urlscan.io logo urlscan.io
SecurityTrails logo

prod.leapers.com Open in urlscan Pro
18.238.4.5  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://admin.leapers.com.yhbqe0hk5ejr.xl4t.net/
Effective URL: https://prod.leapers.com/
Submission: On December 19 via api from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 1 IPs in 1 countries across 2 domains to perform 1 HTTP transactions. The main IP is 18.238.4.5, located in United States and belongs to AMAZON-02, US. The main domain is prod.leapers.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on July 31st 2023. Valid for: a year.
This is the only time prod.leapers.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 35.153.104.185 14618 (AMAZON-AES)
1 18.238.4.5 16509 (AMAZON-02)
1 1
Apex Domain
Subdomains		 Transfer
1 leapers.com
prod.leapers.com
536 B
1 xl4t.net
admin.leapers.com.yhbqe0hk5ejr.xl4t.net
5 KB
1 2
Domain Requested by
1 prod.leapers.com
1 admin.leapers.com.yhbqe0hk5ejr.xl4t.net 1 redirects
1 2

This site contains no links.

Subject Issuer Validity Valid
*.leapers.com
Go Daddy Secure Certificate Authority - G2		 2023-07-31 -
2024-08-12		 a year crt.sh

This page contains 1 frames:

Primary Page: https://prod.leapers.com/
Frame ID: 0753F6FF5F206D7550D6B5228D940A76
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://admin.leapers.com.yhbqe0hk5ejr.xl4t.net/ HTTP 302
    https://prod.leapers.com/ Page URL

Page Statistics

1
Requests

100 %
HTTPS

0 %
IPv6

2
Domains

2
Subdomains

1
IPs

1
Countries

1 kB
Transfer

0 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://admin.leapers.com.yhbqe0hk5ejr.xl4t.net/ HTTP 302
    https://prod.leapers.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

1 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
prod.leapers.com/
Redirect Chain
  • https://admin.leapers.com.yhbqe0hk5ejr.xl4t.net/
  • https://prod.leapers.com/
10 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://prod.leapers.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.238.4.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-238-4-5.phl51.r.cloudfront.net
Software
Webscale /
Resource Hash
c029d1c560ecb35bbb632f9f7102907b41a289e258055d477f92e21884f9ab79
Security Headers
Name Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

content-encoding
gzip
content-length
34
content-type
text/plain; charset=utf-8
date
Tue, 19 Dec 2023 20:39:53 GMT
server
Webscale
strict-transport-security
max-age=31557600
vary
Accept-Encoding
via
1.1 314bfc6827691675a2973499b9b6ac4e.cloudfront.net (CloudFront)
x-amz-cf-id
EiQ-pAFFTTejgbTwc9810P4uO1ntuGlkzzVRe-C1XWrcjEgY8_i7ng==
x-amz-cf-pop
PHL51-P1
x-cache
Error from cloudfront
x-content-type-options
nosniff

Redirect headers

cache-control
max-age=0, must-revalidate, no-cache, no-store
content-security-policy-report-only
font-src *.bootstrapcdn.com *.cloudflare.com *.bootstrap.com 'self' data: *.googleapis.com *.iwdagency.com *.yotpo.com *.gstatic.com *.fontawesome.com data: 'self' 'unsafe-inline'; form-action geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net pilot-payflowlink.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.paypal.com *.yotpo.com 'self' 'unsafe-inline'; frame-ancestors 'self'; frame-src fast.amc.demdex.net *.adobe.com geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com secure.authorize.net test.authorize.net www.googletagmanager.com www.paypal.com www.sandbox.paypal.com pilot-payflowlink.paypal.com player.vimeo.com *.youtube.com https://www.google.com/recaptcha/ *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de https://www.addthis.com https://s7.addthis.com/ *.paypal.com *.yotpo.com *.dotdigital-pages.com *.dotdigital.com cdn.dnky.co webchat.dotdigital.com c.paypal.com checkout.paypal.com assets.braintreegateway.com pay.google.com *.cardinalcommerce.com *.weltpixel.com 'self' 'unsafe-inline'; img-src assets.adobedtm.com amcglobal.sc.omtrdc.net dpm.demdex.net cm.everesttech.net *.adobe.com widgets.magentocommerce.com data: www.googleadservices.com www.google-analytics.com www.paypalobjects.com t.paypal.com *.ftcdn.net *.behance.net www.paypal.com fpdbs.paypal.com fpdbs.sandbox.paypal.com *.vimeocdn.com i.ytimg.com d3sbl0c71oxeok.cloudfront.net dhkkzdfmpzvap.cloudfront.net d2bpzs5y44q6e0.cloudfront.net d37shgu97oizpd.cloudfront.net d1zlqll3enr74n.cloudfront.net d1jynp0fpwn93a.cloudfront.net d2cb3tokgpwh3v.cloudfront.net d1re8bfxx3pw6e.cloudfront.net d35u8xwkxs8vpe.cloudfront.net d13s9xffygp5o.cloudfront.net d388nbw0dwi1jm.cloudfront.net d11p2vtu3dppaw.cloudfront.net d3r89hiip86hka.cloudfront.net dc7snq0c8ipyk.cloudfront.net d5c7kvljggzso.cloudfront.net d2h8yg3ypfzua1.cloudfront.net d1b556x7apj5fb.cloudfront.net draz1ib3z71v2.cloudfront.net dr6hdp4s5yzfc.cloudfront.net d2bomicxw8p7ii.cloudfront.net d3aypcdgvjnnam.cloudfront.net d2a3iuf10348gy.cloudfront.net *.ssl-images-amazon.com *.ssl-images-amazon.co.uk *.ssl-images-amazon.co.jp *.ssl-images-amazon.jp *.ssl-images-amazon.it *.ssl-images-amazon.fr *.ssl-images-amazon.es *.ssl-images-amazon.de *.media-amazon.com *.media-amazon.co.uk *.media-amazon.co.jp *.media-amazon.jp *.media-amazon.it *.media-amazon.fr *.media-amazon.es *.media-amazon.de *.cloudflare.com *.google-analytics.com *.paypal.com *.paypalobjects.com *.googleapis.com *.iwdagency.com *.yotpo.com https://img.youtube.com www.sandbox.paypal.com b.stats.paypal.com dub.stats.paypal.com assets.braintreegateway.com c.paypal.com checkout.paypal.com *.gstatic.com data: 'self' 'unsafe-inline'; script-src assets.adobedtm.com *.adobe.com geostag.cardinalcommerce.com 1eafstag.cardinalcommerce.com geoapi.cardinalcommerce.com 1eafapi.cardinalcommerce.com songbird.cardinalcommerce.com includestest.ccdc02.com secure.authorize.net test.authorize.net www.googleadservices.com www.google-analytics.com www.googletagmanager.com www.paypalobjects.com js.braintreegateway.com www.paypal.com www.sandbox.paypal.com t.paypal.com s.ytimg.com www.googleapis.com vimeo.com www.vimeo.com *.vimeocdn.com https://www.gstatic.com/recaptcha/ https://www.google.com/recaptcha/ *.payments-amazon.com *.payments-amazon.co.uk *.payments-amazon.co.jp *.payments-amazon.jp *.payments-amazon.it *.payments-amazon.fr *.payments-amazon.es *.payments-amazon.de *.gstatic.com https://maps.googleapis.com https://www.addthis.com https://s7.addthis.com/ m.addthis.com *.addthisedge.com *.paypalobjects.com *.paypal.com *.google.com z.moatads.com https://services.sheerid.com/jsapi/SheerID.js https://cdn.jsdelivr.net/npm/@sheerid/jslib@1/sheerid.js *.attn.tv *.attentivemobile.com www.youtube.com *.iwdagency.com *.yotpo.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com cdn.dnky.co webchat.dotdigital.com s7.addthis.com *.avada.io assets.braintreegateway.com c.paypal.com pay.google.com api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com https://www.googletagmanager.com tagmanager.google.com 'self' 'unsafe-inline' 'unsafe-eval'; style-src *.adobe.com *.bootstrapcdn.com *.cloudflare.com *.fontawesome.com *.iwdagency.com *.yotpo.com *.googleapis.com cdn.dnky.co webchat.dotdigital.com unsafe-inline tagmanager.google.com 'self' 'unsafe-inline'; object-src 'self' 'unsafe-inline'; media-src *.adobe.com 'self' 'unsafe-inline'; manifest-src 'self' 'unsafe-inline'; connect-src dpm.demdex.net amcglobal.sc.omtrdc.net geostag.cardinalcommerce.com geo.cardinalcommerce.com 1eafstag.cardinalcommerce.com 1eaf.cardinalcommerce.com centinelapistag.cardinalcommerce.com centinelapi.cardinalcommerce.com www.google-analytics.com www.sandbox.paypal.com www.paypalobjects.com www.paypal.com *.amazon.com *.amazon.co.uk *.amazon.co.jp *.amazon.jp *.amazon.it *.amazon.fr *.amazon.es *.amazon.de *.amazonpay.com *.amazonpay.co.uk *.amazonpay.co.jp *.amazonpay.jp *.amazonpay.it *.amazonpay.fr *.amazonpay.es *.amazonpay.de mws.amazonservices.com mws.amazonservices.co.uk mws.amazonservices.co.jp mws.amazonservices.jp mws.amazonservices.it mws.amazonservices.fr mws.amazonservices.es mws.amazonservices.de *.cloudflare.com *.paypal.com *.cardinalcommerce.com https://maps.googleapis.com https://cdn.jsdelivr.net/npm/@sheerid/jslib@1/sheerid.js https://www.addthis.com *.attn.tv *.attentivemobile.com *.iwdagency.com *.yotpo.com *.trackedlink.net *.trackedweb.net *.dotdigital-pages.com webchat.dotdigital.com ekr.zdassets.com/ https://get.geojs.io *.avada.io api.braintreegateway.com api.sandbox.braintreegateway.com client-analytics.braintreegateway.com client-analytics.sandbox.braintreegateway.com *.braintree-api.com https://www.google-analytics.com 'self' 'unsafe-inline'; child-src assets.braintreegateway.com c.paypal.com http: https: blob: 'self' 'unsafe-inline'; default-src 'self' 'unsafe-inline' 'unsafe-eval'; base-uri 'self' 'unsafe-inline';
content-type
text/html; charset=UTF-8
date
Tue, 19 Dec 2023 20:39:53 GMT
expires
Mon, 19 Dec 2022 20:39:53 GMT
location
https://prod.leapers.com/
pragma
no-cache
section-io-id
d6cc4333c61a3050fde30b46fed164e6
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture

2 Cookies

Domain/Path Name / Value
prod.leapers.com/ Name: lagrange_session
Value: 8f5ff2b9-108d-41c5-9dc0-7063a23f45c9
prod.leapers.com/ Name: wcid
Value: 3KQBzAznnDvtAAAB

1 Console Messages

Source Level URL
Text
network error URL: https://prod.leapers.com/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31557600
X-Content-Type-Options nosniff

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

admin.leapers.com.yhbqe0hk5ejr.xl4t.net
prod.leapers.com
18.238.4.5
35.153.104.185
c029d1c560ecb35bbb632f9f7102907b41a289e258055d477f92e21884f9ab79