www.leaks.sh Open in urlscan Pro
76.76.21.164 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://captcha.bot-securation.xyz/verify?data=eyJndWlsZElkIjoiODM1NDUxNDk3NDc0NDI0ODMyIiwiY2xpZW50SWQiOiIxMjI5NDQwMTY3MzA4MTY1MTkx...
Effective URL:
https://www.leaks.sh/
Submission Tags: @phish_report
Submission: On April 17 via api (April 17th 2024, 1:24:41 am UTC) from FI — Scanned from FI

Summary HTTP 18 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 3 domains to perform 18 HTTP transactions. The main IP is 76.76.21.164, located in Walnut, United States and belongs to AMAZON-02, US. The main domain is www.leaks.sh.
TLS certificate: Issued by R3 on March 24th 2024. Valid for: 3 months.

This is the only time www.leaks.sh was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2606:4700:303... 2606:4700:3030::ac43:cebb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	76.76.21.22 76.76.21.22	16509 (AMAZON-02) (AMAZON-02)
16	76.76.21.164 76.76.21.164	16509 (AMAZON-02) (AMAZON-02)
2	104.18.1.146 104.18.1.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	2

1 2606:4700:3030::ac43:cebb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

captcha.bot-securation.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.76.21.22 (Walnut, United States) 1 redirects

ASN16509 (AMAZON-02, US)

leaks.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 76.76.21.164 (Walnut, United States)

ASN16509 (AMAZON-02, US)

www.leaks.sh	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.1.146 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.sellix.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	leaks.sh 1 redirects leaks.sh www.leaks.sh	236 KB
2	sellix.io cdn.sellix.io — Cisco Umbrella Rank: 525563	3 KB
1	bot-securation.xyz 1 redirects captcha.bot-securation.xyz	455 B
18	3

	Domain	Requested by
16	www.leaks.sh	www.leaks.sh
2	cdn.sellix.io	www.leaks.sh
1	leaks.sh	1 redirects
1	captcha.bot-securation.xyz	1 redirects
18	4

This site contains links to these domains. Also see Links.

Domain
t.me
discord.gg
discord.com
twitter.com

Subject Issuer	Validity	Valid
*.leaks.sh R3	`2024-03-24` - `2024-06-22`	3 months	crt.sh
cdn.sellix.io E1	`2024-03-21` - `2024-06-19`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://www.leaks.sh/
Frame ID: 371D3895EF96112CB8B0382640BEA26A
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Quality Leaks

Page URL History Show full URLs

https://captcha.bot-securation.xyz/verify?data=eyJndWlsZElkIjoiODM1NDUxNDk3NDc0NDI0ODMyIiwiY2xpZW50SWQiOiIxMjI5... HTTP 302
https://leaks.sh/ HTTP 308
https://www.leaks.sh/ Page URL

Detected technologies

Sellix (Ecommerce) Expand

Overall confidence: 100%
Detected patterns

cdn\.sellix\.io/static/js/embed\.js

Page Statistics

18
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

239 kB
Transfer

536 kB
Size

1
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/duntalkin
Title: Support

Search URL Search Domain Scan URL

URL: https://discord.gg/
Title: Products

Search URL Search Domain Scan URL

URL: https://discord.com/
Title: Discord

Search URL Search Domain Scan URL

URL: https://twitter.com/intimatxx
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://captcha.bot-securation.xyz/verify?data=eyJndWlsZElkIjoiODM1NDUxNDk3NDc0NDI0ODMyIiwiY2xpZW50SWQiOiIxMjI5NDQwMTY3MzA4MTY1MTkxIiwiZXhwaXJlcyI6MTcxMzMxNjk4ODI2MiwiZG9tYWluIjoibG9naW4uYm90LXNlY3VyYXRpb24ueHl6IiwibmFtZSI6Ik5TRlclMkIxOCUyMCUyRiUyMFRFRU4lRjAlOUYlOEQlOTEiLCJtZW1iZXJzIjozMzM0LCJpY29uIjoiaHR0cHM6Ly9jZG4uZGlzY29yZGFwcC5jb20vaWNvbnMvODM1NDUxNDk3NDc0NDI0ODMyL2FfNWE3YzhlNDI0OTMwYzJiNTgyYmViMDQzOTFjOTY3NTguZ2lmP3NpemU9MTI4In0= HTTP 302
https://leaks.sh/ HTTP 308
https://www.leaks.sh/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.leaks.sh/
Redirect Chain

https://captcha.bot-securation.xyz/verify?data=eyJndWlsZElkIjoiODM1NDUxNDk3NDc0NDI0ODMyIiwiY2xpZW50SWQiOiIxMjI5NDQwMTY3MzA4MTY1MTkxIiwiZXhwaXJlcyI6MTcxMzMxNjk4ODI2MiwiZG9tYWluIjoibG9naW4uYm90LXNlY3...
https://leaks.sh/
https://www.leaks.sh/

59 KB
9 KB

140ms
48ms

Document
text/html

76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

80f34d1cc88e326c0847b2c1db7e540e52059f4097175bdca0f8cf2db2ecdce8

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-origin: *
age: 2001533
cache-control: public, max-age=0, must-revalidate
content-disposition: inline
content-encoding: br
content-type: text/html; charset=utf-8
date: Wed, 17 Apr 2024 01:24:37 GMT
etag: W/"87fa9e19efe196dbf713634d4d985c85"
server: Vercel
strict-transport-security: max-age=63072000
vary: RSC, Next-Router-State-Tree, Next-Router-Prefetch, Next-Url
x-matched-path: /
x-vercel-cache: HIT
x-vercel-id: arn1::f2xnx-1713317077001-86cc9fcad370

Redirect headers

cache-control: public, max-age=0, must-revalidate
content-type: text/html
date: Wed, 17 Apr 2024 01:24:36 GMT
location: https://www.leaks.sh/
refresh: 0;url=https://www.leaks.sh/
server: Vercel
strict-transport-security: max-age=63072000
x-vercel-id: arn1::dnjmm-1713317076859-9c80a8860a72

GET
H2 200 c9a5bc6a7c948fb0-s.p.woff2
www.leaks.sh/_next/static/media/ 45 KB
46 KB 60ms
59ms Font
font/woff2 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/media/c9a5bc6a7c948fb0-s.p.woff2

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.leaks.sh/
Origin: https://www.leaks.sh
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::lhszp-1713317077053-b70b32a339ef
age: 1958047
x-matched-path: /_next/static/media/c9a5bc6a7c948fb0-s.p.woff2
etag: "74c3556b9dad12fb76f84af53ba69410"
x-vercel-cache: HIT
content-type: font/woff2
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="c9a5bc6a7c948fb0-s.p.woff2"
accept-ranges: bytes
content-length: 46552

GET
H2 200 488ba2ab7f69ee0e.css
www.leaks.sh/_next/static/css/ 17 KB
5 KB 51ms
51ms Stylesheet
text/css 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/css/488ba2ab7f69ee0e.css

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f5f88925272b3043126aca26a8601fc2622d7413296fafb6911b76a2125ada5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.leaks.sh/
Origin: https://www.leaks.sh
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::c2fv8-1713317077053-5e9d555baf7e
age: 1958207
x-matched-path: /_next/static/css/488ba2ab7f69ee0e.css
etag: W/"dd30e621064ab2b5485b6c78b0709781"
x-vercel-cache: HIT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="488ba2ab7f69ee0e.css"

GET
H2 200 webpack-d31f262dbacfe835.js Show response
www.leaks.sh/_next/static/chunks/ 3 KB
2 KB 44ms
42ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/chunks/webpack-d31f262dbacfe835.js

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

d860ef4c1f80c3381bbc4795c8d834fc2e4b12db5fe2af9e6479c6b62e773981

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.leaks.sh/
Origin: https://www.leaks.sh
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::c2fv8-1713317077065-db8a4d630a15
age: 1975337
x-matched-path: /_next/static/chunks/webpack-d31f262dbacfe835.js
etag: W/"38822fc780c04903c2ee69b6d3d4d048"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="webpack-d31f262dbacfe835.js"

GET
H2 200 fd9d1056-346513ae268b854e.js Show response
www.leaks.sh/_next/static/chunks/ 168 KB
54 KB 78ms
77ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/chunks/fd9d1056-346513ae268b854e.js

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

3f5c53b72daa51dc8d63cd0c3f20c39dc301b819d3dbcc717554261a3391481b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.leaks.sh/
Origin: https://www.leaks.sh
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::7krtr-1713317077065-dbf586759b65
age: 1971519
x-matched-path: /_next/static/chunks/fd9d1056-346513ae268b854e.js
etag: W/"0d225318bcb8e4c20e8b1166af471778"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="fd9d1056-346513ae268b854e.js"

GET
H2 200 69-d18c385f3550b2c0.js Show response
www.leaks.sh/_next/static/chunks/ 109 KB
30 KB 75ms
75ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/chunks/69-d18c385f3550b2c0.js

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

fabd0294ccdc602dafa7deb634649424e9c57a54b0fa1eba7223b770c509f6f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.leaks.sh/
Origin: https://www.leaks.sh
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::djkmz-1713317077066-d7c3c25d11e6
age: 1975337
x-matched-path: /_next/static/chunks/69-d18c385f3550b2c0.js
etag: W/"4f4358c9f2f5073fc8f83344b9b624eb"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="69-d18c385f3550b2c0.js"

GET
H2 200 main-app-f5c8d25c8479457f.js Show response
www.leaks.sh/_next/static/chunks/ 462 B
648 B 43ms
42ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/chunks/main-app-f5c8d25c8479457f.js

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

599208d876cc41134ee1402e37c8b37c4f730763f9cfd12d3b05811e5551e869

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Referer: https://www.leaks.sh/
Origin: https://www.leaks.sh
Accept-Language: fi-FI,fi;q=0.9;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::nfqbp-1713317077065-37592dfa54db
age: 1945801
x-matched-path: /_next/static/chunks/main-app-f5c8d25c8479457f.js
etag: "26e3e343f4ddbeea4deb04831427fc30"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="main-app-f5c8d25c8479457f.js"
accept-ranges: bytes
content-length: 462

GET
H2 200 462-9a0f7dd9adb1febe.js Show response
www.leaks.sh/_next/static/chunks/ 53 KB
18 KB 43ms
42ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/chunks/462-9a0f7dd9adb1febe.js

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

ea548cb7e11d771822514d7f7596c2022a751ab20bedb017644e9f21588e6f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::vkqp2-1713317077065-42ef7a7ee76b
age: 1985415
x-matched-path: /_next/static/chunks/462-9a0f7dd9adb1febe.js
etag: W/"46969150ee045571ecb40592ed7a9318"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="462-9a0f7dd9adb1febe.js"

GET
H2 200 page-fc0a5fa2937c92cb.js Show response
www.leaks.sh/_next/static/chunks/app/ 6 KB
2 KB 105ms
105ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/chunks/app/page-fc0a5fa2937c92cb.js

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

f5c08ce1aa2489d00411057009730f17c4a2a1a48e3152b091d3d1e05ab15dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
content-encoding: br
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::q5wpb-1713317077080-91ac73b8e525
age: 1959531
x-matched-path: /_next/static/chunks/app/page-fc0a5fa2937c92cb.js
etag: W/"9e83632e289dd1eec9897ec1051bfa74"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="page-fc0a5fa2937c92cb.js"

GET
H2 200 layout-147629fdc7f214c7.js Show response
www.leaks.sh/_next/static/chunks/app/ 727 B
909 B 74ms
73ms Script
application/javascript 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/_next/static/chunks/app/layout-147629fdc7f214c7.js

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

197f2f1987605d2b88d304400946c2d1daab32961d9d544ad0433725b8fbff5f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::lhszp-1713317077065-43cf6102a41a
age: 1988273
x-matched-path: /_next/static/chunks/app/layout-147629fdc7f214c7.js
etag: "80c254b003b8a09bff5b1be6f42b7d73"
x-vercel-cache: HIT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
content-disposition: inline; filename="layout-147629fdc7f214c7.js"
accept-ranges: bytes
content-length: 727

GET
H3 200 embed.js Show response
cdn.sellix.io/static/js/ 6 KB
2 KB 131ms
47ms Script
application/javascript 104.18.1.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sellix.io/static/js/embed.js

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.146 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50caeb35e2881bc14f1943ef8791bbf9bdf721d3b3ee2d56a56efe1e87df591b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 1087168
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 04 Apr 2024 11:24:19 GMT
server: cloudflare
etag: W/"660e8de3-1762"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 87589dd42b8982d9-ARN
expires: Thu, 17 Apr 2025 01:24:37 GMT

GET
H3 200 embed.css
cdn.sellix.io/static/css/ 294 B
621 B 144ms
49ms Stylesheet
text/css 104.18.1.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.sellix.io/static/css/embed.css

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.1.146 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8fa0c7e479b3864418662208ba0e8f7bf3494ff2cbe801d0c1332f560e793eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: br
cf-cache-status: HIT
age: 6741878
cf-polished: origSize=431
alt-svc: h3=":443"; ma=86400
cf-bgj: minify
last-modified: Thu, 09 Jul 2020 13:53:00 GMT
server: cloudflare
etag: W/"5f07213c-1af"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 87589dd42b8a82d9-ARN
expires: Thu, 17 Apr 2025 01:24:37 GMT

GET
H2 200 image
www.leaks.sh/_next/ 35 KB
35 KB 43ms
43ms Image
image/webp 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.leaks.sh/_next/image?url=%2Flogo.png&w=640&q=75

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

016e90c1e4a24672ed0deb9442957f94778704758a8f92ee4bd30d952acf62a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
age: 2003291
content-disposition: inline; filename="logo.webp"
content-length: 35952
last-modified: Sun, 24 Mar 2024 20:56:25 GMT
server: Vercel
x-vercel-id: arn1::q5wpb-1713317077217-994c775474f8
x-matched-path: /logo.png
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 image
www.leaks.sh/_next/ 10 KB
10 KB 45ms
45ms Image
image/webp 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.leaks.sh/_next/image?url=%2Fgirls.png&w=256&q=75

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

2b02c42c295bfc140710a9e4e1f03e4cf1caa20a5da259b3905634a6e7da8b38

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
age: 2003292
content-disposition: inline; filename="girls.webp"
content-length: 10052
last-modified: Sun, 24 Mar 2024 20:56:24 GMT
server: Vercel
x-vercel-id: arn1::lhszp-1713317077216-871a507f2110
x-matched-path: /girls.png
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 image
www.leaks.sh/_next/ 5 KB
5 KB 41ms
41ms Image
image/webp 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.leaks.sh/_next/image?url=%2Frecruitment.png&w=64&q=75

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

8e272e5d4bc7942e15dd446089527bb2d7f17f6658db15dd6bad2b86a37d030e

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
age: 2001519
content-disposition: inline; filename="recruitment.webp"
content-length: 5320
last-modified: Sun, 24 Mar 2024 21:25:58 GMT
server: Vercel
x-vercel-id: arn1::djkmz-1713317077215-db49fd9e6e29
x-matched-path: /recruitment.png
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 image
www.leaks.sh/_next/ 5 KB
6 KB 40ms
40ms Image
image/webp 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.leaks.sh/_next/image?url=%2Fgroup.png&w=64&q=75

Requested by

Host: www.leaks.sh
URL: https://www.leaks.sh/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

c2496a03b73dacc9070dc000eb69d24622dd38511b3c7ca674e8aecb34223c2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
age: 2001519
content-disposition: inline; filename="group.webp"
content-length: 5526
last-modified: Sun, 24 Mar 2024 21:25:57 GMT
server: Vercel
x-vercel-id: arn1::lhszp-1713317077215-3b925483ebc2
x-matched-path: /group.png
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

GET
H2 200 logowebsite.png
www.leaks.sh/ 6 KB
7 KB 40ms
40ms Other
image/png 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.leaks.sh/logowebsite.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

36c038c73b065bdcdf7cd74aa41249a54820739d52b6554fb6a442c61bff98b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
server: Vercel
x-vercel-id: arn1::lhszp-1713317077239-f3ae7c98047e
age: 1995702
x-matched-path: /logowebsite.png
etag: "96c3a802cfa08d41e9981ae0314970eb"
x-vercel-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-disposition: inline; filename="logowebsite.png"
accept-ranges: bytes
content-length: 6568

GET
H2 200 image
www.leaks.sh/_next/ 5 KB
6 KB 41ms
40ms Image
image/webp 76.76.21.164
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.leaks.sh/_next/image?url=%2Ftoprated.png&w=64&q=75

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.76.21.164 Walnut, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Vercel /

Resource Hash

91e7cc562ee4c19e0749b87ae49fa4fd059b77bc1ea23caf39785a2727431877

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; frame-src 'none'; sandbox;
Strict-Transport-Security	max-age=63072000

Request headers

Accept-Language: fi-FI,fi;q=0.9;q=0.9
Referer: https://www.leaks.sh/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

content-security-policy: script-src 'none'; frame-src 'none'; sandbox;
date: Wed, 17 Apr 2024 01:24:37 GMT
strict-transport-security: max-age=63072000
age: 2001518
content-disposition: inline; filename="toprated.webp"
content-length: 5578
last-modified: Sun, 24 Mar 2024 21:25:58 GMT
server: Vercel
x-vercel-id: arn1::lhszp-1713317077271-a7083d2ec7e1
x-matched-path: /toprated.png
x-vercel-cache: HIT
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
accept-ranges: bytes

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.sellix.io/	1970-01-20 19:55:18	Name: __cf_bm Value: UIVt_2wry.ki3WOlTY6nE75OiheR2UaeLp9e2oiL5SY-1713317077-1.0.1.1-83Uvjgeo2uBVKn42LDOzqzcFdZq5S45otr6AIHdF.cyotyA1xA00Xve7ug5gkWTSEc_0iIDt..J7CiSdDQ6yMw

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.leaks.sh/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.leaks.sh/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

captcha.bot-securation.xyz
cdn.sellix.io
leaks.sh
www.leaks.sh
104.18.1.146
2606:4700:3030::ac43:cebb
76.76.21.164
76.76.21.22
016e90c1e4a24672ed0deb9442957f94778704758a8f92ee4bd30d952acf62a6
197f2f1987605d2b88d304400946c2d1daab32961d9d544ad0433725b8fbff5f
2b02c42c295bfc140710a9e4e1f03e4cf1caa20a5da259b3905634a6e7da8b38
36c038c73b065bdcdf7cd74aa41249a54820739d52b6554fb6a442c61bff98b3
3bcf04ca301e44f13f404c8a04aa4ae707f67a950e12ef30c238f96e784266a1
3f5c53b72daa51dc8d63cd0c3f20c39dc301b819d3dbcc717554261a3391481b
50caeb35e2881bc14f1943ef8791bbf9bdf721d3b3ee2d56a56efe1e87df591b
599208d876cc41134ee1402e37c8b37c4f730763f9cfd12d3b05811e5551e869
80f34d1cc88e326c0847b2c1db7e540e52059f4097175bdca0f8cf2db2ecdce8
8e272e5d4bc7942e15dd446089527bb2d7f17f6658db15dd6bad2b86a37d030e
91e7cc562ee4c19e0749b87ae49fa4fd059b77bc1ea23caf39785a2727431877
c2496a03b73dacc9070dc000eb69d24622dd38511b3c7ca674e8aecb34223c2a
c8fa0c7e479b3864418662208ba0e8f7bf3494ff2cbe801d0c1332f560e793eb
d860ef4c1f80c3381bbc4795c8d834fc2e4b12db5fe2af9e6479c6b62e773981
ea548cb7e11d771822514d7f7596c2022a751ab20bedb017644e9f21588e6f3c
f5c08ce1aa2489d00411057009730f17c4a2a1a48e3152b091d3d1e05ab15dbf
f5f88925272b3043126aca26a8601fc2622d7413296fafb6911b76a2125ada5c
fabd0294ccdc602dafa7deb634649424e9c57a54b0fa1eba7223b770c509f6f6

www.leaks.sh Open in urlscan Pro 76.76.21.164 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

18 Requests

100 %HTTPS

25 %IPv6

3 Domains

4 Subdomains

2 IPs

2 Countries

239 kBTransfer

536 kBSize

1 Cookies

4 Outgoing links

Page URL History

Redirected requests

18 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

1 Cookies

2 Console Messages

Security Headers

Indicators

www.leaks.sh Open in urlscan Pro
76.76.21.164 Public Scan

Screenshot
Live screenshot

Full Image

18
Requests

100 %
HTTPS

25 %
IPv6

3
Domains

4
Subdomains

2
IPs

2
Countries

239 kB
Transfer

536 kB
Size

1
Cookies

18 HTTP transactions
0 data transactions