xleakers.fans
Open in
urlscan Pro
172.67.166.27
Public Scan
Submission Tags: @phish_report
Submission: On November 16 via api from FI — Scanned from FI
Summary
TLS certificate: Issued by WE1 on November 12th 2024. Valid for: 3 months.
This is the only time xleakers.fans was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 172.67.166.27 172.67.166.27 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
4 | 172.64.153.55 172.64.153.55 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 18.244.20.221 18.244.20.221 | 16509 (AMAZON-02) (AMAZON-02) | |
3 | 172.64.153.109 172.64.153.109 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
9 | 4 |
ASN13335 (CLOUDFLARENET, US)
assets-global.website-files.com |
ASN16509 (AMAZON-02, US)
PTR: server-18-244-20-221.fra56.r.cloudfront.net
d3e54v103j8qbb.cloudfront.net |
ASN13335 (CLOUDFLARENET, US)
uploads-ssl.webflow.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
website-files.com
assets-global.website-files.com — Cisco Umbrella Rank: 29975 |
192 KB |
3 |
webflow.com
uploads-ssl.webflow.com — Cisco Umbrella Rank: 27176 |
413 KB |
1 |
cloudfront.net
d3e54v103j8qbb.cloudfront.net |
31 KB |
1 |
xleakers.fans
xleakers.fans |
2 KB |
9 | 4 |
Domain | Requested by | |
---|---|---|
4 | assets-global.website-files.com |
xleakers.fans
|
3 | uploads-ssl.webflow.com |
assets-global.website-files.com
|
1 | d3e54v103j8qbb.cloudfront.net |
xleakers.fans
|
1 | xleakers.fans | |
9 | 4 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
xleakers.fans WE1 |
2024-11-12 - 2025-02-10 |
3 months | crt.sh |
website-files.com WE1 |
2024-11-10 - 2025-02-08 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2024-07-30 - 2025-07-03 |
a year | crt.sh |
uploads-ssl.webflow.com WE1 |
2024-09-25 - 2024-12-24 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://xleakers.fans/
Frame ID: C1200CFAEE19DA3403EB652C430DBAAA
Requests: 9 HTTP requests in this frame
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
9 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
/
xleakers.fans/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
miami-44baae-fb1698b24a6dda8dbac1757425.webflow.89d43beef.css
assets-global.website-files.com/65423581310e2018e009b88f/css/ |
89 KB 16 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65423581310e2018e009b8e5_glow-p-800.png
assets-global.website-files.com/65423581310e2018e009b88f/ |
80 KB 80 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery-3.5.1.min.dc5e7f18c8.js
d3e54v103j8qbb.cloudfront.net/js/ |
87 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
webflow.718107e01.js
assets-global.website-files.com/65423581310e2018e009b88f/js/ |
502 KB 94 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65423581310e2018e009b8d3_Inter-Bold.woff
uploads-ssl.webflow.com/65423581310e2018e009b88f/ |
140 KB 141 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65423581310e2018e009b8b7_Inter-Regular.woff
uploads-ssl.webflow.com/65423581310e2018e009b88f/ |
131 KB 132 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65423581310e2018e009b8d2_Inter-Medium.woff
uploads-ssl.webflow.com/65423581310e2018e009b88f/ |
139 KB 140 KB |
Font
application/x-font-woff |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
65423581310e2018e009b8ec_gg.png
assets-global.website-files.com/65423581310e2018e009b88f/ |
476 B 885 B |
Other
image/png |
||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
5 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
function| $ function| jQuery function| tram object| Webflow function| openDiscordAndRedirect1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.website-files.com/ | Name: __cf_bm Value: RTYynAUhmDrdFwDaGy9iVFyr2xmdwhBCSBfuIOeGsWI-1731716890-1.0.1.1-BxJUzx0D8c8uq6B3njvhqg2FwIzUieFiZ.NJCzVnQzt5LjEJp8ZLtM5uUJm2erEZDXyB80Zk0AWEUn.fAo098w |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
assets-global.website-files.com
d3e54v103j8qbb.cloudfront.net
uploads-ssl.webflow.com
xleakers.fans
172.64.153.109
172.64.153.55
172.67.166.27
18.244.20.221
266d3f14c5e24b3612020e1d23d90444695be74af597b667a1bdcf80a22e2dc6
42c4cf605e4757ede9ce9cb409b7127ca255340ddc9bcf156d6ed30c48f33ad8
4aeb36191fae2252e356ff7531f328fe24ec79149ed2c527702257854fb39bda
7fba282ea2fd5b2d5b00323b2b03d8aff255c8244d3aa49ed988f4d24ea8112b
aac36c022c9d50092fe17df27f1fdaf7f0abf6bb00ba13cf20a54c20edba7f12
b4099c07deb2d63f2bc67a16cd4ef449c593180da66e3c6143e9a59941451f01
c5c7c3cd40865c85a70b44f455d64ad04bf1978627b8afbd3a322ca0cac434ce
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff59c872d6eda43074da2d6cb648924f87e1f939e50b8d95a68d984df7f22393