urlscan.io logo urlscan.io
SecurityTrails logo

leaks.lat Open in urlscan Pro
104.21.52.30  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://leaks.lat/
Effective URL: https://leaks.lat/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On November 14 via api from IT — Scanned from AT
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 3 domains to perform 6 HTTP transactions. The main IP is 104.21.52.30, located in and belongs to CLOUDFLARENET, US. The main domain is leaks.lat.
TLS certificate: Issued by WE1 on November 13th 2024. Valid for: 3 months.
This is the only time leaks.lat was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
4 104.21.52.30 13335 (CLOUDFLAR...)
1 104.21.19.193 13335 (CLOUDFLAR...)
1 188.114.96.3 13335 (CLOUDFLAR...)
6 3
Apex Domain
Subdomains		 Transfer
4 leaks.lat
leaks.lat
212 KB
1 emoji.gg
cdn3.emoji.gg — Cisco Umbrella Rank: 251318
9 KB
1 contentexclusive.shop
contentexclusive.shop
715 B
6 3
Domain Requested by
4 leaks.lat leaks.lat
1 cdn3.emoji.gg
1 contentexclusive.shop leaks.lat
6 3

This site contains links to these domains. Also see Links.

Domain
twitter.com
Subject Issuer Validity Valid
leaks.lat
WE1		 2024-11-13 -
2025-02-11		 3 months crt.sh
contentexclusive.shop
WE1		 2024-11-09 -
2025-02-07		 3 months crt.sh
cdn3.emoji.gg
E6		 2024-11-01 -
2025-01-30		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://leaks.lat/
Frame ID: 7386F2DC605A01BC64E2DA1D81E412F8
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Paradise

Page URL History Show full URLs

  1. http://leaks.lat/ HTTP 307
    https://leaks.lat/ Page URL

Page Statistics

6
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

3
IPs

2
Countries

222 kB
Transfer

370 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://leaks.lat/ HTTP 307
    https://leaks.lat/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
leaks.lat/
Redirect Chain
  • http://leaks.lat/
  • https://leaks.lat/
1 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://leaks.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57bd2f3b857524fc99ff38e470b163ba8729554cafe54554e0e4e70e59c88d2e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
8e24231b19d55ba0-VIE
content-encoding
zstd
content-type
text/html
date
Thu, 14 Nov 2024 04:07:52 GMT
last-modified
Wed, 13 Nov 2024 08:30:31 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bbSIbA1MlRKdGybIERgrpsY7wEuDGhJR3PQBLOT7MBP%2Brc5THTTdbtcAzZgQYU7Qp63pMN5ereksgWGQRt02INwCoJysZcTul98TmqsKdz6J%2B93OoUgbsUNAS7Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
server-timing
cfL4;desc="?proto=TCP&rtt=2717&sent=7&recv=9&lost=0&retrans=0&sent_bytes=3994&recv_bytes=2275&delivery_rate=7634446&cwnd=254&unsent_bytes=0&cid=0ed5c3377f3dc9a0&ts=100&x=0"

Redirect headers

Location
https://leaks.lat/
Non-Authoritative-Reason
HttpsUpgrades
main.449fe3e9.js
leaks.lat/static/js/ 		198 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://leaks.lat/static/js/main.449fe3e9.js
Requested by
Host: leaks.lat
URL: https://leaks.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e059b12526ea1cb166deb1c9e51162a09b360c1fcf3e1800f2199fb6f51e2c0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://leaks.lat/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"319fa-626c72598c619"
age
6364
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qr%2BedxZXtcSRZ%2BYjlqT0K%2F1hqrG0SkgBkjDoun6pmpJ%2Bh2rQWRbgA0hp9LENxVpWr5YYvUGUrGZJuofjX%2BZ7rW%2BaK1JkRXKkJBF684eu2FimxbCvJFYoiQQb%2BaU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e24231bfa155ba0-VIE
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7803&sent=15&recv=12&lost=0&retrans=0&sent_bytes=9930&recv_bytes=2480&delivery_rate=7634446&cwnd=257&unsent_bytes=0&cid=0ed5c3377f3dc9a0&ts=192&x=0"
date
Thu, 14 Nov 2024 04:07:52 GMT
content-type
text/javascript
last-modified
Wed, 13 Nov 2024 08:30:31 GMT
vary
Accept-Encoding
server
cloudflare
main.ca89e6c0.css
leaks.lat/static/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://leaks.lat/static/css/main.ca89e6c0.css
Requested by
Host: leaks.lat
URL: https://leaks.lat/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.52.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b22aa564003d8842b25acfd37fd16ab2e4870885692c4a1686100d350a44cd2a

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://leaks.lat/

Response headers

cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
HIT
etag
W/"44ef-626c72598c619"
age
6364
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xT%2FDO9KNX5WlGzXJNXP3D0UIwzg7N5uke%2B4nbjBVsrQkG4a9GsBtyIW9Zf1xOmTMsNbIQFXM0%2BxCFm5BTZ1sRyTXQsMT4Iu2tmFDLakJAjXLVBsONsG44LrPPY8%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e24231bfa145ba0-VIE
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=7803&sent=10&recv=12&lost=0&retrans=0&sent_bytes=5213&recv_bytes=2480&delivery_rate=7634446&cwnd=257&unsent_bytes=0&cid=0ed5c3377f3dc9a0&ts=192&x=0"
date
Thu, 14 Nov 2024 04:07:52 GMT
content-type
text/css
last-modified
Wed, 13 Nov 2024 08:30:31 GMT
vary
Accept-Encoding
server
cloudflare
img.7e95304e8d5430fa3b18.png
leaks.lat/static/media/ 		144 KB
145 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://leaks.lat/static/media/img.7e95304e8d5430fa3b18.png
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.52.30 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
53441a9724453745f2b64f63d48dc4bf5da73c032271b87a1b4eb1cb150f4ba5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://leaks.lat/

Response headers

cf-cache-status
HIT
etag
"2419c-626c72598c619"
age
6364
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=fE5aHpzQVSQROq1zG4hoWQdNbjvnu2vJPvO1QpjdAB6q%2BSMUa9r9AVjtVPK4S7DiWVT2HibZmTtGy1RW2z%2BBCtKKpM7pFppm%2BEkeEFPrAqWd4SxciGZHSlQxq0w%3D"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=22364&sent=13&recv=11&lost=0&retrans=0&sent_bytes=4287&recv_bytes=4497&delivery_rate=681&cwnd=12000&unsent_bytes=0&cid=4f61c194ab89be75&ts=246&x=1", cfExtPri, cfHdrFlush;dur=0
date
Thu, 14 Nov 2024 04:07:53 GMT
content-type
image/png
last-modified
Wed, 13 Nov 2024 08:30:31 GMT
vary
Accept-Encoding
priority
u=3,i
cache-control
max-age=14400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8e24231d7cfcc268-VIE
accept-ranges
bytes
content-length
147868
server
cloudflare
captcha
contentexclusive.shop/ 		72 B
715 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://contentexclusive.shop/captcha
Requested by
Host: leaks.lat
URL: https://leaks.lat/static/js/main.449fe3e9.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.21.19.193 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82551000a21558a224f57b82bc72fed11662fa206c286bf80eed380ec2741416

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://leaks.lat/

Response headers

nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
zstd
cf-cache-status
DYNAMIC
access-control-allow-credentials
true
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iOWdqLgWuHFh6HzqMrv7z9CWrI%2FCoLpSvehAS8qjiczZ4RMthD4eNjDhsZiC1Tzpc9WNqtYmuCkLHtDbHBlcMiu2MdVRX%2Bcr%2BBshkRu7NFObq3ccryEjei%2BaCT0W5eWijp0bmzMcm4E%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8e24231dbf00c2f2-VIE
access-control-allow-origin
https://leaks.lat
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=QUIC&rtt=14759&sent=13&recv=10&lost=0&retrans=0&sent_bytes=4192&recv_bytes=4407&delivery_rate=705&cwnd=12000&unsent_bytes=0&cid=15f0dfb83ada9ac6&ts=83&x=1", cfHdrFlush;dur=0
date
Thu, 14 Nov 2024 04:07:53 GMT
content-type
application/json
vary
Origin
server
cloudflare
53789-popsicle.gif
cdn3.emoji.gg/emojis/ 		8 KB
9 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn3.emoji.gg/emojis/53789-popsicle.gif
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
188.114.96.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d84e625cb5e7ada7ac21d41adf5d94f5da4f464eb5d6f3a9636b10879fa079c4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://leaks.lat/

Response headers

x-envoy-upstream-healthchecked-cluster
cf-cache-status
HIT
etag
"d335195743bef0ac198b4260718c546e"
age
38966
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5GIWul2sMY0X%2BoVKUzXPIdR08PNgQS7JJj%2BxEf6fAghgqlUOetuBHg13tLF2tCmgmXNH7yS%2BbL7NQJS2SoBXXBswJzTf45INrdX55Xvxn%2FPVEQq3Q9ZLakB7p0qj26r0"}],"group":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400
server-timing
cfL4;desc="?proto=TCP&rtt=508&sent=7&recv=8&lost=0&retrans=0&sent_bytes=4152&recv_bytes=2203&delivery_rate=8722891&cwnd=253&unsent_bytes=0&cid=d75875d6925b5192&ts=30&x=0"
date
Thu, 14 Nov 2024 04:07:53 GMT
x-rgw-object-type
Normal
content-type
image/gif
last-modified
Wed, 16 Oct 2024 08:53:53 GMT
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
x-do-cdn-uuid
ed216277-2958-478c-82ba-7db8c1ae59b1
strict-transport-security
max-age=15552000; includeSubDomains; preload
cache-control
max-age=2678400
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx000007a8fd246062e6031-00670f7f26-10ede9c7f-fra1b
cf-ray
8e24231deed93249-VIE
accept-ranges
bytes
content-length
8223
server
cloudflare

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| __reactRouterVersion

0 Cookies

1 Console Messages

Source Level URL
Text
recommendation verbose URL: https://leaks.lat/
Message:
[DOM] Input elements should have autocomplete attributes (suggested: "current-password"): (More info: https://goo.gl/9p2vKq) %o