l.ead.me - urlscan.io

Summary

This website contacted 1 IPs in 2 countries across 3 domains to perform 2 HTTP transactions. The main IP is 52.31.110.255, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is l.ead.me.
TLS certificate: Issued by Amazon on March 13th 2021. Valid for: a year.

This is the only time l.ead.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	13.56.30.207 13.56.30.207	16509 (AMAZON-02) (AMAZON-02)
1 1	13.52.20.127 13.52.20.127	16509 (AMAZON-02) (AMAZON-02)
1 3	52.31.110.255 52.31.110.255	16509 (AMAZON-02) (AMAZON-02)
2	1

1 13.56.30.207 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-56-30-207.us-west-1.compute.amazonaws.com

createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.52.20.127 (San Jose, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-13-52-20-127.us-west-1.compute.amazonaws.com

fazeclan.createsend1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.31.110.255 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-110-255.eu-west-1.compute.amazonaws.com

q-r.to	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
l.ead.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
2	ead.me l.ead.me	30 KB
2	createsend1.com 2 redirects createsend1.com fazeclan.createsend1.com	743 B
1	q-r.to 1 redirects q-r.to	1 KB
2	3

	Domain	Requested by
2	l.ead.me	l.ead.me
1	q-r.to	1 redirects
1	fazeclan.createsend1.com	1 redirects
1	createsend1.com	1 redirects
2	4

This site contains no links.

Subject Issuer	Validity	Valid
qrco.de Amazon	`2021-03-13` - `2022-04-11`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://l.ead.me/bcauG1
Frame ID: E21EB0F43C21BA6B0C939A1C29DB19C1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://createsend1.com/t/y-l-blrddtt-le-y/?fTAk4tRXWZwWAhxCkENG HTTP 302
https://fazeclan.createsend1.com/t/y-l-blrddtt-le-y/?fTAk4tRXWZwWAhxCkENG HTTP 302
https://q-r.to/bcauG1/ HTTP 302
https://l.ead.me/bcauG1 Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

1
IPs

2
Countries

30 kB
Transfer

28 kB
Size

10
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://createsend1.com/t/y-l-blrddtt-le-y/?fTAk4tRXWZwWAhxCkENG HTTP 302
https://fazeclan.createsend1.com/t/y-l-blrddtt-le-y/?fTAk4tRXWZwWAhxCkENG HTTP 302
https://q-r.to/bcauG1/ HTTP 302
https://l.ead.me/bcauG1 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request bcauG1 Show response l.ead.me/ Redirect Chain https://createsend1.com/t/y-l-blrddtt-le-y/?fTAk4tRXWZwWAhxCkENG https://fazeclan.createsend1.com/t/y-l-blrddtt-le-y/?fTAk4tRXWZwWAhxCkENG https://q-r.to/bcauG1/ https://l.ead.me/bcauG1	2 KB 2 KB	91ms 82ms	Document text/html	52.31.110.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://l.ead.me/bcauG1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.110.255 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-110-255.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash `1c85019d1bc7780153d1c6c59aab942693d86407a9762e211747dc0c90bf06e3` Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Accept-Language de-DE,de;q=0.9 Response headers date Thu, 02 Dec 2021 06:30:40 GMT content-type text/html; charset=UTF-8 server nginx expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache content-encoding gzip Redirect headers date Thu, 02 Dec 2021 06:30:40 GMT content-type text/html; charset=UTF-8 location https://l.ead.me/bcauG1 server nginx expires Thu, 19 Nov 1981 08:52:00 GMT cache-control no-store, no-cache, must-revalidate pragma no-cache
GET H2	200	smartphone-preview.min.css l.ead.me/css/build/	27 KB 28 KB	30ms 29ms	Stylesheet text/css	52.31.110.255 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://l.ead.me/css/build/smartphone-preview.min.css Requested by Host: l.ead.me URL: https://l.ead.me/bcauG1 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 52.31.110.255 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-52-31-110-255.eu-west-1.compute.amazonaws.com Software nginx / Resource Hash `b65a36ddd85def0f675ac5897c25598e43dcc39fc2a45aeaabd316f3dc943187` Request headers Accept-Language de-DE,de;q=0.9 Referer https://l.ead.me/bcauG1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36 Response headers date Thu, 02 Dec 2021 06:30:40 GMT last-modified Wed, 01 Dec 2021 11:23:51 GMT server nginx accept-ranges bytes etag "61a75b47-6aed" content-length 27373 content-type text/css

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
q-r.to/	1970-01-19 23:17:11	Name: AWSALBTG Value: Om9u1SiNK7KyeyHABydOOUFmTUjUHtx8g+ua4/0+OoZ7TDUFPe/oPwqqhC+UqKEuAsFHBTmihpjALb9mxkCpZHF/ZbcywxeXZxtbVtLE6aXlloOgH3ZO8+k4BHblecjEPCRhOuNI+JqFnPzmvwLSi62Z6fG2pChg2aqhBIPbbLnJbsdp1+E=
q-r.to/	1970-01-19 23:17:11	Name: AWSALBTGCORS Value: Om9u1SiNK7KyeyHABydOOUFmTUjUHtx8g+ua4/0+OoZ7TDUFPe/oPwqqhC+UqKEuAsFHBTmihpjALb9mxkCpZHF/ZbcywxeXZxtbVtLE6aXlloOgH3ZO8+k4BHblecjEPCRhOuNI+JqFnPzmvwLSi62Z6fG2pChg2aqhBIPbbLnJbsdp1+E=
q-r.to/	1970-01-19 23:17:11	Name: AWSALB Value: iPxAEbmlmzR5g8GJXMWgW/WqQWYBsHalwU75HlDr3tP8PTO2wKpsE7feEEKaWxJ8uWXe765wiErQ0wJSYTFZmCj9O78NGAuzpUkQw29kpbcYlyW4xW34LUKBdcyo
q-r.to/	1970-01-19 23:17:11	Name: AWSALBCORS Value: iPxAEbmlmzR5g8GJXMWgW/WqQWYBsHalwU75HlDr3tP8PTO2wKpsE7feEEKaWxJ8uWXe765wiErQ0wJSYTFZmCj9O78NGAuzpUkQw29kpbcYlyW4xW34LUKBdcyo
q-r.to/	1969-12-31 23:59:59	Name: PHPSESSID Value: d2da28f33e480601710f128c1b6088ef
l.ead.me/	1969-12-31 23:59:59	Name: PHPSESSID Value: 291fff07f5bdd0f4919c56b7ab248f64
l.ead.me/	1970-01-19 23:17:11	Name: AWSALBTG Value: oYIWS73LcxgCjgpA7SBU+XIRFMGf8/taGjJSAo5OTBRiSvbdE732utibNgRzmGVnCUGadFwSYlsXUNhiuMULMUvMwfhD7882t7ZTHV6M0jUCBqHVxzh2axG6uFAsVw2xbe2ZTXIhoKvW/8+mMzqlBieMxdZ1qdv9EA7hRxy2bWJgvSYAB7I=
l.ead.me/	1970-01-19 23:17:11	Name: AWSALBTGCORS Value: oYIWS73LcxgCjgpA7SBU+XIRFMGf8/taGjJSAo5OTBRiSvbdE732utibNgRzmGVnCUGadFwSYlsXUNhiuMULMUvMwfhD7882t7ZTHV6M0jUCBqHVxzh2axG6uFAsVw2xbe2ZTXIhoKvW/8+mMzqlBieMxdZ1qdv9EA7hRxy2bWJgvSYAB7I=
l.ead.me/	1970-01-19 23:17:11	Name: AWSALB Value: tfcDF8ntgw8EonfiYcVxKTSpzZxgS1vbqw3kPd8Jcx4gVyy8Br9hdNb0qK+GNIhEUS0gqfjSAV57Ec7D6DQ+TcHMTsqvR6YiC25nU18vWKfM/1w8xqrQk4NYhxxE
l.ead.me/	1970-01-19 23:17:11	Name: AWSALBCORS Value: tfcDF8ntgw8EonfiYcVxKTSpzZxgS1vbqw3kPd8Jcx4gVyy8Br9hdNb0qK+GNIhEUS0gqfjSAV57Ec7D6DQ+TcHMTsqvR6YiC25nU18vWKfM/1w8xqrQk4NYhxxE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

createsend1.com
fazeclan.createsend1.com
l.ead.me
q-r.to
13.52.20.127
13.56.30.207
52.31.110.255
1c85019d1bc7780153d1c6c59aab942693d86407a9762e211747dc0c90bf06e3
b65a36ddd85def0f675ac5897c25598e43dcc39fc2a45aeaabd316f3dc943187

l.ead.me Open in urlscan Pro 52.31.110.255 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

2 Requests

100 %HTTPS

0 %IPv6

3 Domains

4 Subdomains

1 IPs

2 Countries

30 kBTransfer

28 kBSize

10 Cookies

0 Outgoing links

Page URL History

Redirected requests

2 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

10 Cookies

Indicators

l.ead.me Open in urlscan Pro
52.31.110.255 Public Scan

Screenshot
Live screenshot

Full Image

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

4
Subdomains

1
IPs

2
Countries

30 kB
Transfer

28 kB
Size

10
Cookies

2 HTTP transactions
0 data transactions