Submitted URL: https://wleak.click/marvelcharm-sarah
Effective URL: https://uhland24.de/?u=vzvp60p&o=de3k5hp&cid=37-681-20240527175957cbe7eaa59&t=895
Submission: On May 27 via manual from CR — Scanned from NL

Summary

This website contacted 4 IPs in 2 countries across 7 domains to perform 19 HTTP transactions. The main IP is 185.155.184.38, located in and belongs to . The main domain is uhland24.de.
TLS certificate: Issued by R3 on May 4th 2024. Valid for: 3 months.
This is the only time uhland24.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 6 172.67.181.106 13335 (CLOUDFLAR...)
1 1 188.114.97.3 13335 (CLOUDFLAR...)
2 2 172.67.147.18 ()
1 1 172.67.166.40 ()
1 185.155.184.38 ()
19 4
Domain Requested by
5 matomo.w1eak.click wleak.click
matomo.w1eak.click
2 ltsgondpvrylng.life 2 redirects
2 wleak.click
1 uhland24.de uhland24.de
1 pelikan-hauskrankenpflege.de 1 redirects
1 tx.tbond.shop 1 redirects
1 7w6h.w1eak.click 1 redirects
0 fonts.googleapis.com Failed uhland24.de
19 8

This site contains no links.

Subject Issuer Validity Valid
wleak.click
E1
2024-05-19 -
2024-08-17
3 months crt.sh
w1eak.click
GTS CA 1P5
2024-05-19 -
2024-08-17
3 months crt.sh
uhland24.de
R3
2024-05-04 -
2024-08-02
3 months crt.sh

This page contains 1 frames:

Primary Page: https://uhland24.de/?u=vzvp60p&o=de3k5hp&cid=37-681-20240527175957cbe7eaa59&t=895
Frame ID: A71EEE0F29D20F46AB73CBC151281C43
Requests: 19 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://wleak.click/marvelcharm-sarah Page URL
  2. https://7w6h.w1eak.click/leak-id-cmY2U2dsVDdIUXhwTHNvQklrSnV1YjJoNGxtd0ptd3FiMjF6Si9jL0lldWtYeHN4Zzlj... HTTP 302
    https://tx.tbond.shop/x5hwd HTTP 302
    https://ltsgondpvrylng.life/?s=157&t1=895&t2=&t4=gg HTTP 302
    https://ltsgondpvrylng.life/?s=157&t1=895&t2=&t4=gg&bc_r=1716822004 HTTP 302
    https://pelikan-hauskrankenpflege.de/dating?extra_param_1=677531d55242d30cfd9e29ead752b9e574977eca&sub_id_1=895 HTTP 302
    https://uhland24.de/?u=vzvp60p&o=de3k5hp&cid=37-681-20240527175957cbe7eaa59&t=895 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

19
Requests

42 %
HTTPS

17 %
IPv6

7
Domains

8
Subdomains

4
IPs

2
Countries

26 kB
Transfer

72 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://wleak.click/marvelcharm-sarah Page URL
  2. https://7w6h.w1eak.click/leak-id-cmY2U2dsVDdIUXhwTHNvQklrSnV1YjJoNGxtd0ptd3FiMjF6Si9jL0lldWtYeHN4ZzljMzQ5bFlmMWozYXFSR3U1aUNWNEMvZ3NrQTFrODNuQS9CTVE9PQ== HTTP 302
    https://tx.tbond.shop/x5hwd HTTP 302
    https://ltsgondpvrylng.life/?s=157&t1=895&t2=&t4=gg HTTP 302
    https://ltsgondpvrylng.life/?s=157&t1=895&t2=&t4=gg&bc_r=1716822004 HTTP 302
    https://pelikan-hauskrankenpflege.de/dating?extra_param_1=677531d55242d30cfd9e29ead752b9e574977eca&sub_id_1=895 HTTP 302
    https://uhland24.de/?u=vzvp60p&o=de3k5hp&cid=37-681-20240527175957cbe7eaa59&t=895 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
marvelcharm-sarah
wleak.click/
1 KB
1 KB
Document
General
Full URL
https://wleak.click/marvelcharm-sarah
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a88062e7a1c60debceda2ac810ac43cfe71da9b676e3daab83a4a174066849c7

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
88a6df182cd48ef5-FRA
content-encoding
br
content-type
text/html; charset=utf-8
date
Mon, 27 May 2024 14:59:54 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xJ%2BJXrkN%2B%2FQGb7ODWl4qzcCC91XdiGk5n%2Fmi3cOp%2BKEJRzUBnxS57Mim82x4mGmaDhNNZWe5hZ6X5cUpL89AAAFc3Moe1dqJkqWqPYfI8gxNzmBRjpwhVAHysrqg82dEAg11yJmUnZGh0g%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
piwik.js
matomo.w1eak.click/
64 KB
22 KB
Script
General
Full URL
https://matomo.w1eak.click/piwik.js
Requested by
Host: wleak.click
URL: https://wleak.click/marvelcharm-sarah
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wleak.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 14:59:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 08 Jul 2023 19:37:26 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
494001
etag
W/"64a9baf6-10132"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TMWP9qqpQA7N8So78c9MoQTUZw0K7yq0cNeIgaGGpa%2BJ7%2F8%2B%2BCsDc0lrBgrD0IkMZVD2KsLmYhe5vVMD0L8VHkOjlgLRFOZzfOghrdFxbCk74nOBSKapZUhmLf9r3ZPmvpcWvq4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
88a6df18fe7e4dca-FRA
alt-svc
h3=":443"; ma=86400
expires
Thu, 31 Dec 2037 23:55:55 GMT
piwik.php
matomo.w1eak.click/
0
430 B
Ping
General
Full URL
https://matomo.w1eak.click/piwik.php?action_name=marvelcharm%20sarah&idsite=985&rec=1&r=490673&h=16&m=59&s=54&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=973ebc99e2856ed2&_idn=1&send_image=0&_refts=1716821994&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=DP6Kje&pf_net=3111&pf_srv=101&pf_tfr=1&pf_dm1=11&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.w1eak.click
URL: https://matomo.w1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://wleak.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 27 May 2024 14:59:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qpkD%2B8ltb61UdjOnKBECDGljQq5VJTYZno7sz5nVGF9Otx%2BD5XkPpNfFWDgSkIAZjev5TQD2dlgNMqkxp%2Bvsk%2ByyIt%2BaALfEDwRW7pgPzZnXBMLUpc%2B1qUazEtfOEDpdPWAf%2F6U%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://wleak.click
access-control-allow-credentials
true
cf-ray
88a6df197f2e4dca-FRA
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.w1eak.click/
0
423 B
Ping
General
Full URL
https://matomo.w1eak.click/piwik.php?action_name=marvelcharm%20sarah&idsite=1&rec=1&r=137011&h=16&m=59&s=54&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=6df95901b41516ac&_idn=1&send_image=0&_refts=1716821994&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=bN6qHM&pf_net=3111&pf_srv=101&pf_tfr=1&pf_dm1=11&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.w1eak.click
URL: https://matomo.w1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://wleak.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 27 May 2024 14:59:54 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H%2BkEzUf83Ou8dCiMPC26IpyHYj2ihpBe%2FX56TEkGUK6aFNlszWm0pLx0Htu4B8ASzKCek9eyU8VP%2F9hzcmoivDMLlUAhh%2B89WW216GGcUHLwKjJeYeH9GIgkhoNaobJHZNW9lTw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://wleak.click
access-control-allow-credentials
true
cf-ray
88a6df197f304dca-FRA
alt-svc
h3=":443"; ma=86400
favicon.ico
wleak.click/
1 KB
1004 B
Other
General
Full URL
https://wleak.click/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1316f531a09d9f711058a269df5d385a104beaa3653711d70515811486ad85f

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer
https://wleak.click/marvelcharm-sarah
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 27 May 2024 14:59:54 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 27 May 2024 14:05:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
3285
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=D02VUKAbtkv0EJiRK0AKy5ZycFDrmq%2FDvng2UADexXEnNm9fk%2Fu9fTP0skA20Cxaw4cypMTeW0MozUOO3A1ot7vkgu4t8FZXzqRHX64FObynrcu9%2FsXvBTssJZZPMa1kOXSeWl3NR8Omsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
cache-control
max-age=14400
cf-ray
88a6df197ee68ef5-FRA
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.w1eak.click/
0
420 B
Ping
General
Full URL
https://matomo.w1eak.click/piwik.php?idgoal=1&idsite=985&rec=1&r=453806&h=16&m=59&s=54&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=973ebc99e2856ed2&_idn=0&send_image=0&_refts=1716821994&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=DP6Kje&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.w1eak.click
URL: https://matomo.w1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://wleak.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 27 May 2024 14:59:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=3ArHWe3CM59i6jOGeRVDxv6zL56gzCzk7Pb%2BNpEA0Pd96FTJ5kycLZ2dms14wrhbki65lSko6QXchLIceu3tQnPogtjXLSUw5HJqo%2FZ5T0oN8Qnio47EXZqWD0yDg4b3uzjS7Jg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://wleak.click
access-control-allow-credentials
true
cf-ray
88a6df1e7e8d4dca-FRA
alt-svc
h3=":443"; ma=86400
piwik.php
matomo.w1eak.click/
410 B
844 B
Ping
General
Full URL
https://matomo.w1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=771259&h=16&m=59&s=54&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=6df95901b41516ac&_idn=0&send_image=0&_refts=1716821994&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=bN6qHM&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Requested by
Host: matomo.w1eak.click
URL: https://matomo.w1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.67.181.106 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform
"Win32"
Referer
https://wleak.click/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8

Response headers

date
Mon, 27 May 2024 14:59:55 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Pjuffoo2U1PGP9trBclNb94zXrvg0NEstvHCcmdLtgHRahCTZ%2F5GM%2BPTbvm%2BgYzPwbjqYHdAKVQPrV3%2F4R7jKLYo%2B4DUe%2BxvLTbmbFBv3RAgk0kyp%2FRHiAF3xhHMxXB%2B8udE3pg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://wleak.click
access-control-allow-credentials
true
cf-ray
88a6df1e7e914dca-FRA
alt-svc
h3=":443"; ma=86400
Primary Request /
uhland24.de/
Redirect Chain
  • https://7w6h.w1eak.click/leak-id-cmY2U2dsVDdIUXhwTHNvQklrSnV1YjJoNGxtd0ptd3FiMjF6Si9jL0lldWtYeHN4ZzljMzQ5bFlmMWozYXFSR3U1aUNWNEMvZ3NrQTFrODNuQS9CTVE9PQ==
  • https://tx.tbond.shop/x5hwd
  • https://ltsgondpvrylng.life/?s=157&t1=895&t2=&t4=gg
  • https://ltsgondpvrylng.life/?s=157&t1=895&t2=&t4=gg&bc_r=1716822004
  • https://pelikan-hauskrankenpflege.de/dating?extra_param_1=677531d55242d30cfd9e29ead752b9e574977eca&sub_id_1=895
  • https://uhland24.de/?u=vzvp60p&o=de3k5hp&cid=37-681-20240527175957cbe7eaa59&t=895
5 KB
0
Document
General
Full URL
https://uhland24.de/?u=vzvp60p&o=de3k5hp&cid=37-681-20240527175957cbe7eaa59&t=895
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, CHACHA20_POLY1305
Server
185.155.184.38 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://wleak.click/marvelcharm-sarah
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua
"Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile
?0
sec-ch-ua-platform
"Win32"

Response headers

Cache-Control
no-transform
Connection
keep-alive
Content-Length
4770
Content-Type
text/html
Date
Mon, 27 May 2024 15:00:04 GMT
Server
nginx
cache-control
private

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
max-age=0
cf-cache-status
DYNAMIC
cf-ray
88a6df58cd829199-FRA
content-type
text/html; charset=utf-8
date
Mon, 27 May 2024 15:00:04 GMT
expires
Thu, 21 Jul 1977 07:30:00 GMT
last-modified
Mon, 27 May 2024 15:00:04 GMT
location
https://uhland24.de/?u=vzvp60p&o=de3k5hp&cid=37-681-20240527175957cbe7eaa59&t=895
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BJY%2Bs%2F5dI%2FBF%2FMoUUAL3CrpCSbboJiw1atiJkPaFM%2Bx0Kde%2FagXsafgoAcjGa5naiFVkmZOKWRTQt%2FKvMHVdODgoybdOLkS3MaTfZCtEFxHlc75SJsWqzAcqwvGgNZMACl7B8sosmQaWCbsQ30P2"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css
fonts.googleapis.com/
0
0

style.css
uhland24.de/media/dating/dirtysinder/css/
0
0

flag-icon.css
uhland24.de/util/flag-icon/css/
0
0

js.cookie.js
uhland24.de/cookie/
0
0

utils.js
uhland24.de/util/
0
0

logo-loveme_black1.svg
uhland24.de/media/dating/dirtysinder/images/
0
0

jquery-2.2.4.min.js
uhland24.de/media/dating/dirtysinder/js/
0
0

trls.js
uhland24.de/media/dating/dirtysinder/js/
0
0

main.js
uhland24.de/media/dating/dirtysinder/js/
0
0

bb.js
uhland24.de/media/
0
0

exit1.js
uhland24.de/media/exit-new/
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Monoton|Raleway:400,700|Roboto:300,700
Domain
uhland24.de
URL
https://uhland24.de/media/dating/dirtysinder/css/style.css
Domain
uhland24.de
URL
https://uhland24.de/util/flag-icon/css/flag-icon.css
Domain
uhland24.de
URL
https://uhland24.de/cookie/js.cookie.js
Domain
uhland24.de
URL
https://uhland24.de/util/utils.js
Domain
uhland24.de
URL
https://uhland24.de/media/dating/dirtysinder/images/logo-loveme_black1.svg
Domain
uhland24.de
URL
https://uhland24.de/media/dating/dirtysinder/js/jquery-2.2.4.min.js
Domain
uhland24.de
URL
https://uhland24.de/media/dating/dirtysinder/js/trls.js
Domain
uhland24.de
URL
https://uhland24.de/media/dating/dirtysinder/js/main.js
Domain
uhland24.de
URL
https://uhland24.de/media/bb.js
Domain
uhland24.de
URL
https://uhland24.de/media/exit-new/exit1.js

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Domain/Path Name / Value
wleak.click/ Name: _pk_ref.985.5a59
Value: %5B%22%22%2C%22%22%2C1716821994%2C%22https%3A%2F%2Fgroups.google.com%2F%22%5D
wleak.click/ Name: _pk_id.985.5a59
Value: 973ebc99e2856ed2.1716821994.
wleak.click/ Name: _pk_ses.985.5a59
Value: 1
wleak.click/ Name: _pk_ref.1.5a59
Value: %5B%22%22%2C%22%22%2C1716821994%2C%22https%3A%2F%2Fgroups.google.com%2F%22%5D
wleak.click/ Name: _pk_id.1.5a59
Value: 6df95901b41516ac.1716821994.
wleak.click/ Name: _pk_ses.1.5a59
Value: 1

1 Console Messages

Source Level URL
Text
network error URL: https://matomo.w1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=771259&h=16&m=59&s=54&url=https%3A%2F%2Fgroups.google.com%2F&urlref=https%3A%2F%2Fgroups.google.com%2F&_id=6df95901b41516ac&_idn=0&send_image=0&_refts=1716821994&_ref=https%3A%2F%2Fgroups.google.com%2F&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=bN6qHM&uadata=%7B%22fullVersionList%22%3A%5B%7B%22brand%22%3A%22Google%20Chrome%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Chromium%22%2C%22version%22%3A%22125.0.6422.112%22%7D%2C%7B%22brand%22%3A%22Not.A%2FBrand%22%2C%22version%22%3A%2224.0.0.0%22%7D%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22Win32%22%2C%22platformVersion%22%3A%2210.0.0%22%7D
Message:
Failed to load resource: the server responded with a status of 400 ()