Submit a leak
Two paths into the pipeline. Use Submit URL for anything the server can fetch directly (clearnet or onion archive URL). Use Upload when the leak only exposes a tree-style file explorer with no single archive — fetch the files locally, pack them into a zip/7z/tar yourself, then drop the bundle in here.
Submit URL
recommendedThe analyst should visit ransomware blog/leak pages, identify the breached organisation, and grab the link to the archive (often a .zip / .7z / .rar published alongside the description). Paste that URL here. The downloader handles onion + Tor routing automatically. Do not submit URLs to data over 100 GiB unless you've cleared it with the on-call analyst — they'll stall the queue.
Upload archive
file-tree leakscap 2 GiB · keeps the browser from timing outUse this when the leak site only exposes a file-tree explorer (no single archive). Download the files locally, pack them into a single .zip / .7z / .tar bundle, then upload. The pipeline will extract, classify, and normalise everything as if you'd submitted a URL.
Recent submissions
| When | Scheme | Host | Priority | URL |
|---|---|---|---|---|
| no submissions yet | ||||