www.leavesuae.com Open in urlscan Pro
160.124.204.108 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://www.leavesuae.com/m9gm/?lfv=dgzu&wiephc=kuhvysw47xmk1m2pbc3n3p/3r143scg4diuegcq0ttienndmhg19k15xte6baevub7zh5r/0gp...
Submission: On March 12 via api (March 12th 2024, 12:52:25 am UTC) from US — Scanned from US

Summary HTTP 27 Redirects Behaviour Indicators

Summary

This website contacted 6 IPs in 3 countries across 6 domains to perform 27 HTTP transactions. The main IP is 160.124.204.108, located in South Africa and belongs to POWERLINE-AS-AP POWER LINE DATACENTER, HK. The main domain is www.leavesuae.com.

This is the only time www.leavesuae.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	160.124.204.108 160.124.204.108	132839 (POWERLINE...) (POWERLINE-AS-AP POWER LINE DATACENTER)
17	154.216.86.3 154.216.86.3	132839 (POWERLINE...) (POWERLINE-AS-AP POWER LINE DATACENTER)
1	104.192.108.192 104.192.108.192	55992 (QIHOO Bei...) (QIHOO Beijing Qihu Technology Company Limited)
1	2600:9000:26c... 2600:9000:26c7:6000:18:fae5:de00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	171.13.14.66 171.13.14.66	() ()
27	6

1 160.124.204.108 (South Africa)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)

www.leavesuae.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 154.216.86.3 (Hong Kong, Hong Kong)

ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK)

154.216.86.3	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.192.108.192 (United States)

ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN)

js.passport.qihucdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:26c7:6000:18:fae5:de00:93a1 (United States)

ASN16509 (AMAZON-02, US)

s5.qhres2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 171.13.14.66 (None, )

ASN- ()

s.360.cn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
1	360.cn s.360.cn	240 B
1	qhres2.com s5.qhres2.com	1 KB
1	qihucdn.com js.passport.qihucdn.com — Cisco Umbrella Rank: 705012	474 B
1	leavesuae.com www.leavesuae.com	672 B
0	Failed function sub() { [native code] }. Failed
0	baidu.com Failed push.zhanzhang.baidu.com Failed
27	6

	Domain	Requested by
1	s.360.cn	www.leavesuae.com
1	s5.qhres2.com	js.passport.qihucdn.com
1	js.passport.qihucdn.com	154.216.86.3
1	www.leavesuae.com
0	154.216.86.3 Failed	154.216.86.3
0	push.zhanzhang.baidu.com Failed	www.leavesuae.com
27	6

This site contains no links.

Subject Issuer	Validity	Valid

This page contains 2 frames:

Primary Page: http://www.leavesuae.com/m9gm/?lfv=dgzu&wiephc=kuhvysw47xmk1m2pbc3n3p/3r143scg4diuegcq0ttienndmhg19k15xte6baevub7zh5r/0gp3ddtxhqjb1e1hmzjy+/qsih4xvnos/ck2kfhvurbaiqsrmi5kjj13rbq6p0e0=
Frame ID: 45984A8889875AE270702276359709F6
Requests: 6 HTTP requests in this frame

Frame: http://154.216.86.3/
Frame ID: 994D58BBF4A7A1656BAC958169847A2C
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

27
Requests

0 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

202 kB
Transfer

527 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

27 HTTP transactions
1 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	403 Forbidden	Primary Request / Show response www.leavesuae.com/m9gm/	725 B 672 B	817ms 313ms	Document text/html	160.124.204.108 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://www.leavesuae.com/m9gm/?lfv=dgzu&wiephc=kuhvysw47xmk1m2pbc3n3p/3r143scg4diuegcq0ttienndmhg19k15xte6baevub7zh5r/0gp3ddtxhqjb1e1hmzjy+/qsih4xvnos/ck2kfhvurbaiqsrmi5kjj13rbq6p0e0= Protocol HTTP/1.1 Server 160.124.204.108 , South Africa, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `e983097e46d116c03d0000c4e9290e73c26a2be4df4e0a3d4174dbce0c9ed4b3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html; charset=UTF-8 Date Tue, 12 Mar 2024 00:51:51 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	js.js Show response 154.216.86.3/	3 KB 2 KB	613ms 299ms	Script application/javascript	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://154.216.86.3/js.js Requested by Host: www.leavesuae.com URL: http://www.leavesuae.com/m9gm/?lfv=dgzu&wiephc=kuhvysw47xmk1m2pbc3n3p/3r143scg4diuegcq0ttienndmhg19k15xte6baevub7zh5r/0gp3ddtxhqjb1e1hmzjy+/qsih4xvnos/ck2kfhvurbaiqsrmi5kjj13rbq6p0e0= Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `d4cc1261ea4fc612316e0d8eb9bcb490665ea6424253fcc7d9d8e185f2b8481e` Request headers accept-language en-US,en;q=0.9 Referer http://www.leavesuae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:52 GMT Content-Encoding gzip Last-Modified Sat, 03 Feb 2024 07:32:54 GMT Server nginx ETag W/"65bdec26-b51" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Tue, 12 Mar 2024 12:51:52 GMT
GET		push.js push.zhanzhang.baidu.com/	0 0

GET H/1.1	200 OK	/ Show response 154.216.86.3/ Frame 994D	8 KB 2 KB	2453ms 2421ms	Document text/html	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://154.216.86.3/ Requested by Host: 154.216.86.3 URL: http://154.216.86.3/js.js Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `695a35f7f3f8535a842e8dbe4dd6e3b9d6f517f3e26c424ff009bfdc202f3d3f` Request headers Referer http://www.leavesuae.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 accept-language en-US,en;q=0.9 Response headers Connection keep-alive Content-Encoding gzip Content-Type text/html Date Tue, 12 Mar 2024 00:51:52 GMT ETag W/"65c21995-2097" Last-Modified Tue, 06 Feb 2024 11:35:49 GMT Server nginx Transfer-Encoding chunked Vary Accept-Encoding
GET H/1.1	200 OK	11.0.1.js Show response js.passport.qihucdn.com/	105 B 474 B	5786ms 167ms	Script application/x-javascript	104.192.108.192 QIHOO Beijing Qih...
General Check archive.org Show headers Download Go to Full URL http://js.passport.qihucdn.com/11.0.1.js?a947355270f5d3148c09110f1832f40b Requested by Host: 154.216.86.3 URL: http://154.216.86.3/js.js Protocol HTTP/1.1 Server 104.192.108.192 , United States, ASN55992 (QIHOO Beijing Qihu Technology Company Limited, CN), Reverse DNS Software / Resource Hash `2b56ed0b00d15dde097595d4cc8e29e5f6053e6f6efdf8b3c13dfe7b9185b1f2` Request headers Referer http://www.leavesuae.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Tue, 12 Mar 2024 00:51:58 GMT Content-Encoding gzip KCS-Via HIT from w-fc03.lato;REVALIDATED from w-sc01.lato Last-Modified Wed, 28 Nov 2018 07:43:20 GMT Transfer-Encoding chunked Content-Type application/x-javascript Cache-Control max-age=600 Connection keep-alive Expires Tue, 12 Mar 2024 01:01:58 GMT
GET H/1.1	200 OK	jquery.min.js Show response 154.216.86.3/tz/statics/js/ Frame 994D	81 KB 32 KB	314ms 301ms	Script application/javascript	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://154.216.86.3/tz/statics/js/jquery.min.js Requested by Host: 154.216.86.3 URL: http://154.216.86.3/ Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `934d67773d5fe70e9555a4249831d277ced46623d56a598c005396e7d43a2c98` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:55 GMT Content-Encoding gzip Last-Modified Sun, 28 Jan 2024 10:13:04 GMT Server nginx ETag W/"65b628b0-14499" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Tue, 12 Mar 2024 12:51:55 GMT
GET H/1.1	200 OK	link.js Show response 154.216.86.3/tz/statics/js/ Frame 994D	960 B 744 B	961ms 679ms	Script application/javascript	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://154.216.86.3/tz/statics/js/link.js Requested by Host: 154.216.86.3 URL: http://154.216.86.3/ Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `35be6845d8083fa16714c91d4b9a1a1378e5664cb40a6c4be3da42e6b7093778` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:55 GMT Content-Encoding gzip Last-Modified Sun, 10 Mar 2024 08:09:59 GMT Server nginx ETag W/"65ed6ad7-3c0" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Tue, 12 Mar 2024 12:51:55 GMT
GET H/1.1	200 OK	pscode.js Show response 154.216.86.3/tz/statics/js/ Frame 994D	912 B 629 B	963ms 679ms	Script application/javascript	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://154.216.86.3/tz/statics/js/pscode.js Requested by Host: 154.216.86.3 URL: http://154.216.86.3/ Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `d3a4ba4c96a8d32abf30f0c23ca9f8e168702173b1d409a6cc0a12459defdd83` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:55 GMT Content-Encoding gzip Last-Modified Sun, 28 Jan 2024 10:39:45 GMT Server nginx ETag W/"65b62ef1-390" Transfer-Encoding chunked Vary Accept-Encoding Content-Type application/javascript Cache-Control max-age=43200 Connection keep-alive Expires Tue, 12 Mar 2024 12:51:55 GMT
GET H/1.1	200 OK	xk.css 154.216.86.3/tz/statics/css/ Frame 994D	103 KB 53 KB	304ms 289ms	Stylesheet text/css	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://154.216.86.3/tz/statics/css/xk.css Requested by Host: 154.216.86.3 URL: http://154.216.86.3/ Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `dc7438e4bcf6b9ff4c0f3ccd93c45f634402efdd5e94d9f7705a005f4d9cf78c` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:55 GMT Content-Encoding gzip Last-Modified Sun, 28 Jan 2024 10:13:07 GMT Server nginx ETag W/"65b628b3-19a76" Transfer-Encoding chunked Vary Accept-Encoding Content-Type text/css Cache-Control max-age=43200 Connection keep-alive Expires Tue, 12 Mar 2024 12:51:55 GMT
GET H/1.1	200 OK	rbsmgwmigzeaqeisaabdvano3pe24.webp 154.216.86.3/tz/statics/picture/ Frame 994D	16 KB 16 KB	310ms 303ms	Image image/webp	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/picture/rbsmgwmigzeaqeisaabdvano3pe24.webp Requested by Host: 154.216.86.3 URL: http://154.216.86.3/ Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `7d64db6d431dc6f31b281c30a63a87927309f910a009e3dbd8df9708d7e3110c` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:56 GMT Last-Modified Thu, 21 Sep 2023 10:07:41 GMT Server nginx Connection keep-alive ETag "650c15ed-406a" Transfer-Encoding chunked Content-Type image/webp
GET H/1.1	200 OK	rbsmgwmig0oaqpqmaabq2kzlptk31.webp 154.216.86.3/tz/statics/picture/ Frame 994D	18 KB 19 KB	307ms 300ms	Image image/webp	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/picture/rbsmgwmig0oaqpqmaabq2kzlptk31.webp Requested by Host: 154.216.86.3 URL: http://154.216.86.3/ Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `11d707bf46d3e44e7057580208377df9b8839b00403b94495d3a9f85db23842c` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:56 GMT Last-Modified Thu, 21 Sep 2023 10:07:40 GMT Server nginx Connection keep-alive ETag "650c15ec-497a" Transfer-Encoding chunked Content-Type image/webp
GET H/1.1	200 OK	rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp 154.216.86.3/tz/statics/picture/ Frame 994D	20 KB 20 KB	312ms 291ms	Image image/webp	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/picture/rbsmgwmmnw-ahnf9aabt7ce2zgq87.webp Requested by Host: 154.216.86.3 URL: http://154.216.86.3/ Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `18892f9cccd283a31caca1a6fba586223eaf8b4ecc3ae4c81c1f068af053d93d` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:56 GMT Last-Modified Thu, 21 Sep 2023 10:07:41 GMT Server nginx Connection keep-alive ETag "650c15ed-4e44" Transfer-Encoding chunked Content-Type image/webp
GET H/1.1	200 OK	rbsmgwmigyqad1n-aaa_2muwpem57.webp 154.216.86.3/tz/statics/picture/ Frame 994D	16 KB 16 KB	309ms 287ms	Image image/webp	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/picture/rbsmgwmigyqad1n-aaa_2muwpem57.webp Requested by Host: 154.216.86.3 URL: http://154.216.86.3/ Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `d21e7979c7530e83d7f7f91cd530baba0f7ee359e0aa19587f7f6971fbde35f8` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:51:56 GMT Last-Modified Thu, 21 Sep 2023 10:07:40 GMT Server nginx Connection keep-alive ETag "650c15ec-3e14" Transfer-Encoding chunked Content-Type image/webp
GET H/1.1	200 OK	ab77b6ea7f3fbf79.js Show response s5.qhres2.com/static/	478 B 1 KB	1169ms 117ms	Script application/javascript	2600:9000:26c7:6000:18:fae5:de00:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL http://s5.qhres2.com/static/ab77b6ea7f3fbf79.js Requested by Host: js.passport.qihucdn.com URL: http://js.passport.qihucdn.com/11.0.1.js?a947355270f5d3148c09110f1832f40b Protocol HTTP/1.1 Server 2600:9000:26c7:6000:18:fae5:de00:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software / Resource Hash `928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a` Request headers Referer http://www.leavesuae.com/ accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Intervention <https://www.chromestatus.com/feature/5718547946799104>; level="warning" Response headers Date Mon, 25 Dec 2023 08:00:12 GMT Via 1.1 3e05889c1fb3e37dfed25cc0ce3f3b72.cloudfront.net (CloudFront) KCS-Via HIT from w-fc01.lato;MISS from w-sc01.lyct X-QSTATIC-HIT 1 X-Amz-Cf-Pop ATL59-P4 Age 6713507 X-Cache Hit from cloudfront Connection keep-alive Content-Length 478 Last-Modified Mon, 01 Jan 2018 00:00:00 GMT ETag W/"5706bc27d76f6f72" Content-Type application/javascript; charset=utf-8 Access-Control-Allow-Origin * Cache-Control s-maxage=315360000, max-age=315360000, immutable Accept-Ranges bytes Timing-Allow-Origin * X-Amz-Cf-Id _l-jN2Z-HRg81ixR0bzAvdfPb_KhA0153zhFdeleSt4mGRdCNs_mgQ== Expires Thu, 22 Dec 2033 08:00:12 GMT
GET H/1.1	200 OK	zz.gif s.360.cn/so/	0 240 B	7537ms 6726ms	Image image/gif	171.13.14.66
General Check archive.org Show headers Download Go to Show image Full URL http://s.360.cn/so/zz.gif?url=http%3A%2F%2Fwww.leavesuae.com%2Fm9gm%2F%3Flfv%3Ddgzu%26wiephc%3Dkuhvysw47xmk1m2pbc3n3p%2F3r143scg4diuegcq0ttienndmhg19k15xte6baevub7zh5r%2F0gp3ddtxhqjb1e1hmzjy%2B%2Fqsih4xvnos%2Fck2kfhvurbaiqsrmi5kjj13rbq6p0e0%3D&sid=a947355270f5d3148c09110f1832f40b&token=a=904e703p565q2b7r03f15jdj3k154i Requested by Host: www.leavesuae.com URL: http://www.leavesuae.com/m9gm/?lfv=dgzu&wiephc=kuhvysw47xmk1m2pbc3n3p/3r143scg4diuegcq0ttienndmhg19k15xte6baevub7zh5r/0gp3ddtxhqjb1e1hmzjy+/qsih4xvnos/ck2kfhvurbaiqsrmi5kjj13rbq6p0e0= Protocol HTTP/1.1 Server 171.13.14.66 -, , ASN (), Reverse DNS Software openresty/1.15.8.2 / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers accept-language en-US,en;q=0.9 Referer http://www.leavesuae.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:52:00 GMT Last-Modified Thu, 01 Aug 2019 13:00:31 GMT Server openresty/1.15.8.2 ETag "5d42e26f-0" Content-Type image/gif Connection keep-alive Accept-Ranges bytes Content-Length 0
GET H/1.1	200 OK	background.png 154.216.86.3/tz/statics/images/ Frame 994D	22 KB 0	715ms 715ms	Image image/png	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/images/background.png Requested by Host: 154.216.86.3 URL: http://154.216.86.3/tz/statics/css/xk.css Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/tz/statics/css/xk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:52:14 GMT Last-Modified Mon, 29 Jan 2024 06:47:39 GMT Server nginx ETag "65b74a0b-2c6df" Transfer-Encoding chunked Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Thu, 11 Apr 2024 00:52:14 GMT
GET H/1.1	200 OK	ag-66.png 154.216.86.3/tz/statics/images/ Frame 994D	14 KB 0	719ms 719ms	Image image/png	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/images/ag-66.png Requested by Host: 154.216.86.3 URL: http://154.216.86.3/tz/statics/css/xk.css Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/tz/statics/css/xk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:52:14 GMT Last-Modified Sun, 28 Jan 2024 10:13:56 GMT Server nginx ETag "65b628e4-9b41" Transfer-Encoding chunked Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Thu, 11 Apr 2024 00:52:14 GMT
GET DATA	200 OK	truncated / Frame 994D	39 KB 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash `34e0792ec3f2e3a45a2afb3565a00e75241984dd331bd103cb99207f0fdfa44e` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Content-Type image/png
GET H/1.1	200 OK	xklogo.png 154.216.86.3/tz/statics/images/ Frame 994D	10 KB 0	714ms 713ms	Image image/png	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/images/xklogo.png Requested by Host: 154.216.86.3 URL: http://154.216.86.3/tz/statics/css/xk.css Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/tz/statics/css/xk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:52:14 GMT Last-Modified Sun, 28 Jan 2024 10:13:50 GMT Server nginx ETag "65b628de-101b4" Transfer-Encoding chunked Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Thu, 11 Apr 2024 00:52:14 GMT
GET H/1.1	200 OK	bylogo.png 154.216.86.3/tz/statics/images/ Frame 994D	20 KB 0	712ms 711ms	Image image/png	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/images/bylogo.png Requested by Host: 154.216.86.3 URL: http://154.216.86.3/tz/statics/css/xk.css Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/tz/statics/css/xk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:52:14 GMT Last-Modified Sun, 28 Jan 2024 10:13:50 GMT Server nginx ETag "65b628de-101b4" Transfer-Encoding chunked Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Thu, 11 Apr 2024 00:52:14 GMT
GET H/1.1	200 OK	ag-in.png 154.216.86.3/tz/statics/images/ Frame 994D	10 KB 11 KB	716ms 715ms	Image image/png	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Show image Full URL http://154.216.86.3/tz/statics/images/ag-in.png Requested by Host: 154.216.86.3 URL: http://154.216.86.3/tz/statics/css/xk.css Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash `878eb4268559ef5e80eebd1c07bfcd4745609deae1bdc856527aaa01055e67c2` Request headers accept-language en-US,en;q=0.9 Referer http://154.216.86.3/tz/statics/css/xk.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:52:14 GMT Last-Modified Sun, 28 Jan 2024 10:13:50 GMT Server nginx ETag "65b628de-297c" Transfer-Encoding chunked Content-Type image/png Cache-Control max-age=2592000 Connection keep-alive Expires Thu, 11 Apr 2024 00:52:14 GMT
GET		ag-qj.png 154.216.86.3/tz/statics/images/ Frame 994D	0 0

GET		sport-item-bg.png 154.216.86.3/tz/statics/images/ Frame 994D	0 0

GET H/1.1	200 OK	latin.woff2 154.216.86.3/tz/statics/fonts/ Frame 994D	28 KB 28 KB	1004ms 281ms	Font font/woff2	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://154.216.86.3/tz/statics/fonts/latin.woff2 Requested by Host: 154.216.86.3 URL: http://154.216.86.3/tz/statics/css/xk.css Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash Request headers Referer http://154.216.86.3/tz/statics/css/xk.css Origin http://154.216.86.3 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:52:15 GMT Last-Modified Sun, 28 Jan 2024 10:13:51 GMT Server nginx Connection keep-alive ETag "65b628df-6ebc" Transfer-Encoding chunked Content-Type font/woff2
GET H/1.1	200 OK	montserrat-regular.ttf 154.216.86.3/tz/statics/fonts/ Frame 994D	118 KB 0	1018ms 293ms	Font application/octet-stream	154.216.86.3 POWERLINE-AS-AP P...
General Check archive.org Show headers Download Go to Full URL http://154.216.86.3/tz/statics/fonts/montserrat-regular.ttf Requested by Host: 154.216.86.3 URL: http://154.216.86.3/tz/statics/css/xk.css Protocol HTTP/1.1 Server 154.216.86.3 Hong Kong, Hong Kong, ASN132839 (POWERLINE-AS-AP POWER LINE DATACENTER, HK), Reverse DNS Software nginx / Resource Hash Request headers Referer http://154.216.86.3/tz/statics/css/xk.css Origin http://154.216.86.3 accept-language en-US,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36 Response headers Date Tue, 12 Mar 2024 00:52:15 GMT Last-Modified Sun, 28 Jan 2024 10:13:55 GMT Server nginx Connection keep-alive ETag "65b628e3-2c174" Transfer-Encoding chunked Content-Type application/octet-stream
GET		iconfont.599951c1.woff2 154.216.86.3/tz/statics/fonts/ Frame 994D	0 0

GET		montserrat-black.ttf 154.216.86.3/tz/statics/fonts/ Frame 994D	0 0

GET		other.woff2 154.216.86.3/tz/statics/fonts/ Frame 994D	0 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: push.zhanzhang.baidu.com
URL: http://push.zhanzhang.baidu.com/push.js

Domain: 154.216.86.3
URL: http://154.216.86.3/tz/statics/images/ag-qj.png

Domain: 154.216.86.3
URL: http://154.216.86.3/tz/statics/images/sport-item-bg.png

Domain: 154.216.86.3
URL: http://154.216.86.3/tz/statics/fonts/iconfont.599951c1.woff2

Domain: 154.216.86.3
URL: http://154.216.86.3/tz/statics/fonts/montserrat-black.ttf

Domain: 154.216.86.3
URL: http://154.216.86.3/tz/statics/fonts/other.woff2

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 function| checkMobile object| str string| url2

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

23 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.leavesuae.com/m9gm/?lfv=dgzu&wiephc=kuhvysw47xmk1m2pbc3n3p/3r143scg4diuegcq0ttienndmhg19k15xte6baevub7zh5r/0gp3ddtxhqjb1e1hmzjy+/qsih4xvnos/ck2kfhvurbaiqsrmi5kjj13rbq6p0e0= Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	warning	URL: http://154.216.86.3/js.js(Line 60) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://js.passport.qihucdn.com/11.0.1.js?a947355270f5d3148c09110f1832f40b, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://154.216.86.3/js.js(Line 60) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://js.passport.qihucdn.com/11.0.1.js?a947355270f5d3148c09110f1832f40b, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://js.passport.qihucdn.com/11.0.1.js?a947355270f5d3148c09110f1832f40b Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s5.qhres2.com/static/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: http://js.passport.qihucdn.com/11.0.1.js?a947355270f5d3148c09110f1832f40b Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://s5.qhres2.com/static/ab77b6ea7f3fbf79.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT
other	warning	URL: http://154.216.86.3/ Message: Failed to decode downloaded font: http://154.216.86.3/tz/statics/fonts/latin.woff2
other	warning	URL: http://154.216.86.3/ Message: OTS parsing error: Failed to convert WOFF 2.0 font to SFNT

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

154.216.86.3
js.passport.qihucdn.com
push.zhanzhang.baidu.com
s.360.cn
s5.qhres2.com
www.leavesuae.com
154.216.86.3
push.zhanzhang.baidu.com
104.192.108.192
154.216.86.3
160.124.204.108
171.13.14.66
2600:9000:26c7:6000:18:fae5:de00:93a1
11d707bf46d3e44e7057580208377df9b8839b00403b94495d3a9f85db23842c
18892f9cccd283a31caca1a6fba586223eaf8b4ecc3ae4c81c1f068af053d93d
2b56ed0b00d15dde097595d4cc8e29e5f6053e6f6efdf8b3c13dfe7b9185b1f2
34e0792ec3f2e3a45a2afb3565a00e75241984dd331bd103cb99207f0fdfa44e
35be6845d8083fa16714c91d4b9a1a1378e5664cb40a6c4be3da42e6b7093778
695a35f7f3f8535a842e8dbe4dd6e3b9d6f517f3e26c424ff009bfdc202f3d3f
7d64db6d431dc6f31b281c30a63a87927309f910a009e3dbd8df9708d7e3110c
878eb4268559ef5e80eebd1c07bfcd4745609deae1bdc856527aaa01055e67c2
928131ab2183d971cdbfe2ed1329200212d0021db70574a35c89ae169c0f6e0a
934d67773d5fe70e9555a4249831d277ced46623d56a598c005396e7d43a2c98
d21e7979c7530e83d7f7f91cd530baba0f7ee359e0aa19587f7f6971fbde35f8
d3a4ba4c96a8d32abf30f0c23ca9f8e168702173b1d409a6cc0a12459defdd83
d4cc1261ea4fc612316e0d8eb9bcb490665ea6424253fcc7d9d8e185f2b8481e
dc7438e4bcf6b9ff4c0f3ccd93c45f634402efdd5e94d9f7705a005f4d9cf78c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e983097e46d116c03d0000c4e9290e73c26a2be4df4e0a3d4174dbce0c9ed4b3

www.leavesuae.com Open in urlscan Pro 160.124.204.108 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

27 Requests

0 %HTTPS

20 %IPv6

6 Domains

6 Subdomains

6 IPs

3 Countries

202 kBTransfer

527 kBSize

0 Cookies

0 Outgoing links

Redirected requests

27 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Failed requests

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

0 Cookies

23 Console Messages

Indicators

www.leavesuae.com Open in urlscan Pro
160.124.204.108 Public Scan

Screenshot
Live screenshot

Full Image

27
Requests

0 %
HTTPS

20 %
IPv6

6
Domains

6
Subdomains

6
IPs

3
Countries

202 kB
Transfer

527 kB
Size

0
Cookies

27 HTTP transactions
1 data transactions