urlscan.io logo urlscan.io
SecurityTrails logo

ofleaks.to Open in urlscan Pro
2a06:98c1:3120::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ofleaks.to/
Effective URL: https://ofleaks.to/en
Submission: On July 01 via api from US — Scanned from NL
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 12 IPs in 5 countries across 10 domains to perform 20 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is ofleaks.to.
TLS certificate: Issued by GTS CA 1P5 on May 20th 2024. Valid for: 3 months.
This is the only time ofleaks.to was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 2606:4700:10:... 13335 (CLOUDFLAR...)
2 104.17.24.14 13335 (CLOUDFLAR...)
2 162.19.58.160 16276 (OVH)
1 104.16.85.60 13335 (CLOUDFLAR...)
1 151.101.194.206 54113 (FASTLY)
1 2a01:4f8:121:... 24940 (HETZNER-AS)
3 188.114.97.3 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
6 104.18.29.104 13335 (CLOUDFLAR...)
20 12
2    2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)
ofleaks.to
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:10::6816:1490 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.tailwindcss.com
2    104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    162.19.58.160 (France)

ASN16276 (OVH, FR)
PTR: ns3096649.ip-162-19-58.eu
i.ibb.co
1    104.16.85.60 (None, )

ASN13335 (CLOUDFLARENET, US)
www.famousbirthdays.com
1    151.101.194.206 (San Francisco, United States)

ASN54113 (FASTLY, US)
i.ebayimg.com
1    2a01:4f8:121:4135::2 (Ehingen, Germany)

ASN24940 (HETZNER-AS, DE)
www.watson.de
3    188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)
ofleaks.to
1    2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
6    104.18.29.104 (None, )

ASN13335 (CLOUDFLARENET, US)
client.crisp.chat
Apex Domain
Subdomains		 Transfer
6 crisp.chat
client.crisp.chat — Cisco Umbrella Rank: 24919
118 KB
5 ofleaks.to
ofleaks.to
1 MB
2 ibb.co
i.ibb.co — Cisco Umbrella Rank: 10821
94 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 268
32 KB
2 tailwindcss.com
cdn.tailwindcss.com — Cisco Umbrella Rank: 32531
110 KB
1 gstatic.com
fonts.gstatic.com
46 KB
1 watson.de
www.watson.de — Cisco Umbrella Rank: 271363
788 KB
1 ebayimg.com
i.ebayimg.com — Cisco Umbrella Rank: 5878
67 KB
1 famousbirthdays.com
www.famousbirthdays.com — Cisco Umbrella Rank: 112182
17 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 83
1 KB
20 10
Domain Requested by
6 client.crisp.chat ofleaks.to
client.crisp.chat
5 ofleaks.to 1 redirects ofleaks.to
2 i.ibb.co ofleaks.to
2 cdnjs.cloudflare.com ofleaks.to
2 cdn.tailwindcss.com 1 redirects ofleaks.to
1 fonts.gstatic.com fonts.googleapis.com
1 www.watson.de ofleaks.to
1 i.ebayimg.com ofleaks.to
1 www.famousbirthdays.com ofleaks.to
1 fonts.googleapis.com ofleaks.to
20 10

This site contains links to these domains. Also see Links.

Domain
discord.celebroom.de
shop.celebroom.de
Subject Issuer Validity Valid
ofleaks.to
GTS CA 1P5		 2024-05-20 -
2024-08-18		 3 months crt.sh
upload.video.google.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
cdnjs.cloudflare.com
E1		 2024-06-02 -
2024-08-31		 3 months crt.sh
ibb.co
R10		 2024-06-21 -
2024-09-19		 3 months crt.sh
famousbirthdays.com
E6		 2024-06-13 -
2024-09-11		 3 months crt.sh
i.ebayimg.com
Sectigo RSA Organization Validation Secure Server CA		 2024-06-05 -
2025-06-05		 a year crt.sh
*.watson.de
Thawte TLS RSA CA G1		 2023-09-12 -
2024-09-16		 a year crt.sh
*.gstatic.com
WR2		 2024-06-13 -
2024-09-05		 3 months crt.sh
crisp.chat
E1		 2024-06-03 -
2024-09-01		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://ofleaks.to/en
Frame ID: 393CAF2270A4F4E9C51208477BA0EB17
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

OFLeaks.to - Info

Page URL History Show full URLs

  1. http://ofleaks.to/ HTTP 307
    https://ofleaks.to/ HTTP 302
    https://ofleaks.to/en Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

20
Requests

95 %
HTTPS

45 %
IPv6

10
Domains

10
Subdomains

12
IPs

5
Countries

2376 kB
Transfer

3342 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ofleaks.to/ HTTP 307
    https://ofleaks.to/ HTTP 302
    https://ofleaks.to/en Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://cdn.tailwindcss.com/ HTTP 302
  • https://cdn.tailwindcss.com/3.4.4

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request en
ofleaks.to/
Redirect Chain
  • http://ofleaks.to/
  • https://ofleaks.to/
  • https://ofleaks.to/en
52 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ofleaks.to/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48a126a695438958f11f93e68292a861e4cc88ef638cf326fcb67f604e63cc22

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c979b0ef95668c-AMS
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 21:26:36 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TpwxNPJeYDEjhVruDKz3ITo%2FE7H1UFqIVRzG0J507oB4uyO8vpc2RFoDCG%2B77VNHbBqlMRvl%2BW8RC9665oNGUx88%2FdHNfE%2BHWyAKXs3lZz%2BPZN8TMJjLsKItAOJqnp7XnNJoczC8KEmA"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
89c979af7e46668c-AMS
content-type
text/html; charset=UTF-8
date
Mon, 01 Jul 2024 21:26:36 GMT
location
https://ofleaks.to/en
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EeaOQRcQbcI0hUEj0cUE87nYhusAF5P0ymdz7MLQG2IYCF89p6%2FlJXHdtUbyQEYAWEtBXyVABF5drj4jrKv2Ivd97DpEzCoYrK9a5MwXrsq0RyN6Ml2%2FB9D7UhEZ7BOCiQJjYeNtw4%2Fd"}],"group":"cf-nel","max_age":604800}
server
cloudflare
css2
fonts.googleapis.com/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6b8a445dbddfb9b7c56ffd4f34b6ca628a0d2c85b6a8f4da1eda376694377c3c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

strict-transport-security
max-age=31536000
date
Mon, 01 Jul 2024 21:26:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 01 Jul 2024 21:02:28 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 01 Jul 2024 21:26:37 GMT
3.4.4
cdn.tailwindcss.com/
Redirect Chain
  • https://cdn.tailwindcss.com/
  • https://cdn.tailwindcss.com/3.4.4
357 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.tailwindcss.com/3.4.4
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H2
Server
2606:4700:10::6816:1490 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75d96c0d79b25aa220aa2af3a4c65a7833b0c3258512b7f69f2492a0dce50522
Security Headers
Name Value
Strict-Transport-Security max-age=63072000

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
https://ofleaks.to/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
content-encoding
br
strict-transport-security
max-age=63072000
last-modified
Wed, 05 Jun 2024 17:22:22 GMT
x-vercel-id
cle1::iad1::6nxnc-1717608142397-53c7ff60a8be
cf-cache-status
HIT
age
2261048
server
cloudflare
x-vercel-cache
MISS
vary
Accept-Encoding
content-type
text/javascript
cache-control
max-age=31536000
cf-ray
89c979b23eb20e7f-AMS

Redirect headers

date
Mon, 01 Jul 2024 21:26:37 GMT
strict-transport-security
max-age=63072000
cf-cache-status
HIT
x-vercel-id
cle1::iad1::z7gcx-1719868581032-6af10b9f2897
server
cloudflare
age
353
x-vercel-cache
MISS
vary
Accept-Encoding
location
/3.4.4
cache-control
max-age=14400
cf-ray
89c979b1fe070e7f-AMS
flowbite.min.css
cdnjs.cloudflare.com/ajax/libs/flowbite/2.3.0/ 		147 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flowbite/2.3.0/flowbite.min.css
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aba3a5ca3616a3a27234bab1ca61650746aab464db4c64a2cc22169c3fa0c899
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
12674
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
16708
last-modified
Wed, 14 Feb 2024 15:31:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65ccdcb4-4144"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xlhMvJx5NkJV%2F31Zh2Ue0%2BUt6qgVvW%2FQNqjQ2UZATRbztz%2FEFH52XnK2gWtZYGGfbDs9BPCjYVn5kFfUqbpOXPygJhGUQ1WwrKYPO28CNA1gWRz6jzn3XzEsfhfKrvRwiZ7QXHZm"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89c979b17ed966fa-AMS
expires
Sat, 21 Jun 2025 21:26:37 GMT
image.png
i.ibb.co/R0cfLHr/ 		94 KB
94 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/R0cfLHr/image.png
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096649.ip-162-19-58.eu
Software
nginx /
Resource Hash
957084468430bc8458029e7c5ddd4fa12bdba969fd08a2fa6b91b79c6b1f3d5f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
last-modified
Fri, 03 May 2024 11:15:44 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
96362
expires
Thu, 31 Dec 2037 23:55:55 GMT
mathilda-mkh-image.jpg
www.famousbirthdays.com/faces/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.famousbirthdays.com/faces/mathilda-mkh-image.jpg
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
104.16.85.60 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ebe470bfeefe3c219fb4a20b4b42023aba8c01fc2112dc82ef29cf25787bb95
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
age
2443969
cf-polished
degrade=85, origSize=28751, status=webp_bigger
content-length
17183
cf-bgj
imgq:85,h2pri
last-modified
Sun, 04 Jun 2023 13:11:04 GMT
server
cloudflare
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
89c979b1fe708b46-AMS
expires
Tue, 01 Jul 2025 21:26:37 GMT
s-l1600.jpg
i.ebayimg.com/images/g/Cn4AAOSwq9dkNiV2/ 		66 KB
67 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ebayimg.com/images/g/Cn4AAOSwq9dkNiV2/s-l1600.jpg
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.206 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
9c48776832dffd52d48604ddfd529726025e8809295f532e0966bfcb77d45967
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
strict-transport-security
max-age=31557600
last-modified
Tue, 11 Apr 2023 15:28:54 GMT
x-cdn
Fastly
x-ebay-pop-id
UFES2-AMS-zoe-anycast
age
5652574
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public,max-age=31536000,immutable
x-envoy-upstream-service-time
42
rlogid
t6q4%7Cjfaofpse%3D9vjdq4%7Cjfaofpse*hnek%3A%28rbpv6775-18f1f45de0f-0x148
x-ebay-c-version
1.0.0
accept-ranges
bytes
content-length
67802
expires
Sun, 27 Apr 2025 11:17:03 GMT
1741431296241491
www.watson.de/imgdb/1135/Qx,A,0,0,604,522,251,217,100,87/ 		787 KB
788 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.watson.de/imgdb/1135/Qx,A,0,0,604,522,251,217,100,87/1741431296241491
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4f8:121:4135::2 Ehingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
/
Resource Hash
d3638a39e45a29a4cd4aae961d29eba7e6b5afe04664f8790eefde99f4596815

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 14:34:50 GMT
via
1.1 varnish (Varnish/7.0)
x-backend
127.0.0.1
age
24706
x-cache
HIT
x-url
/imgdb/1135/Qx,A,0,0,604,522,251,217,100,87/1741431296241491
x-host
www.watson.de
x-region
de
alt-svc
h3=":443";ma=900;
content-length
806327
x-varnish-host
de-hzn1-fre3-neu.watson.de
content-type
image/png
x-varnish
961465155 949696877
cache-control
public, max-age=86400
accept-ranges
bytes
x-cache-hits
13
prev1.jpg
ofleaks.to/ 		547 KB
548 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofleaks.to/prev1.jpg
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa34cc22dc95b1b184e9f93fbdf40aa8a61d5635bca549e76b255e28b7982612

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/en
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
cf-cache-status
MISS
last-modified
Mon, 06 May 2024 08:23:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"6638937f-88d08"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8voCuFx8IQc%2FfAwDcgjnSksolxf9hpaozmsSHD5jH4LkjVFhGUmA7xw%2BaCcuYvrZwYluDWKGlEe8dKlBRtMPCWUotcvqrJITWVc1wILPJuCH9K7ga%2BpA6qq7%2FhB0"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c979b32f0f6727-AMS
alt-svc
h3=":443"; ma=86400
content-length
560392
prev2.jpg
ofleaks.to/ 		538 KB
539 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ofleaks.to/prev2.jpg
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0e95c2017fac7bb50bd2a7aaef473ae0283d1d1fd2175b4a7754503f47bc0d

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/en
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
cf-cache-status
HIT
last-modified
Mon, 06 May 2024 08:25:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
6253
etag
"663893ed-868c7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FzvWI3kUzfn5iBKWz4YQQvOvs4ALc0fTajUHE5Md%2Bws5Jf8mjNC%2FW%2BM6NtLhEbV6Ef8qd59SmxZsjfEWsNyF5nmqgeSVrMc967oq8SDoQBYBYmZRkSyXIWiroytc"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
89c979b33f476727-AMS
alt-svc
h3=":443"; ma=86400
content-length
551111
flowbite.min.js
cdnjs.cloudflare.com/ajax/libs/flowbite/2.3.0/ 		82 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/flowbite/2.3.0/flowbite.min.js
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d2a1a72a4c2399e43c01412b86b9957c4df1845f2e0586607c7e55b9ae949cf8
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
14368
last-modified
Wed, 14 Feb 2024 15:31:00 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"65ccdcb4-3820"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gdFKEvOIKbVjRhghpKn2%2FJ8dmwH1MYY3pLLeWdL6BGrZgagkFHSXSxmEakeFJSUqBBJZdzQftjWFp2D%2FdEQ4HqByQ%2BRQNxrVq4hseCfuqRy5he7x3g4%2Beie6FkgR6FsizlWJWUWX"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
89c979b338f366fa-AMS
expires
Sat, 21 Jun 2025 21:26:37 GMT
UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100..900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://fonts.googleapis.com/
Origin
https://ofleaks.to
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Fri, 28 Jun 2024 01:18:40 GMT
x-content-type-options
nosniff
age
331677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
46704
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:49:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 28 Jun 2025 01:18:40 GMT
truncated
/ 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
36a5c943181aea7036ea0a66360d74ce8543ca4d8b8abad3d32c5f994656f77e

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
be0a5afaacdd033cda05db9517096e8b62862c22d0992161caea7b4430025e32

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		3 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c6cf19e3b19dc28fff3d11b03dd398b2d6054e213c36e24898395caf0c2a326

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/png
image.png
i.ibb.co/R0cfLHr/ 		94 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ibb.co/R0cfLHr/image.png
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.58.160 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3096649.ip-162-19-58.eu
Software
nginx /
Resource Hash
957084468430bc8458029e7c5ddd4fa12bdba969fd08a2fa6b91b79c6b1f3d5f

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:37 GMT
last-modified
Fri, 03 May 2024 11:15:44 GMT
server
nginx
access-control-allow-methods
GET, OPTIONS
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=315360000, public
accept-ranges
bytes
content-length
96362
expires
Thu, 31 Dec 2037 23:55:55 GMT
l.js
client.crisp.chat/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/l.js
Requested by
Host: ofleaks.to
URL: https://ofleaks.to/en
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b72d68cb06863ceee0eb62affcb5194a584e498af21369fb40129fe0288dc49d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
40726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-2195"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
89c979b80d37d0c9-AMS
access-control-allow-headers
Content-Type, Origin
expires
Tue, 02 Jul 2024 21:26:38 GMT
client.js
client.crisp.chat/static/javascripts/ 		369 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/client.js?4a73d8a
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f64b2e24ad25bcbb3a35a4c2897e593a11bbe9e56dae7f5438698d28986e5e48
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
40726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 24 Aug 2023 11:12:52 GMT
server
cloudflare
etag
W/"64e73b34-5c22c"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
89c979b84d87d0c9-AMS
access-control-allow-headers
Content-Type, Origin
expires
Thu, 29 Jun 2034 21:26:38 GMT
client_default.css
client.crisp.chat/static/stylesheets/ 		113 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/stylesheets/client_default.css?4a73d8a
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/l.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a46e52d6aa01f0604184c200f41d00de9555070dd9e0d0a17af751758505141b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
40724
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 27 Jun 2024 10:06:43 GMT
server
cloudflare
etag
W/"667d39b3-1c503"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
89c979b84d89d0c9-AMS
access-control-allow-headers
Content-Type, Origin
expires
Thu, 29 Jun 2034 21:26:38 GMT
favicon.ico
ofleaks.to/ 		1 KB
816 B 		Other
General
Check archive.org
Download Go to
Full URL
https://ofleaks.to/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bb2f45c5ad4ed03bef49c6e2aac48a2586bc4e01e5d67d79ddec2f714c5bea1

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/en
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:38 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 02 Jun 2023 15:30:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1895
etag
W/"647a0b0e-47e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gN%2Bmo3oP%2F2GeNsbnUw85kk3cHrv54sFK%2By59VBlr6psyrubs9shXAwwX6BMAT324MpRgLvORbB05I14EnBu5HtRkKlnG9EGd%2Bj65G%2Bw%2BsZiqChNO8u47XoSdSfKz"}],"group":"cf-nel","max_age":604800}
content-type
image/vnd.microsoft.icon
cache-control
max-age=14400
cf-ray
89c979b94c2f6727-AMS
alt-svc
h3=":443"; ma=86400
/
client.crisp.chat/settings/website/825833ad-e266-484d-8bc3-8d2ce77e020c/prelude/ 		222 B
511 B 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/825833ad-e266-484d-8bc3-8d2ce77e020c/prelude/?callback=window.%24__CRISP_INSTANCE.__spool.website_prelude_handler&2024-6-1-23-26
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4a73d8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
55d648a752f6d91a214a242c603755c0136882ffc09e7371e1b909b70970c2db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
MISS
content-encoding
br
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 01 Jul 2024 21:26:38 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
89c979b9ef8ad0c9-AMS
access-control-allow-headers
Content-Type, Origin
expires
Tue, 02 Jul 2024 01:26:38 GMT
/
client.crisp.chat/settings/website/825833ad-e266-484d-8bc3-8d2ce77e020c/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/settings/website/825833ad-e266-484d-8bc3-8d2ce77e020c/?callback=window.%24__CRISP_INSTANCE.__spool.website_settings_handler&1707695803487
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4a73d8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a4bc1abcc5f352f0bea358bfee9e150af68e8d72f7d8af48d0e6fe72de6bfa0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
2092
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 01 Jul 2024 20:51:46 GMT
server
cloudflare
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=14400
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
89c979bbda12d0c9-AMS
access-control-allow-headers
Content-Type, Origin
expires
Tue, 02 Jul 2024 01:26:38 GMT
en.js
client.crisp.chat/static/javascripts/locales/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.crisp.chat/static/javascripts/locales/en.js?4a73d8a
Requested by
Host: client.crisp.chat
URL: https://client.crisp.chat/static/javascripts/client.js?4a73d8a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.29.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa73579940d328bd40a632006eb9d544aa4ddd5b6cd896871c137cd7ee117225
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

sec-ch-ua
"Google Chrome";v="126", "Not:A-Brand";v="8", "Chromium";v="126"
Referer
https://ofleaks.to/
Accept-Language
nl-NL,nl;q=0.9;q=0.9
sec-ch-ua-mobile
?0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
sec-ch-ua-platform
"Win32"

Response headers

date
Mon, 01 Jul 2024 21:26:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
age
40726
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 21 Jun 2024 15:02:29 GMT
server
cloudflare
etag
W/"66759605-250e"
access-control-max-age
300
access-control-allow-methods
HEAD, GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=315360000
access-control-allow-credentials
false
vary
Accept-Encoding
cf-ray
89c979bc0a54d0c9-AMS
access-control-allow-headers
Content-Type, Origin
expires
Thu, 29 Jun 2034 21:26:38 GMT
truncated
/ 		881 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd

Request headers

Accept-Language
nl-NL,nl;q=0.9;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36

Response headers

Content-Type
image/svg+xml

Verdicts & Comments Add Verdict or Comment

47 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

undefined| event object| fence object| sharedStorage object| tailwind string| /template.html function| updateRandomNumber string| subHeaderEnglish string| subHeaderGerman number| speed boolean| isEnglish function| typeSubHeader function| eraseAndType object| FlowbiteInstances function| Accordion function| initAccordions function| Carousel function| initCarousels function| Collapse function| initCollapses function| Dial function| initDials function| Dismiss function| initDismisses function| Drawer function| initDrawers function| Dropdown function| initDropdowns function| Modal function| initModals function| Popover function| initPopovers function| Tabs function| initTabs function| Tooltip function| initTooltips function| InputCounter function| initInputCounters function| CopyClipboard function| initClipboards function| initFlowbite object| Flowbite object| $crisp string| CRISP_WEBSITE_ID object| d object| s boolean| $__CRISP_INCLUDED object| $__CRISP_INSTANCE

1 Cookies

Domain/Path Name / Value
.ofleaks.to/ Name: crisp-client%2Fsession%2F825833ad-e266-484d-8bc3-8d2ce77e020c
Value: session_db5acfa3-0d65-4a89-ad79-fe06ad039db8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.tailwindcss.com
cdnjs.cloudflare.com
client.crisp.chat
fonts.googleapis.com
fonts.gstatic.com
i.ebayimg.com
i.ibb.co
ofleaks.to
www.famousbirthdays.com
www.watson.de
104.16.85.60
104.17.24.14
104.18.29.104
151.101.194.206
162.19.58.160
188.114.97.3
2606:4700:10::6816:1490
2a00:1450:4001:800::200a
2a00:1450:4001:80e::2003
2a01:4f8:121:4135::2
2a06:98c1:3120::3
0bb2f45c5ad4ed03bef49c6e2aac48a2586bc4e01e5d67d79ddec2f714c5bea1
1a4bc1abcc5f352f0bea358bfee9e150af68e8d72f7d8af48d0e6fe72de6bfa0
2c0e95c2017fac7bb50bd2a7aaef473ae0283d1d1fd2175b4a7754503f47bc0d
36a5c943181aea7036ea0a66360d74ce8543ca4d8b8abad3d32c5f994656f77e
48a126a695438958f11f93e68292a861e4cc88ef638cf326fcb67f604e63cc22
4c6cf19e3b19dc28fff3d11b03dd398b2d6054e213c36e24898395caf0c2a326
55d648a752f6d91a214a242c603755c0136882ffc09e7371e1b909b70970c2db
6b8a445dbddfb9b7c56ffd4f34b6ca628a0d2c85b6a8f4da1eda376694377c3c
75d96c0d79b25aa220aa2af3a4c65a7833b0c3258512b7f69f2492a0dce50522
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
957084468430bc8458029e7c5ddd4fa12bdba969fd08a2fa6b91b79c6b1f3d5f
9c48776832dffd52d48604ddfd529726025e8809295f532e0966bfcb77d45967
9c8faba32cf813d34a373a7528d2446d0f2b061f8dd6900391af20ac718f69bd
9ebe470bfeefe3c219fb4a20b4b42023aba8c01fc2112dc82ef29cf25787bb95
a46e52d6aa01f0604184c200f41d00de9555070dd9e0d0a17af751758505141b
aa34cc22dc95b1b184e9f93fbdf40aa8a61d5635bca549e76b255e28b7982612
aba3a5ca3616a3a27234bab1ca61650746aab464db4c64a2cc22169c3fa0c899
b72d68cb06863ceee0eb62affcb5194a584e498af21369fb40129fe0288dc49d
be0a5afaacdd033cda05db9517096e8b62862c22d0992161caea7b4430025e32
d2a1a72a4c2399e43c01412b86b9957c4df1845f2e0586607c7e55b9ae949cf8
d3638a39e45a29a4cd4aae961d29eba7e6b5afe04664f8790eefde99f4596815
f64b2e24ad25bcbb3a35a4c2897e593a11bbe9e56dae7f5438698d28986e5e48
fa73579940d328bd40a632006eb9d544aa4ddd5b6cd896871c137cd7ee117225