
date
Wed, 28 Dec 2022 05:04:32 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
112 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ofleaksdaily.com
URL: https://ofleaksdaily.com/serendipitoussav/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:32 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 09 Dec 2022 16:09:11 GMT
etag
"63933377-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Wed, 28 Dec 2022 06:04:32 GMT
1
mc.yandex.com/watch/73600747/
Redirect Chain
  • https://mc.yandex.com/watch/73600747?wmode=7&page-url=https%3A%2F%2Fofleaksdaily.com%2Fserendipitoussav%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A898%3Afu%3A0%3Aen%3A...
  • https://mc.yandex.com/watch/73600747/1?wmode=7&page-url=https%3A%2F%2Fofleaksdaily.com%2Fserendipitoussav%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A898%3Afu%3A0%3Aen%...
428 B
510 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/73600747/1?wmode=7&page-url=https%3A%2F%2Fofleaksdaily.com%2Fserendipitoussav%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A732223765276%3Ahid%3A1048219040%3Az%3A0%3Ai%3A20221228050432%3Aet%3A1672203873%3Ac%3A1%3Arn%3A525871994%3Arqn%3A1%3Au%3A1672203873607562634%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C22%2C439%2C1%2C0%2C0%2C%2C216%2C269%2C%2C%2C%2C889%3Aco%3A0%3Acpf%3A1%3Ans%3A1672203871478%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672203873%3At%3ASerendipitoussav%20Leaks&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
91d422157364b735a29b2f2c60ddeffed81dcca01e6da995b5f14fc3c2438b45
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 28 Dec 2022 05:04:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Wed, 28-Dec-2022 05:04:32 GMT
content-type
application/json; charset=utf-8
access-control-allow-origin
https://ofleaksdaily.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
428
x-xss-protection
1; mode=block
expires
Wed, 28-Dec-2022 05:04:32 GMT

Redirect headers

pragma
no-cache
date
Wed, 28 Dec 2022 05:04:32 GMT
strict-transport-security
max-age=31536000
last-modified
Wed, 28-Dec-2022 05:04:32 GMT
location
/watch/73600747/1?wmode=7&page-url=https%3A%2F%2Fofleaksdaily.com%2Fserendipitoussav%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Awzrng0ylweo7u6lqi2r53%3Afp%3A898%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A943%3Acn%3A1%3Adp%3A0%3Als%3A732223765276%3Ahid%3A1048219040%3Az%3A0%3Ai%3A20221228050432%3Aet%3A1672203873%3Ac%3A1%3Arn%3A525871994%3Arqn%3A1%3Au%3A1672203873607562634%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A209%2C22%2C439%2C1%2C0%2C0%2C%2C216%2C269%2C%2C%2C%2C889%3Aco%3A0%3Acpf%3A1%3Ans%3A1672203871478%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1672203873%3At%3ASerendipitoussav%20Leaks&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
https://ofleaksdaily.com
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Wed, 28-Dec-2022 05:04:32 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9866.0wFw1ouXsD_VMOYl3IDVQD7gvg373xgPQ_QOoskol_xsAwRI-fDRfVXfU7dgaOnb.bDBjk9XXRuZFHWV61lntYrp8AlM%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9866.sjXgaR1cH4eA6aKb24EKd8dXFUVV1Da-H1lRyp9mpXVwIgCAn_JFPsL3sFVzqQmfE0NcnSQU9I_F7Zmv9dyDD-mJIINshaefmLQrJNLFCCk%2C.5N8-a1IJ_ap7jDqtc4...
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9866.sjXgaR1cH4eA6aKb24EKd8dXFUVV1Da-H1lRyp9mpXVwIgCAn_JFPsL3sFVzqQmfE0NcnSQU9I_F7Zmv9dyDD-mJIINshaefmLQrJNLFCCk%2C.5N8-a1IJ_ap7jDqtc42GP5Q6RuM%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ofleaksdaily.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 28 Dec 2022 05:04:33 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9866.sjXgaR1cH4eA6aKb24EKd8dXFUVV1Da-H1lRyp9mpXVwIgCAn_JFPsL3sFVzqQmfE0NcnSQU9I_F7Zmv9dyDD-mJIINshaefmLQrJNLFCCk%2C.5N8-a1IJ_ap7jDqtc42GP5Q6RuM%2C
date
Wed, 28 Dec 2022 05:04:33 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange function| ym object| thPop function| H5 function| T1NN function| K1NN number| K0uuuu function| j6gg function| r4 number| n51111 function| U6gg string| d9fb8792 function| l977 object| THPopunder object| thFPush function| _0x1850 function| _0x1ed1 function| docReady function| load_res object| Ya object| yaCounter73600747

10 Cookies

Domain/Path Name / Value
.ofleaksdaily.com/ Name: _ym_uid
Value: 1672203873607562634
.ofleaksdaily.com/ Name: _ym_d
Value: 1672203873
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 580537313fake
.ofleaksdaily.com/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 513262653fake
mc.yandex.com/ Name: yabs-sid
Value: 179944891672203872
.yandex.com/ Name: i
Value: x3vXJI9gFErIQ9i0uoR4BQSYjK47w7n5H588K5iUeefAOu6Mu50EUzX1gVaZvRZAFzblACL+4pGdwhicJVNz1LLLWRE=
.yandex.com/ Name: yandexuid
Value: 9088965171672203872
.yandex.com/ Name: yuidss
Value: 9088965171672203872
.yandex.com/ Name: ymex
Value: 1703739872.yc.1672203872#1703739872.yrts.1672203872#1703739872.yrtsi.1672203872

1 Console Messages

Source Level URL
Text
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9866.U1CKUCKP2QS5TA37T1J432XQlH5f0mPLUAWUVD57L02oBrhBhwoCc9odjHV5sM481A8F7DmbwGPYKRbfI4n75sM8rOiTIbp33o8NWnJyCjs%2C.93eV49ENIU3J1Xd9QSHwXCRb170%2C
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adsrv.rstrc.cc
cdn.ofleaksdaily.com
cdn1.traffichaus.com
cdn1ht.traffichaus.com
fonts.googleapis.com
fonts.gstatic.com
jscdn.rstrc.cc
mc.yandex.com
mc.yandex.ru
ofleaksdaily.com
syndication.traffichaus.com
2606:4700:3035::ac43:9863
2606:4700:3037::6815:b3e
2a00:1450:4001:829::2003
2a00:1450:400d:80d::200a
2a02:6b8::1:119
66.254.114.233
67.22.50.23
0ec070c74da230be5c7110306f1ab456d6999b7f0f1a67fcd3b3c5192a801600
16a1c9c1cd64a6210642bfb0cc8b57bc08324ec12613283632a08aca179a33f3
1ace07e0ea3b00071ccca06ebdec681a1d3a7be7e0afe1429f6bb197190e20ce
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
4f8cbc76c86f9c8d935b4d9e1788f9a72b3cfcc58cd5e3973f29f21e4c2903eb
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5742fb54fca9de868e8893158e02af36b77a7ded65aa4b6a77df63098011bb2d
704f0433ab8d8dc1f681f380aa39fe9f7d5bf458a6ff6f05e04e476566644c91
798cfc81d8b1a948d28eb494df7e28d12788a29900c85db6b11cce54b83f4bfd
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
8da72dacca3725d500bc789e5f506c76367804eecc46c4249ce0ff822d7a147e
91d422157364b735a29b2f2c60ddeffed81dcca01e6da995b5f14fc3c2438b45
9c9a062c2101544bc70cdce713ec6fdf0a982c25d50ebf58abc10a6e8ffc5aa7
a13df169f9d586213396daa2415e1e2ad1ea1b3a52905617b59796297d912531
a7ac0abe05569bb8a43fea3bf1707d7e0778867157e2b4fa69173446903e1c8c
a84c7cc39305302875b9bbc7a62ebe486241cce1e3a3ee3b9e4521e6acf90ad7
c04f6a82813ea5fa6838771f7d32c554812d2a45ad483fb0738df6a274f8f1a4
c68cd9b031c44589ca2b0d6d915679b194fec04ac3234f439fb0e7f2886ec494
d7bf874886f5a3e44a52f940b2f907a93552e02bdad3380d7a6362cb1fda6850
d997cb35984ffab45a5a6b3f2aaabe12f4ee737b4a78fe8a4bd57db371450b96
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb54a04589a411b65156cc76f870c1dea9a13f83732352e13e0165460236d72b
f93324da0993c5b28b6af505c7df2f31eabd0b31fac1c8237a81f3ba4c523a9a