install.crazyleaks.wtf
Open in
urlscan Pro
2a02:4780:a:1404:0:1480:e228:c
Public Scan
Submission: On February 06 via api from US — Scanned from US
Summary
TLS certificate: Issued by R3 on February 6th 2024. Valid for: 3 months.
This is the only time install.crazyleaks.wtf was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 2a02:4780:a:1... 2a02:4780:a:1404:0:1480:e228:c | 47583 (AS-HOSTINGER) (AS-HOSTINGER) | |
1 | 23.22.126.183 23.22.126.183 | 14618 (AMAZON-AES) (AMAZON-AES) | |
11 | 94.242.50.233 94.242.50.233 | 43317 (VEESP-AS) (VEESP-AS) | |
1 | 2607:f8b0:400... 2607:f8b0:4006:821::200a | 15169 (GOOGLE) (GOOGLE) | |
1 | 37.26.107.36 37.26.107.36 | 52148 (RACKSRV) (RACKSRV) | |
1 | 2600:141b:1c0... 2600:141b:1c00:30::1739:5a70 | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
16 | 6 |
ASN47583 (AS-HOSTINGER, CY)
install.crazyleaks.wtf |
ASN14618 (AMAZON-AES, US)
PTR: ec2-23-22-126-183.compute-1.amazonaws.com
locked4.com |
ASN43317 (VEESP-AS, LV)
PTR: server2.server-sz.com
www.onlyleaks.pro |
ASN52148 (RACKSRV, GB)
PTR: server1.cw-direct.co.uk
www.calloutcomputers.org |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
onlyleaks.pro
www.onlyleaks.pro |
198 KB |
1 |
freepik.com
img.freepik.com — Cisco Umbrella Rank: 17596 |
2 KB |
1 |
calloutcomputers.org
www.calloutcomputers.org |
36 KB |
1 |
googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 28 |
1 KB |
1 |
locked4.com
locked4.com |
4 KB |
1 |
crazyleaks.wtf
install.crazyleaks.wtf |
3 KB |
16 | 6 |
Domain | Requested by | |
---|---|---|
11 | www.onlyleaks.pro |
install.crazyleaks.wtf
www.onlyleaks.pro |
1 | img.freepik.com |
install.crazyleaks.wtf
|
1 | www.calloutcomputers.org |
install.crazyleaks.wtf
|
1 | fonts.googleapis.com |
install.crazyleaks.wtf
|
1 | locked4.com |
install.crazyleaks.wtf
|
1 | install.crazyleaks.wtf | |
16 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
install.crazyleaks.wtf R3 |
2024-02-06 - 2024-05-06 |
3 months | crt.sh |
locked4.com R3 |
2023-11-28 - 2024-02-26 |
3 months | crt.sh |
*.onlyleaks.pro R3 |
2024-01-26 - 2024-04-25 |
3 months | crt.sh |
upload.video.google.com GTS CA 1C3 |
2024-01-09 - 2024-04-02 |
3 months | crt.sh |
calloutvoip.co.uk R3 |
2023-12-26 - 2024-03-25 |
3 months | crt.sh |
*.freepik.com R3 |
2024-02-04 - 2024-05-04 |
3 months | crt.sh |
This page contains 1 frames:
Primary Page:
https://install.crazyleaks.wtf/
Frame ID: 429C54AF56604A7B05F3F6FB8A7DD4F0
Requests: 16 HTTP requests in this frame
Screenshot
Page Title
Download file - CrazyLeaksDetected technologies
WordPress (CMS) ExpandDetected patterns
- /wp-(?:content|includes)/
jQuery (JavaScript Libraries) Expand
Detected patterns
- /([\d.]+)/jquery(?:\.min)?\.js
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Redirected requests
There were HTTP redirect chains for the following requests:
16 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
install.crazyleaks.wtf/ |
13 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e6k2kl
locked4.com/cl/js/ |
3 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
_bower.css
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/css/ |
148 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
css
fonts.googleapis.com/ |
13 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
cloud_backup.png
www.calloutcomputers.org/wp-content/uploads/2017/01/ |
36 KB 36 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
avast.png
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bitdefender.png
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/ |
14 KB 14 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
eset.png
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/ |
20 KB 20 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
kaspersky.png
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
macafee.png
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/ |
17 KB 17 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
panda.png
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/img/virus/ |
13 KB 13 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
rocket-loader.min.js
www.onlyleaks.pro/lp/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ |
12 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
abstract-luxury-gradient-blue-background-smooth-dark-blue-with-black-vignette-studio-banner_1258-54587.jpg
img.freepik.com/free-photo/ |
2 KB 2 KB |
Image
image/avif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
scripts.js
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/ |
1 KB 666 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
bower.js
www.onlyleaks.pro/lp/s3.amazonaws.com/cdn.mobverify.com/www/filelockers/theme4/js/ |
167 KB 46 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
jquery.min.js
www.onlyleaks.pro/lp/ajax.googleapis.com/ajax/libs/jquery/1.7.2/ |
93 KB 32 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
14 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
string| locker_url undefined| iframecontents undefined| old_display function| og_load function| ogEditBody function| ogMakeLocker function| og_getScriptURL function| call_locker function| og_call boolean| ogblock object| __cfQR function| $ function| jQuery boolean| __cfRLUnblockHandlers2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
locked4.com/ | Name: XSRF-TOKEN Value: eyJpdiI6IjFtRmlKaUFjQjVaZ2laUzRVdjVCVGc9PSIsInZhbHVlIjoiU2F1M1lEeWRCNlYrN3hBUlNQaFBXRFpCTVRqWDhzUytKM0VaZGduNDdFY2k5V2l2WGtya2QwMWlZcW0vOFUwbWlVMjY0am90RnMxaEQxcmErZmZObjhMUGI3N1dQTFQyOCtQYjhaS2d6aWQ3d09WSE5XMTJ6M3Z1dWY5SVNmRFIiLCJtYWMiOiI1ZGUzY2M0NWRkY2VkZTVjNDhiYmE4ZmJlYjkxYTZhMTNiMDhiOGU5YzdhZDEzNTNjMmNkNWE1ZWQ3YjgxNWQ2IiwidGFnIjoiIn0%3D |
|
locked4.com/ | Name: ogads_session Value: eyJpdiI6IktHbU9YUHI1bzlLbGl2L0tGcU5zamc9PSIsInZhbHVlIjoidTVzSXNCbkw0Y0xucGd3Z3N6RklZTy9aOXFSditOTHBiY2E3cGhnVDFWYjMydStDTE5CZStEa01HSEdSOFJOVTRQRlRWSDA3ZWcrdDBwQVExVEhoRDVyMjFKMzJlaHFobGthd2VGdXQrYUIrY1dYenhINWtZQ2JUaVZuZ2R0VmwiLCJtYWMiOiIyOTU3N2QwMDQwYmFhYTljODczMDczYTdlNDM5NGUxZWQ5ZTljOTA5MTQxNzNhMGMyMDNjYzQxNzQ5NTBlOTkzIiwidGFnIjoiIn0%3D |
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
fonts.googleapis.com
img.freepik.com
install.crazyleaks.wtf
locked4.com
www.calloutcomputers.org
www.onlyleaks.pro
23.22.126.183
2600:141b:1c00:30::1739:5a70
2607:f8b0:4006:821::200a
2a02:4780:a:1404:0:1480:e228:c
37.26.107.36
94.242.50.233
04429556ca4d24fd13c60d802f899f3b170afe71c6c66c90a76c52e4f5842202
0fef544b133eeae68d6d5a63c86be04de8d59bad101c3489341224bc19a19100
2458c85dc999c45d28ec604053133f436cfa840410c0ba7bf6e38527bbbecd14
411c3b67470107f2cffe4a22da5e522c54147870bedb77fb1b97c418b4c12446
42e3aa54cfacaa5849859a70cb2d5f26e77df19f59e6c83e0077d072efb9a5b7
43d6221539ba2bf66e19be89497cf77474698fba59a1935c972c40c701e401ef
47b68dce8cb6805ad5b3ea4d27af92a241f4e29a5c12a274c852e4346a0500b4
610ae5728a5d5afca57d58e21fc40567584ab56a58a899bfb9d64ac49fdce45e
892c583ba92958d2c298f987e172206c1a5a3d25bd1d4e840b5bc29f5e728c96
8a13391c51b0068e35146a8371ce5d47f0ef27d5328024ac74c810c53f3040dc
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
d4d271c8d73e9e8d169894c74560e70415fee5618d7af4217931b29a1bd4da10
dc376d6e221d72ef957c74cb25be593ea06b576214a35c975a690b2e554e54e1
ed94337ebb41e7c2ebd1e757ad311052f81dbaf12e58f5b4c758efaac8e7657a
f6726359a68eed49b3611a06f9386318a22156f6d119bb5559bc463cd88c11b6
fe6d53cb79d8e17c660806c280311d3e5257c76e9346fa61db806b1240edad17