urlscan.io logo urlscan.io
SecurityTrails logo

dihaurefuidkuilopsee.life Open in urlscan Pro
2606:4700:3030::6815:2001  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://swq.tfaleak.click/
Effective URL: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
Submission: On December 15 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 5 IPs in 1 countries across 4 domains to perform 17 HTTP transactions. The main IP is 2606:4700:3030::6815:2001, located in United States and belongs to CLOUDFLARENET, US. The main domain is dihaurefuidkuilopsee.life.
TLS certificate: Issued by WE1 on December 1st 2024. Valid for: 3 months.
This is the only time dihaurefuidkuilopsee.life was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 2606:4700:303... 13335 (CLOUDFLAR...)
5 2606:4700:303... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
6 2606:4700:303... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
17 5
2    2606:4700:3031::6815:34e7 (United States)

ASN13335 (CLOUDFLARENET, US)
swq.tfaleak.click
5    2606:4700:3033::6815:2649 (United States)

ASN13335 (CLOUDFLARENET, US)
matomo.tfa1eak.click
1    2606:4700:3036::ac43:dbd8 (United States)

ASN13335 (CLOUDFLARENET, US)
7auj.tfa1eak.click
6    2606:4700:3030::6815:2001 (United States)

ASN13335 (CLOUDFLARENET, US)
dihaurefuidkuilopsee.life
2    2606:4700::6812:5e29 (United States)

ASN13335 (CLOUDFLARENET, US)
challenges.cloudflare.com
Domain Requested by
6 dihaurefuidkuilopsee.life dihaurefuidkuilopsee.life
5 matomo.tfa1eak.click swq.tfaleak.click
matomo.tfa1eak.click
2 challenges.cloudflare.com dihaurefuidkuilopsee.life
challenges.cloudflare.com
2 swq.tfaleak.click
1 7auj.tfa1eak.click 1 redirects
17 5

This site contains links to these domains. Also see Links.

Domain
www.cloudflare.com
Subject Issuer Validity Valid
tfaleak.click
WE1		 2024-12-12 -
2025-03-12		 3 months crt.sh
tfa1eak.click
WE1		 2024-12-12 -
2025-03-12		 3 months crt.sh
dihaurefuidkuilopsee.life
WE1		 2024-12-01 -
2025-03-01		 3 months crt.sh
challenges.cloudflare.com
WE1		 2024-11-03 -
2025-02-01		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
Frame ID: 83B64667FA30748D99E86535C574EFCF
Requests: 14 HTTP requests in this frame

Frame: https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/8aqhd/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Frame ID: 10A31C5897A25429C00260DAA2CBF6AC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Just a moment...

Page URL History Show full URLs

  1. https://swq.tfaleak.click/ Page URL
  2. https://7auj.tfa1eak.click/leak-id-anVUQTE1bVhRVzJjQjVZU0VuTGpmVGF2dUk5MDNkYjFDQzlqczkzOS9Jd05sbzlSdFN5... HTTP 302
    https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • piwik\.js|piwik\.php

Page Statistics

17
Requests

88 %
HTTPS

100 %
IPv6

4
Domains

5
Subdomains

5
IPs

1
Countries

117 kB
Transfer

252 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://swq.tfaleak.click/ Page URL
  2. https://7auj.tfa1eak.click/leak-id-anVUQTE1bVhRVzJjQjVZU0VuTGpmVGF2dUk5MDNkYjFDQzlqczkzOS9Jd05sbzlSdFN5NmVsendxU1lOTnc2Mg== HTTP 302
    https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
swq.tfaleak.click/ 		1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://swq.tfaleak.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bfc1756d95184cfab1ba516633c11dde9d979c1fd515859d774ac6999a139a80

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f23f61c1ed5f78d-EWR
content-encoding
zstd
content-type
text/html; charset=utf-8
date
Sun, 15 Dec 2024 05:16:24 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=YnH3gnj0czpAyUt6I2adHal758Ho%2FgCFmuC1pWhJDLReq26hdlOSUH5FU7tPepoO%2Fh3vZSUri5%2FbSSnNGQ%2BNkApfUlnC053ZdA%2FHH6P1miX9zoej9bHcjkvTZCq3EGYgfo5U6RhHXpAZcbDo5l8jzA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=7833&min_rtt=7389&rtt_var=1566&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4178&recv_bytes=4426&delivery_rate=861&cwnd=12000&unsent_bytes=0&cid=f93186a818e96ce5&ts=203&x=1" cfExtPri cfHdrFlush;dur=0
piwik.js
matomo.tfa1eak.click/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://matomo.tfa1eak.click/piwik.js
Requested by
Host: swq.tfaleak.click
URL: https://swq.tfaleak.click/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7fc375178c93a2fc15fd888e30170eedf4ef3d04497e7f951ab7bfe0c921693

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swq.tfaleak.click/

Response headers

content-encoding
zstd
cf-cache-status
HIT
etag
W/"64a9baf6-10132"
age
23886433
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M%2BhBujqhbr76ypM0yCJrITIQW9HgSrZ9kcdPYZ6A%2FnVmJ6OGBoanQDa%2B17Z%2BEYnrxuuCX7BYG7cZ8%2BZWuFAlLEG6uCmd8vBiFps6QesMZEqigqw1EhXuI%2F5ZpBGub6%2BuEpTmZQhiLyf4vqAh2yZc2nA%2BjQ%3D%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 31 Dec 2037 23:55:55 GMT
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8097&min_rtt=7919&rtt_var=1806&sent=12&recv=9&lost=0&retrans=0&sent_bytes=4163&recv_bytes=4261&delivery_rate=73486&cwnd=12000&unsent_bytes=0&cid=8154e65316f67db6&ts=30&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 05:16:24 GMT
content-type
application/javascript
last-modified
Sat, 08 Jul 2023 19:37:26 GMT
vary
Accept-Encoding
priority
u=3,i=?0
cache-control
max-age=315360000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8f23f61e4c0641ac-EWR
server
cloudflare
piwik.php
matomo.tfa1eak.click/ 		0
668 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.tfa1eak.click/piwik.php?action_name=&idsite=975&rec=1&r=388576&h=19&m=16&s=24&url=https%3A%2F%2Ftelegra.ph%2F-&urlref=https%3A%2F%2Ftelegra.ph%2F-&_id=8de5e242298a96df&_idn=1&send_image=0&_refts=1734239785&_ref=https%3A%2F%2Ftelegra.ph%2F-&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=YNJCgA&pf_net=79&pf_srv=195&pf_tfr=3&pf_dm1=39&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.tfa1eak.click
URL: https://matomo.tfa1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://swq.tfaleak.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QhR6%2BRMekDzHJvJLshe4TYzCf6zDLvPxKUKHubNShmi884A%2F7se56Qq1MBGN85vLxBys45ZgM%2BctUEaeL9UJP0cmRQrbxpjqu5UxRbgHOEjIXRvypbFeH7ms3d%2FjA3m4cmplOL0Y9Vp3kZfccFg4p%2FQY%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f23f61eac5f41ac-EWR
access-control-allow-origin
https://swq.tfaleak.click
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8891&min_rtt=7919&rtt_var=390&sent=37&recv=22&lost=0&retrans=0&sent_bytes=29021&recv_bytes=6158&delivery_rate=871345&cwnd=24000&unsent_bytes=0&cid=8154e65316f67db6&ts=316&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 05:16:24 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=4,i
piwik.php
matomo.tfa1eak.click/ 		0
670 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.tfa1eak.click/piwik.php?action_name=&idsite=1&rec=1&r=958174&h=19&m=16&s=24&url=https%3A%2F%2Ftelegra.ph%2F-&urlref=https%3A%2F%2Ftelegra.ph%2F-&_id=b2e97b75e9c463cc&_idn=1&send_image=0&_refts=1734239785&_ref=https%3A%2F%2Ftelegra.ph%2F-&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=5DXnux&pf_net=79&pf_srv=195&pf_tfr=3&pf_dm1=39&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.tfa1eak.click
URL: https://matomo.tfa1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://swq.tfaleak.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0CIbT%2B%2FQRVgyraWRHN%2BoTsk46fMa7cXqPwRuLlvBlld6ij9bi3Bi8nrGu26S4ekTdWNv0r3QrjlUOO5qDCDNQ%2Fw8BcVdGWlYyS6UzfQyBH6CMO%2Bu%2BhIm532gnU1CAnZhrC5ZkArpzFY37rVjn9Nk%2BP9bVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f23f61eac6041ac-EWR
access-control-allow-origin
https://swq.tfaleak.click
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8891&min_rtt=7919&rtt_var=390&sent=36&recv=22&lost=0&retrans=0&sent_bytes=28328&recv_bytes=6158&delivery_rate=871345&cwnd=24000&unsent_bytes=0&cid=8154e65316f67db6&ts=308&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 05:16:24 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=4,i
favicon.ico
swq.tfaleak.click/ 		571 B
837 B 		Other
General
Check archive.org
Download Go to
Full URL
https://swq.tfaleak.click/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3031::6815:34e7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d50b9852ce176350c41f3a8b9bc01132659f8b18b9ccec1cdea6e98d28176daf

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://swq.tfaleak.click/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
MISS
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=65PYjx9o3wuO0Bc%2FEs6oahw%2FqpjwkU141jpnK68krdp2oYNonf2x1xhHkFC90kTj74Vb%2FK8VAzgmpqRG1iDiHxsIia%2FQruQ5nofBjM5qJg8HwWXuAR0Lklzt%2FsLRuIEHr9be1wwSc1uy6GJvK6ZD8A%3D%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23f61eabb1f78d-EWR
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=7784&min_rtt=7389&rtt_var=1272&sent=16&recv=12&lost=0&retrans=0&sent_bytes=5589&recv_bytes=5042&delivery_rate=186145&cwnd=12000&unsent_bytes=0&cid=f93186a818e96ce5&ts=617&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 05:16:24 GMT
content-type
text/html
vary
Accept-Encoding
server
cloudflare
priority
u=1,i
piwik.php
matomo.tfa1eak.click/ 		0
668 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.tfa1eak.click/piwik.php?idgoal=1&idsite=975&rec=1&r=835337&h=19&m=16&s=24&url=https%3A%2F%2Ftelegra.ph%2F-&urlref=https%3A%2F%2Ftelegra.ph%2F-&_id=8de5e242298a96df&_idn=0&send_image=0&_refts=1734239785&_ref=https%3A%2F%2Ftelegra.ph%2F-&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=YNJCgA&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.tfa1eak.click
URL: https://matomo.tfa1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://swq.tfaleak.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Uz5htcz5vL1W%2Fxy2LJcburKSqx5ZCxV6g3DQJkVuNW6z5ymVDt%2BR312AU0YR7CFBqURSO2DgJwUVUXmDgaofPdhTY6FIp%2BDMqomSDdqxDvFZ9X5%2BrwtctB%2F%2BvpR03JTeOGQwu6gwDtBlSpofTxrRXFWsAA%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f23f623a9ad41ac-EWR
access-control-allow-origin
https://swq.tfaleak.click
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8789&min_rtt=7919&rtt_var=497&sent=41&recv=25&lost=0&retrans=0&sent_bytes=30862&recv_bytes=7555&delivery_rate=5463&cwnd=24000&unsent_bytes=0&cid=8154e65316f67db6&ts=1006&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 05:16:25 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=4,i
piwik.php
matomo.tfa1eak.click/ 		410 B
1 KB 		Ping
General
Check archive.org
Download Go to
Full URL
https://matomo.tfa1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=111518&h=19&m=16&s=24&url=https%3A%2F%2Ftelegra.ph%2F-&urlref=https%3A%2F%2Ftelegra.ph%2F-&_id=b2e97b75e9c463cc&_idn=0&send_image=0&_refts=1734239785&_ref=https%3A%2F%2Ftelegra.ph%2F-&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=5DXnux&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Requested by
Host: matomo.tfa1eak.click
URL: https://matomo.tfa1eak.click/piwik.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2649 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc283801a7ccb1ab03daf7095d0c98b5fe7e186e29c7750d9de4c52e6cd84aa1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=utf-8
Referer
https://swq.tfaleak.click/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7oZRSOcRdr6n63gm%2FYpVJDy34hIBUhz0kpdDMvUMqqVlMRRAY0O65wNrdfUIcKUWEmLaYZ6t2POeYj%2F73ZjHawPb7KYIg%2BBawOPicNdIwYdUzUvFjUru7tEuxarbf4Qd6IY0kSwZky%2FN4WQnbXdfhbW64A%3D%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-credentials
true
cf-ray
8f23f623a9b041ac-EWR
access-control-allow-origin
https://swq.tfaleak.click
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=8789&min_rtt=7919&rtt_var=497&sent=40&recv=25&lost=0&retrans=0&sent_bytes=29759&recv_bytes=7555&delivery_rate=5463&cwnd=24000&unsent_bytes=0&cid=8154e65316f67db6&ts=1002&x=1", cfExtPri, cfHdrFlush;dur=0
date
Sun, 15 Dec 2024 05:16:25 GMT
content-type
text/html; charset=UTF-8
server
cloudflare
priority
u=4,i
Primary Request /
dihaurefuidkuilopsee.life/
Redirect Chain
  • https://7auj.tfa1eak.click/leak-id-anVUQTE1bVhRVzJjQjVZU0VuTGpmVGF2dUk5MDNkYjFDQzlqczkzOS9Jd05sbzlSdFN5NmVsendxU1lOTnc2Mg==
  • https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
9 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dab08c341e83c9df17d6f785c0f6b182cd8a264bd9433079004cecfdad14acc
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://swq.tfaleak.click/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-chl-out
m5bMbeD+eIlU3cawLFCxXByjEI5Mzx6k1ffh160EWtPsyEUwSwEsPwrekjr4690eqcHcitQUPuoTrh4A7gphAEcdgj2yMGOrRVB/JamDgX+3Y5Iey9PfgXtFID/dZfP6BlXOFoB6QPqt7/iPmjTMvw==$heUnD60ja6YmEsYPR785pA==
cf-mitigated
challenge
cf-ray
8f23f626cda3f797-EWR
content-encoding
zstd
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-origin
date
Sun, 15 Dec 2024 05:16:26 GMT
expires
Thu, 01 Jan 1970 00:00:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wHgwJZndbEwLUcj9txpQ0R5SlnXWbjv8U2aiEEHLy2QKnnIPYhC2a5rpFDS2kMZJ61EsQb7MS5HA4BaDyJMdfgDFBUP8DQGOf1szJQ1jVZP2CmikOkgSV6b6pdJUDHdT9nua54np2T1s7EiBz4I1chSrNZ3tUHrc"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-options
nosniff
x-frame-options
SAMEORIGIN

Redirect headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8f23f6255ea84265-EWR
content-type
text/html; charset=UTF-8
date
Sun, 15 Dec 2024 05:16:26 GMT
location
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
priority
u=0,i
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wx4uH6JYuZippuPBt0cKNcTQOK7WnaAiEhXFcB4oRPRObAPtvbfMs3XSfahAitwI1wyPpUbrm7M39sPYFOIwAtWMgnKZCkm8x0VgbsuXn7K6YpMk3Vh1kxXY6qBiJQyZ08FSTrubXC6IntdoLu4INdY%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=QUIC&rtt=8073&min_rtt=7924&rtt_var=1486&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4216&recv_bytes=4565&delivery_rate=833&cwnd=12000&unsent_bytes=0&cid=1aa1f80efea8e367&ts=216&x=1" cfExtPri cfHdrFlush;dur=0
v1
dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/ 		100 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f23f626cda3f797
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c2dc33eeec9901f9c5534672ca9c9ddcde8c7ffde5cda6676babe0954772086

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975&__cf_chl_rt_tk=KQovo9lVGQkqrsym7TNor5gB84WRerHIXoOeC4A_Tac-1734239786-1.0.1.1-KYFKzBPNC0aATaxfD6EdEH9TkRCecxXkQ5IBYYsoa4Q

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Inew0nOZN5Q4tHjXBrQB4yvktmIU2AYdo67AHUweRk8qwDa%2BtiQukveBXj%2FoysdFr%2FdBDBPjZ1%2FoamWymRSekn8R%2BkxtsHz9ne4Dji9NDAv%2BtdlCtedcSr%2FU9H07TP5s0%2FtSwCgS7h%2FPoaVc%2BJWzpkg24jwzH4Te"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23f6274da4f797-EWR
alt-svc
h3=":443"; ma=86400
date
Sun, 15 Dec 2024 05:16:26 GMT
content-type
application/javascript; charset=UTF-8
server
cloudflare
1382f014-7204-405e-95b4-2e2fde77c80a
https://dihaurefuidkuilopsee.life/ Frame 		0
0
api.js
challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/ 		47 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f23f626cda3f797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a9f0787e39291d7bcb873d0d514f1d2c8db0256fd741c2abc4d46a809254e141

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Origin
https://dihaurefuidkuilopsee.life
Referer

Response headers

server
cloudflare
cache-control
max-age=31536000, stale-if-error=10800, stale-while-revalidate=31536000, public
content-encoding
br
cross-origin-resource-policy
cross-origin
cf-ray
8f23f627cee17c84-EWR
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
server-timing
cfExtPri
date
Sun, 15 Dec 2024 05:16:26 GMT
content-type
application/javascript; charset=UTF-8
last-modified
Tue, 03 Dec 2024 18:31:41 GMT
vary
Accept-Encoding
priority
u=3,i=?0
favicon.ico
dihaurefuidkuilopsee.life/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dihaurefuidkuilopsee.life/favicon.ico
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8b9af4ba46f460c9e211e5f7a6d672ceccf23feccb6ccae63d9c2d4277effd43
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JOmLYAO0OiENLuho0yHWWQQtXpMvVzTlAzu8MvXthMDRzslKkskKgmuEqJsg5ccmw%2FVnbD75UQFbsYIGtEPkRJ2MZWOA%2F6KmZkD3jTWl%2BFm8wYU7EzgRpej9h5CSP1%2BB4Vto2ybUweA2eGXoyxaYGR1czVFVLywi"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Sun, 15 Dec 2024 05:16:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
ai7QzB1TZEeDgwWM6AcdDiDMvWKfpLWZOmCJq+6BBbmvnUmuxEp1SO0zg6PDtvM2fAWUYHViWHauWsiSUE10ivw9YGF182ex2QY3olFa4K6glzCtrArkQnAXGdpNrkj+55z6LLbpGOhtJoRQePS5eg==$Z12AEcxOLiznMUJXE8FB1g==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f23f627cda5f797-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
favicon.ico
dihaurefuidkuilopsee.life/ 		7 KB
6 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://dihaurefuidkuilopsee.life/favicon.ico
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11aa0dba82b66c178349d2831a699581c1548e43a93093fcf1260881378c007b
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975

Response headers

content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0v9EVANfW7%2BwYR8pXn4IOripQ1w2KaREMXS0sA6cwdHnj8Jcd9F50Z%2F4E67NWssNiIE5opJ6N1emh%2BO2EzQzN6i7OvJeHd5Cir%2FzHJy1nELiwGtLfwZyw48QhRNhtak84EBpvBcMb7Obc0Eep9MS%2Fgxe3NCQpjTx"}],"group":"cf-nel","max_age":604800}
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
expires
Thu, 01 Jan 1970 00:00:01 GMT
alt-svc
h3=":443"; ma=86400
x-content-options
nosniff
date
Sun, 15 Dec 2024 05:16:26 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-frame-options
SAMEORIGIN
cf-mitigated
challenge
cf-chl-out
9EMzN5rV1P5GGi5pi9kB9vGHtD3Kunfpjzl93bX+MovRfM0CJzE7mn0cKknaluXbidgtmpFT6l5hbYWkCqCqaZ7tm9VATcb/jcdYQIZO7bFR08kzCeZuxG1X5TQu3z0mYA6Vjn6bNbP5eBM9sVjkOA==$aytN4NM6tzY3EXwVNG43yw==
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-resource-policy
same-origin
referrer-policy
same-origin
cf-ray
8f23f627fda6f797-EWR
cross-origin-embedder-policy
require-corp
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
origin-agent-cluster
?1
server
cloudflare
0_XJ2gSPM6SAUdRCspoPzT9Yox4HWOyvkGADagLem7M-1734239786-1.2.1.1-LzdxJaHhl3Ods77VgMyKJEfGSW8omderGRjWSv42vE58dGVOjxj7z_bc9cKS4es8
dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/flow/ov1/609458766:1734236617:GzZDsKP7aCM0_DbNGl1ENuptGSPd6o7vRxdKSpOW3ls/8f23f626cda3f797/ 		13 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/flow/ov1/609458766:1734236617:GzZDsKP7aCM0_DbNGl1ENuptGSPd6o7vRxdKSpOW3ls/8f23f626cda3f797/0_XJ2gSPM6SAUdRCspoPzT9Yox4HWOyvkGADagLem7M-1734239786-1.2.1.1-LzdxJaHhl3Ods77VgMyKJEfGSW8omderGRjWSv42vE58dGVOjxj7z_bc9cKS4es8
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f23f626cda3f797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db6298e56605e86fac26df2ec1001bac35c21d74c7336911945d79c4deb88e14

Request headers

Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
0_XJ2gSPM6SAUdRCspoPzT9Yox4HWOyvkGADagLem7M-1734239786-1.2.1.1-LzdxJaHhl3Ods77VgMyKJEfGSW8omderGRjWSv42vE58dGVOjxj7z_bc9cKS4es8

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BgP4jlQbG9tS8MNUIYMNd%2Fwy9ryjal3Im%2B5XXDcW%2BUwSGrLP5mBaiafeBWjlMHlOJQkf0rhvsWWqCH02IGgS1aHC7WiC07Lmj9FtN50xEEctYBC5KYZN8gsBcQd2ckpUtuMe7Dt68MYuOsNU93KHvZmL2nAwucOm"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23f6288da7f797-EWR
alt-svc
h3=":443"; ma=86400
date
Sun, 15 Dec 2024 05:16:26 GMT
content-type
text/plain; charset=UTF-8
cf-chl-gen
+BenpnoNGv1nyxmJ5vBUZVzTM1o0nxGz/A8A9po4dGFoILOqaTOhP5LwLyLxES6mvkHl/A7KeMc=$6BLumXTePYHCy8n9
server
cloudflare
5d692996-dedd-4ff9-b8ce-0ba9c06a00f1
https://dihaurefuidkuilopsee.life/ Frame 		0
0
/
challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/8aqhd/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/ Frame 10A3 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://challenges.cloudflare.com/cdn-cgi/challenge-platform/h/g/turnstile/if/ov2/av0/rcv/8aqhd/0x4AAAAAAADnOjc0PNeA8qVm/light/fbE/normal/auto/
Requested by
Host: challenges.cloudflare.com
URL: https://challenges.cloudflare.com/turnstile/v0/g/f9063374b04d/api.js?onload=fjGVd3&render=explicit
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:5e29 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
Security Headers
Name Value
Content-Security-Policy frame-src https://challenges.cloudflare.com/; base-uri 'self'

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray
8f23f628ddfcf5fa-EWR
content-encoding
br
content-security-policy
frame-src https://challenges.cloudflare.com/; base-uri 'self'
content-type
text/html; charset=UTF-8
critical-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
cross-origin
date
Sun, 15 Dec 2024 05:16:26 GMT
document-policy
js-profiling
origin-agent-cluster
?1
permissions-policy
accelerometer=(),autoplay=(),browsing-topics=(),camera=(),clipboard-read=(),clipboard-write=(),geolocation=(),gyroscope=(),hid=(),interest-cohort=(),magnetometer=(),microphone=(),payment=(),publickey-credentials-get=(),screen-wake-lock=(),serial=(),sync-xhr=(),usb=()
priority
u=0,i
referrer-policy
same-origin
server
cloudflare
server-timing
cfExtPri
0_XJ2gSPM6SAUdRCspoPzT9Yox4HWOyvkGADagLem7M-1734239786-1.2.1.1-LzdxJaHhl3Ods77VgMyKJEfGSW8omderGRjWSv42vE58dGVOjxj7z_bc9cKS4es8
dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/flow/ov1/609458766:1734236617:GzZDsKP7aCM0_DbNGl1ENuptGSPd6o7vRxdKSpOW3ls/8f23f626cda3f797/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/flow/ov1/609458766:1734236617:GzZDsKP7aCM0_DbNGl1ENuptGSPd6o7vRxdKSpOW3ls/8f23f626cda3f797/0_XJ2gSPM6SAUdRCspoPzT9Yox4HWOyvkGADagLem7M-1734239786-1.2.1.1-LzdxJaHhl3Ods77VgMyKJEfGSW8omderGRjWSv42vE58dGVOjxj7z_bc9cKS4es8
Requested by
Host: dihaurefuidkuilopsee.life
URL: https://dihaurefuidkuilopsee.life/cdn-cgi/challenge-platform/h/g/orchestrate/chl_page/v1?ray=8f23f626cda3f797
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::6815:2001 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f40cc18debeb29ec5544b74ed534876dcd60b1c4858f99154aa6bf3b1716da9b

Request headers

Referer
https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
CF-Chl-RetryAttempt
0
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Content-type
application/x-www-form-urlencoded
CF-Challenge
0_XJ2gSPM6SAUdRCspoPzT9Yox4HWOyvkGADagLem7M-1734239786-1.2.1.1-LzdxJaHhl3Ods77VgMyKJEfGSW8omderGRjWSv42vE58dGVOjxj7z_bc9cKS4es8

Response headers

cf-chl-out
KdFm5JI4rTHgyZutBsBJgsrgJnlpg3+F+9yrRbVYdC7VGKwzqjB+ow88OyX9oB7C4eTutYV1cKnFOokqLVd6FDZOaSGM7DRAawg/Tp2aUzFnCzftu8+YPF8=$JYTaum+AS6+FPapt
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IXgYbFOzFkenoW86eJhkzGmEazNuwllkfZPpPY61YhhuDJ%2FAyilMIbefnCIoxXBHJTa3H1aJSaDlFATkg3DqNKM1Ib5oO2VA%2BIyBaG2rDLm626cGI898kaHGsSNJpOlZVV1gZCQ8TIy2Mn1MdrHgzCBec6lXO0be"}],"group":"cf-nel","max_age":604800}
cf-ray
8f23f6301dc3f797-EWR
alt-svc
h3=":443"; ma=86400
cf-chl-out-s
q9E3MEVy3XLELSTILKvHuz/2mN4JRL6NqbXtR8Uj0P4/CLatZWeIF4YnmeSRiRVltY5MwFGpJajONjLy9/p0wAqQVnxKC7HsiG6PWsXJ4VbXB8MMOeo/1TzyAT80Z4kIKuLfA/n+PtEI8n837nOMPhZPTw7Ek0FBlZtKeuYJWxqSEBM3GDz1oAWHPBDTzEyqGpoZkLdfZGXPdCw0n/v8fw/m0A9HI6DXpndAPRMXAYSOecYYNsnGlYmWjpGUsmyVrkh1s7GNM4660ruSXAmoLlwEh/8NZl97hE1Re9Exrece853mVHGdHSpxUqsCuTTH9CjAHDh1llKC9tcFdfvN3MSfQMSQ0i8LJqDEi7TALyKdJuzt5X8=$JMOeGaVfktDo15sK
date
Sun, 15 Dec 2024 05:16:27 GMT
content-type
text/html; charset=UTF-8
server
cloudflare

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
dihaurefuidkuilopsee.life
URL
blob:https://dihaurefuidkuilopsee.life/1382f014-7204-405e-95b4-2e2fde77c80a
Domain
dihaurefuidkuilopsee.life
URL
blob:https://dihaurefuidkuilopsee.life/5d692996-dedd-4ff9-b8ce-0ba9c06a00f1

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| _cf_chl_opt function| fjGVd3 boolean| xAqqm6 function| spwE7 function| huBu8 function| HCGH4 function| roxIF0 object| uBNhi5 object| vEte4 function| jWrr7 function| nWsSX2 function| INuv4 object| ZUPr1 number| OCenw1 object| angular object| hfdFG3 object| turnstile boolean| RtWm0 function| _ string| DSJv8 boolean| aumSQ3

7 Cookies

Domain/Path Name / Value
swq.tfaleak.click/ Name: _pk_ref.975.5b50
Value: %5B%22%22%2C%22%22%2C1734239785%2C%22https%3A%2F%2Ftelegra.ph%2F-%22%5D
swq.tfaleak.click/ Name: _pk_id.975.5b50
Value: 8de5e242298a96df.1734239785.
swq.tfaleak.click/ Name: _pk_ses.975.5b50
Value: 1
swq.tfaleak.click/ Name: _pk_ref.1.5b50
Value: %5B%22%22%2C%22%22%2C1734239785%2C%22https%3A%2F%2Ftelegra.ph%2F-%22%5D
swq.tfaleak.click/ Name: _pk_id.1.5b50
Value: b2e97b75e9c463cc.1734239785.
swq.tfaleak.click/ Name: _pk_ses.1.5b50
Value: 1
dihaurefuidkuilopsee.life/ Name: cf_chl_rc_ni
Value: 1

5 Console Messages

Source Level URL
Text
network error URL: https://swq.tfaleak.click/favicon.ico
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://matomo.tfa1eak.click/piwik.php?idgoal=1&idsite=1&rec=1&r=111518&h=19&m=16&s=24&url=https%3A%2F%2Ftelegra.ph%2F-&urlref=https%3A%2F%2Ftelegra.ph%2F-&_id=b2e97b75e9c463cc&_idn=0&send_image=0&_refts=1734239785&_ref=https%3A%2F%2Ftelegra.ph%2F-&pdf=1&qt=0&realp=0&wma=0&fla=0&java=0&ag=0&cookie=1&res=1600x1200&pv_id=5DXnux&uadata=%7B%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dihaurefuidkuilopsee.life/?s=157&t1=895&t2=&t4=975
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dihaurefuidkuilopsee.life/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://dihaurefuidkuilopsee.life/favicon.ico
Message:
Failed to load resource: the server responded with a status of 403 ()