URL: https://leapmotor.nitroware.com.br/
Submission Tags: phishingrod
Submission: On April 09 via api from DE — Scanned from DE

Summary

This website contacted 11 IPs in 4 countries across 10 domains to perform 18 HTTP transactions. The main IP is 70.32.23.48, located in United States and belongs to A2HOSTING, US. The main domain is leapmotor.nitroware.com.br.
TLS certificate: Issued by cPanel, Inc. Certification Authority on January 23rd 2023. Valid for: 3 months.
This is the only time leapmotor.nitroware.com.br was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 70.32.23.48 55293 (A2HOSTING)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
5 79.133.177.225 24429 (TAOBAO Zh...)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 103.235.46.245 55967 (BAIDU Bei...)
18 11
Apex Domain
Subdomains
Transfer
5 leapmotor.com
en.leapmotor.com
223 KB
3 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 111
185 KB
2 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
5 KB
1 baidu.com
api.map.baidu.com — Cisco Umbrella Rank: 14819
1 KB
1 google.com
adservice.google.com — Cisco Umbrella Rank: 90
456 B
1 google.de
adservice.google.de — Cisco Umbrella Rank: 7832
531 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 980
606 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2284
252 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
77 KB
1 nitroware.com.br
leapmotor.nitroware.com.br
1 KB
18 10
Domain Requested by
5 en.leapmotor.com leapmotor.nitroware.com.br
en.leapmotor.com
3 pagead2.googlesyndication.com leapmotor.nitroware.com.br
pagead2.googlesyndication.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
1 api.map.baidu.com en.leapmotor.com
api.map.baidu.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 region1.google-analytics.com www.googletagmanager.com
1 www.googletagmanager.com leapmotor.nitroware.com.br
1 leapmotor.nitroware.com.br
18 10

This site contains no links.

Subject Issuer Validity Valid
leapmotor.com.br
cPanel, Inc. Certification Authority
2023-01-23 -
2023-04-23
3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
*.google-analytics.com
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
*.leapmotor.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1
2022-05-18 -
2023-05-31
a year crt.sh
*.googleadservices.com
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
*.google.de
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
*.google.com
GTS CA 1C3
2023-03-20 -
2023-06-12
3 months crt.sh
baidu.com
GlobalSign RSA OV SSL CA 2018
2022-07-05 -
2023-08-06
a year crt.sh

This page contains 4 frames:

Primary Page: https://leapmotor.nitroware.com.br/
Frame ID: 48930D539556F63F0CADD4A9FDEE6899
Requests: 9 HTTP requests in this frame

Frame: https://en.leapmotor.com/
Frame ID: 8DBE478D6ABE083999BDB776E6B17675
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Frame ID: 204FF23D74A34252262ADEBBCA8FF1B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9294266576023437&output=html&adk=1812271804&adf=3025194257&lmt=1661279583&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fleapmotor.nitroware.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681014820734&bpp=3&bdt=272&idt=265&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6880847632055&rume=1&frm=20&pv=2&ga_vid=1819282239.1681014821&ga_sid=1681014821&ga_hid=892576459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759875%2C44759926%2C44759837%2C31073710%2C21065725%2C31061691%2C31061693&oid=2&pvsid=1342185052085673&tmod=910907701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290
Frame ID: 253C7EE2AB4CBEE31AE34D0B4E2D3794
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Leapmotor

Detected technologies

Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

18
Requests

94 %
HTTPS

70 %
IPv6

10
Domains

10
Subdomains

11
IPs

4
Countries

494 kB
Transfer

1689 kB
Size

6
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

18 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
leapmotor.nitroware.com.br/
2 KB
1 KB
Document
General
Full URL
https://leapmotor.nitroware.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
70.32.23.48 , United States, ASN55293 (A2HOSTING, US),
Reverse DNS
mi3-lr10.supercp.com
Software
LiteSpeed /
Resource Hash
de175dd1cc1ee561757d98d8d8e45cc6b5d66ab8cd0a1e25867a5ef969c564fd
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
max-age=3600, must-revalidate
content-encoding
br
content-length
751
content-type
text/html
date
Sun, 09 Apr 2023 04:33:40 GMT
last-modified
Tue, 23 Aug 2022 18:33:03 GMT
server
LiteSpeed
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/
137 KB
47 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: leapmotor.nitroware.com.br
URL: https://leapmotor.nitroware.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7aca37ee11feb7a15d2a14a5602ad9fbf7e055e18571da665655cbf57786dcc4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leapmotor.nitroware.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
47787
x-xss-protection
0
server
cafe
etag
3005815681402849911
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 09 Apr 2023 04:33:40 GMT
js
www.googletagmanager.com/gtag/
219 KB
77 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-04L6XC2B9H
Requested by
Host: leapmotor.nitroware.com.br
URL: https://leapmotor.nitroware.com.br/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
04098d7ab6b5627d59f666d0792ec8130c420291e5e84aaef6d1fa17c938fcd6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leapmotor.nitroware.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:33:40 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
78670
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sun, 09 Apr 2023 04:33:40 GMT
/
en.leapmotor.com/ Frame 8DBE
673 B
881 B
Document
General
Full URL
https://en.leapmotor.com/
Requested by
Host: leapmotor.nitroware.com.br
URL: https://leapmotor.nitroware.com.br/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
717af4a7e7fb49dfcb9dd010fd97fb81861cfd8d55990508582597973e353620

Request headers

Referer
https://leapmotor.nitroware.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-headers
X-Requested-With
access-control-allow-methods
GET,POST,OPTIONS
access-control-allow-origin
*
age
2791
ali-swift-global-savetime
1681012032
content-encoding
gzip
content-length
410
content-type
text/html; charset=uft-8
date
Sun, 09 Apr 2023 03:47:12 GMT
eagleid
4f85b1a016810148206248923e
etag
"641c3c12-2a1"
last-modified
Thu, 23 Mar 2023 11:46:26 GMT
server
Tengine
timing-allow-origin
*
vary
Accept-Encoding
via
cache21.l2de2[0,0,304-0,H], cache2.l2de2[1,0], cache2.de3[2877,2876,200-0,H], cache12.de3[2879,0]
x-cache
HIT TCP_REFRESH_HIT dirn:13:813545667
x-swift-cachetime
3600
x-swift-savetime
Sun, 09 Apr 2023 04:33:43 GMT
collect
region1.google-analytics.com/g/
0
252 B
Ping
General
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-04L6XC2B9H&gtm=45je3430&_p=892576459&cid=1819282239.1681014821&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1681014820&sct=1&seg=0&dl=https%3A%2F%2Fleapmotor.nitroware.com.br%2F&dt=Leapmotor&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-04L6XC2B9H
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leapmotor.nitroware.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 09 Apr 2023 04:33:40 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://leapmotor.nitroware.com.br
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/
347 KB
116 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9294266576023437&plah=leapmotor.nitroware.com.br&bust=31073710
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
203919453f6c1721d2def0ba8505490bb8779a95be7c1c06b9a5d03015221417
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leapmotor.nitroware.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:33:40 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
118929
x-xss-protection
0
server
cafe
etag
1580479881779229544
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sun, 09 Apr 2023 04:33:40 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/ Frame 204F
10 KB
5 KB
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20230405/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leapmotor.nitroware.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30707
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4549
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 08 Apr 2023 20:01:53 GMT
etag
2378337311435320485
expires
Sat, 22 Apr 2023 20:01:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
rum_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/
55 KB
21 KB
Script
General
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230405/r20110914/rum_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9294266576023437&plah=leapmotor.nitroware.com.br&bust=31073710
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a813da40e9e3977475d74fe7d767836f0af2847ea03c84c1ef4ac2e42d6f6c7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leapmotor.nitroware.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 02:55:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
5905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21559
x-xss-protection
0
server
cafe
etag
561406819925354030
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 23 Apr 2023 02:55:16 GMT
cookie.js
partner.googleadservices.com/gampad/
399 B
606 B
Script
General
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=leapmotor.nitroware.com.br&callback=_gfp_s_&client=ca-pub-9294266576023437
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9294266576023437&plah=leapmotor.nitroware.com.br&bust=31073710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
655e34cace932c59daa8dc2076e5660e593dd5c943a25be06d9c8403b67bc945
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leapmotor.nitroware.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
254
x-xss-protection
0
integrator.js
adservice.google.de/adsid/
107 B
531 B
Script
General
Full URL
https://adservice.google.de/adsid/integrator.js?domain=leapmotor.nitroware.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9294266576023437&plah=leapmotor.nitroware.com.br&bust=31073710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leapmotor.nitroware.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/
107 B
456 B
Script
General
Full URL
https://adservice.google.com/adsid/integrator.js?domain=leapmotor.nitroware.com.br
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9294266576023437&plah=leapmotor.nitroware.com.br&bust=31073710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://leapmotor.nitroware.com.br/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:33:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 253C
603 B
245 B
Document
General
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9294266576023437&output=html&adk=1812271804&adf=3025194257&lmt=1661279583&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x1080_l%7C500x1080_r&format=0x0&url=https%3A%2F%2Fleapmotor.nitroware.com.br%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1681014820734&bpp=3&bdt=272&idt=265&shv=r20230405&mjsv=m202304060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6880847632055&rume=1&frm=20&pv=2&ga_vid=1819282239.1681014821&ga_sid=1681014821&ga_hid=892576459&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44773810%2C44759875%2C44759926%2C44759837%2C31073710%2C21065725%2C31061691%2C31061693&oid=2&pvsid=1342185052085673&tmod=910907701&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=290
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9294266576023437&plah=leapmotor.nitroware.com.br&bust=31073710
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://leapmotor.nitroware.com.br/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
46
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sun, 09 Apr 2023 04:33:41 GMT
expires
Sun, 09 Apr 2023 04:33:41 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
api
api.map.baidu.com/ Frame 8DBE
270 B
1 KB
Script
General
Full URL
https://api.map.baidu.com/api?v=3.0&ak=jcI3Q88g6V99OPBjLryoOqPTtsRdedHA
Requested by
Host: en.leapmotor.com
URL: https://en.leapmotor.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
103.235.46.245 , Hong Kong, ASN55967 (BAIDU Beijing Baidu Netcom Science and Technology Co., Ltd., CN),
Reverse DNS
Software
apache /
Resource Hash
094e232ffd6d0f850e8746623bfadf0b5323aa3a4d5bbadda242d4b8e1f7fb92

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.leapmotor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Http_x_bd_logid64
2024532340460555530
Date
Sun, 09 Apr 2023 04:33:44 GMT
Tracecode
20245325120381598218040912
Server
apache
Http_x_bd_subsys
apimap
Content-Type
text/javascript;charset=utf-8
P3p
CP=" OTI DSP COR IVA OUR IND COM ", CP=" OTI DSP COR IVA OUR IND COM "
Http_x_bd_product
map
Cache-Control
max-age=86400
Http_x_bd_logid
2024532512
Connection
keep-alive
Content-Length
270
Expires
Mon, 10 Apr 2023 04:33:44 GMT
app.8b15d9cce194e7475b455225984bd17c.css
en.leapmotor.com/static/css/ Frame 8DBE
462 KB
62 KB
Stylesheet
General
Full URL
https://en.leapmotor.com/static/css/app.8b15d9cce194e7475b455225984bd17c.css
Requested by
Host: en.leapmotor.com
URL: https://en.leapmotor.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
6bc9f6eaf2c23421e0281cc2c37eb4a2f5ae83d913279395d7ae1ec2b9c8fcd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.leapmotor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:33:20 GMT
via
cache20.l2de2[0,-1,304-0,H], cache7.l2de2[1,0], cache9.de3[8,8,200-0,H], cache12.de3[10,0]
content-encoding
gzip
age
23
x-swift-cachetime
3600
x-cache
HIT TCP_REFRESH_HIT dirn:12:838971138
x-swift-savetime
Sun, 09 Apr 2023 04:33:43 GMT
content-length
63156
last-modified
Thu, 23 Mar 2023 11:46:26 GMT
server
Tengine
etag
"641c3c12-73709"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
text/css
access-control-allow-origin
*
ali-swift-global-savetime
1681014800
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
eagleid
4f85b1a016810148235543431e
manifest.8433375284da2a5c9cf0.js
en.leapmotor.com/static/js/ Frame 8DBE
2 KB
1 KB
Script
General
Full URL
https://en.leapmotor.com/static/js/manifest.8433375284da2a5c9cf0.js
Requested by
Host: en.leapmotor.com
URL: https://en.leapmotor.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
30b04adac259719e6dd0f29c62fd9ca4cd97051bbdce072c35a3b2f46fc95e52

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.leapmotor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:14:31 GMT
via
cache21.l2de2[0,0,304-0,H], cache20.l2de2[0,0], cache10.de3[7,7,200-0,H], cache12.de3[9,0]
content-encoding
gzip
age
1152
x-swift-cachetime
3600
x-cache
HIT TCP_REFRESH_HIT dirn:13:104800309
x-swift-savetime
Sun, 09 Apr 2023 04:33:43 GMT
content-length
1129
last-modified
Thu, 23 Mar 2023 11:46:26 GMT
server
Tengine
etag
"641c3c12-766"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=uft-8
access-control-allow-origin
*
ali-swift-global-savetime
1681013671
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
eagleid
4f85b1a016810148235543432e
vendor.c5fdb2db65e8da9e063f.js
en.leapmotor.com/static/js/ Frame 8DBE
410 KB
135 KB
Script
General
Full URL
https://en.leapmotor.com/static/js/vendor.c5fdb2db65e8da9e063f.js
Requested by
Host: en.leapmotor.com
URL: https://en.leapmotor.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
bbe8d23cf3047c0f1cb14cda255d35c4cb5665e1fbd0e885e2283d0e8c30c3e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.leapmotor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:14:29 GMT
via
cache23.l2de2[0,0,304-0,H], cache15.l2de2[0,0], cache5.de3[3,3,200-0,H], cache12.de3[5,0]
content-encoding
gzip
age
1154
x-swift-cachetime
3600
x-cache
HIT TCP_REFRESH_HIT dirn:13:782654766
x-swift-savetime
Sun, 09 Apr 2023 04:33:43 GMT
content-length
137351
last-modified
Thu, 23 Mar 2023 11:46:26 GMT
server
Tengine
etag
"641c3c12-66780"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=uft-8
access-control-allow-origin
*
ali-swift-global-savetime
1681013669
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
eagleid
4f85b1a016810148235543434e
app.9a02d3299db49af83c45.js
en.leapmotor.com/static/js/ Frame 8DBE
43 KB
24 KB
Script
General
Full URL
https://en.leapmotor.com/static/js/app.9a02d3299db49af83c45.js
Requested by
Host: en.leapmotor.com
URL: https://en.leapmotor.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.133.177.225 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
9af7616c5b25f4da26047fa88c2d7a61d5f9f2ff423b91f529684b78196b17cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.leapmotor.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Sun, 09 Apr 2023 04:14:29 GMT
via
cache21.l2de2[0,0,304-0,H], cache4.l2de2[1,0], cache4.de3[6,5,200-0,H], cache12.de3[8,0]
content-encoding
gzip
age
1154
x-swift-cachetime
3600
x-cache
HIT TCP_REFRESH_HIT dirn:13:121062609
x-swift-savetime
Sun, 09 Apr 2023 04:33:43 GMT
content-length
24652
last-modified
Thu, 23 Mar 2023 11:46:26 GMT
server
Tengine
etag
"641c3c12-ace2"
vary
Accept-Encoding
access-control-allow-methods
GET,POST,OPTIONS
content-type
application/javascript; charset=uft-8
access-control-allow-origin
*
ali-swift-global-savetime
1681013669
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
eagleid
4f85b1a016810148235543435e
getscript
api.map.baidu.com/ Frame 8DBE
0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.map.baidu.com
URL
https://api.map.baidu.com/getscript?v=3.0&ak=jcI3Q88g6V99OPBjLryoOqPTtsRdedHA&services=&t=20230317105246

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| gtag object| dataLayer object| google_tag_manager object| google_tag_data function| onYouTubeIframeAPIReady object| gaGlobal object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing boolean| google_plmetrics object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots number| google_rum_task_id_counter function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint function| google_sa_impl object| google_rum_config object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| _google_rum_ns_

6 Cookies

Domain/Path Name / Value
.nitroware.com.br/ Name: _ga
Value: GA1.1.1819282239.1681014821
.nitroware.com.br/ Name: _ga_04L6XC2B9H
Value: GS1.1.1681014820.1.0.1681014820.0.0.0
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.nitroware.com.br/ Name: __gads
Value: ID=93ca11bf337b1961-227291068add001e:T=1681014821:RT=1681014821:S=ALNI_MYwrKV-PPsZe9IA0ow2pfCi7PIghw
.nitroware.com.br/ Name: __gpi
Value: UID=00000bd370e796b0:T=1681014821:RT=1681014821:S=ALNI_MbksqHM0h7dDN9jc4S_py-iCcft-w
.baidu.com/ Name: BAIDUID_BFESS
Value: EBABE4A60DD0B719663BFA7C20816958:FG=1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
api.map.baidu.com
en.leapmotor.com
googleads.g.doubleclick.net
leapmotor.nitroware.com.br
pagead2.googlesyndication.com
partner.googleadservices.com
region1.google-analytics.com
www.googletagmanager.com
api.map.baidu.com
103.235.46.245
2001:4860:4802:32::36
2a00:1450:4001:803::2002
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
70.32.23.48
79.133.177.225
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
04098d7ab6b5627d59f666d0792ec8130c420291e5e84aaef6d1fa17c938fcd6
094e232ffd6d0f850e8746623bfadf0b5323aa3a4d5bbadda242d4b8e1f7fb92
203919453f6c1721d2def0ba8505490bb8779a95be7c1c06b9a5d03015221417
30b04adac259719e6dd0f29c62fd9ca4cd97051bbdce072c35a3b2f46fc95e52
655e34cace932c59daa8dc2076e5660e593dd5c943a25be06d9c8403b67bc945
6bc9f6eaf2c23421e0281cc2c37eb4a2f5ae83d913279395d7ae1ec2b9c8fcd8
717af4a7e7fb49dfcb9dd010fd97fb81861cfd8d55990508582597973e353620
7aca37ee11feb7a15d2a14a5602ad9fbf7e055e18571da665655cbf57786dcc4
9af7616c5b25f4da26047fa88c2d7a61d5f9f2ff423b91f529684b78196b17cf
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a813da40e9e3977475d74fe7d767836f0af2847ea03c84c1ef4ac2e42d6f6c7e
bbe8d23cf3047c0f1cb14cda255d35c4cb5665e1fbd0e885e2283d0e8c30c3e1
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
de175dd1cc1ee561757d98d8d8e45cc6b5d66ab8cd0a1e25867a5ef969c564fd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855