urlscan.io logo urlscan.io
SecurityTrails logo

leedseng.com Open in urlscan Pro
153.92.215.222  Public Scan

Go To Rescan Add Verdict Report
URL: http://leedseng.com/
Submission: On January 22 via manual from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 3 IPs in 2 countries across 4 domains to perform 3 HTTP transactions. The main IP is 153.92.215.222, located in Asheville, United States and belongs to AS-HOSTINGER, CY. The main domain is leedseng.com.
This is the only time leedseng.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 153.92.215.222 47583 (AS-HOSTINGER)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:303... 13335 (CLOUDFLAR...)
3 3
1    153.92.215.222 (Asheville, United States)

ASN47583 (AS-HOSTINGER, CY)
PTR: us-imm-wol.boxsecured.com
leedseng.com
1    2400:52e0:1e00::1081:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.rawgit.com
1    2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    2606:4700:3038::6815:e97e (United States)

ASN13335 (CLOUDFLARENET, US)
eskipaper.com
1    2606:4700:3038::6815:e97d (United States)

ASN13335 (CLOUDFLARENET, US)
eskipaper.com
Apex Domain
Subdomains		 Transfer
2 eskipaper.com
eskipaper.com — Cisco Umbrella Rank: 819865
110 KB
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 324
2 KB
1 rawgit.com
cdn.rawgit.com — Cisco Umbrella Rank: 11673
730 B
1 leedseng.com
leedseng.com
1 KB
3 4
Domain Requested by
2 eskipaper.com 1 redirects leedseng.com
1 cdn.jsdelivr.net leedseng.com
1 cdn.rawgit.com 1 redirects
1 leedseng.com
3 4

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
Subject Issuer Validity Valid

This page contains 1 frames:

Primary Page: http://leedseng.com/
Frame ID: 889F02423E4EDDB17DF5BDBC51113B72
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HACKED

Detected technologies

Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

3
Requests

0 %
HTTPS

80 %
IPv6

4
Domains

4
Subdomains

3
IPs

2
Countries

113 kB
Transfer

116 kB
Size

0
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/green-bintang-jatuh.js HTTP 301
  • https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/green-bintang-jatuh.js
Request Chain 1
  • http://eskipaper.com/images/dark-anime-backgrounds-2.jpg HTTP 301
  • https://eskipaper.com/images/dark-anime-backgrounds-2.jpg

3 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
leedseng.com/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://leedseng.com/
Protocol
HTTP/1.1
Server
153.92.215.222 Asheville, United States, ASN47583 (AS-HOSTINGER, CY),
Reverse DNS
us-imm-wol.boxsecured.com
Software
LiteSpeed /
Resource Hash
4d61a380768a10a11d0a191a218217698c958391ebf1056728b139ca8eaecd4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
accept-ranges
bytes
content-encoding
gzip
content-length
926
content-type
text/html
date
Mon, 22 Jan 2024 09:51:14 GMT
last-modified
Wed, 20 Dec 2023 00:45:39 GMT
server
LiteSpeed
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
1; mode=block
green-bintang-jatuh.js
cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/
Redirect Chain
  • https://cdn.rawgit.com/bungfrangki/efeksalju/2a7805c7/green-bintang-jatuh.js
  • https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/green-bintang-jatuh.js
6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/green-bintang-jatuh.js
Requested by
Host: leedseng.com
URL: http://leedseng.com/
Protocol
H2
Server
2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7a7d97598fb35b0c6dff878b496e214245f63d411b9e82887c20eb5933efa15
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leedseng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:51:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
content-encoding
br
x-jsd-version
2a7805c7
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-served-by
cache-fra-eddf8230053-FRA, cache-lga21925-LGA
x-jsd-version-type
branch
server
cloudflare
etag
W/"1779-wbb22UFsyrXxqLAPVd1sVRbcirM"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=97%2B7gseYMBZ1uAengRJPQc%2FgyCYTgSzorUG8MTIEdsv5rsvaTo7bJ6WPGN0yWtumO7SkPTi7HAxwujOSNRHSlXj5CrF1h9KIbH1ObiL88214B1%2BQr7skq3bGJIdgpwKv0XcVqcvlGeIVhaqoapo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
timing-allow-origin
*
cf-ray
8496e5b4cf9319ad-FRA

Redirect headers

date
Mon, 22 Jan 2024 09:51:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cdn-edgestorageid
1081
age
60050
x-cache
MISS, HIT
cdn-cachedat
01/22/2024 09:51:14
cdn-pullzone
201235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443", h3-29=":443", h3-27=":443"
content-length
115
x-served-by
cache-fra-etou8220070-FRA, cache-chi-kigq8000121-CHI
server
BunnyCDN-DE1-1081
cdn-proxyver
1.04
cdn-requestpullcode
301
vary
Accept-Encoding
content-type
text/plain; charset=utf-8
location
https://cdn.jsdelivr.net/gh/bungfrangki/efeksalju@2a7805c7/green-bintang-jatuh.js
access-control-allow-origin
*
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
access-control-expose-headers
*
cache-control
public, max-age=2592000
cdn-cache
EXPIRED
cdn-requestid
09ce063889ba46ca542e1d23f7db647b
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
301
cdn-requestpullsuccess
True
dark-anime-backgrounds-2.jpg
eskipaper.com/images/
Redirect Chain
  • http://eskipaper.com/images/dark-anime-backgrounds-2.jpg
  • https://eskipaper.com/images/dark-anime-backgrounds-2.jpg
109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eskipaper.com/images/dark-anime-backgrounds-2.jpg
Requested by
Host: leedseng.com
URL: http://leedseng.com/
Protocol
H2
Server
2606:4700:3038::6815:e97d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
732919637b3e5a61b4fd4d21bd8ce88bf0180816464a8022eadfe78af27bf075

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://leedseng.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date
Mon, 22 Jan 2024 09:51:15 GMT
cf-cache-status
MISS
last-modified
Tue, 29 Sep 2015 11:45:06 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1b3a6-520e158607480;5925a1c79a780"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uRWqLWHv1nwHvXDUD4RVZe6wCgNGXRWJ7PqNADzYMa1OjrnsJEdpxiGzBS4r%2BUeHV1zyUUf7nSWPTg99ZXbCwgFDcC6OC%2FyIP6%2BAxBTfwiC5ZHUpKEACLVOZP1cEFlT0UHxa9bPDDyPVtNHq"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
8496e5b42adf196d-FRA
alt-svc
h3=":443"; ma=86400
content-length
111526

Redirect headers

Date
Mon, 22 Jan 2024 09:51:14 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QMbzznFr2jXpY6UPufqLbcSLswtAW52AtGVVIGGVRDMaxBTiVO4kiui7FmHDnG%2B1Gk4Cnr29tP8RNlm0EQufoz5Pn2rZvt%2FWic5Q95QIl1gXUu6PcFpfCk3bNA%2BPoTuuhIKHP6o4x4F%2BJcQ0"}],"group":"cf-nel","max_age":604800}
Location
https://eskipaper.com/images/dark-anime-backgrounds-2.jpg
Cache-Control
max-age=3600
Vary
Accept-Encoding
Connection
keep-alive
CF-RAY
8496e5b399675d7c-FRA
alt-svc
h3=":443"; ma=86400
Expires
Mon, 22 Jan 2024 10:51:14 GMT

Verdicts & Comments Add Verdict or Comment

25 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

string| colour number| sparkles number| x number| y number| swide number| shigh number| sleft object| tiny object| star object| starv object| starx object| stary object| tinyx object| tinyy object| tinyv function| sparkle function| update_star function| update_tiny function| mouse function| set_scroll function| set_width function| createDiv number| ox number| oy number| sdown

0 Cookies

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block