Submitted URL: http://kameleon.bydirector.com/media/editors/codemirror/mode/turtle/
Effective URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Submission: On April 20 via manual from GB

Summary

This website contacted 6 IPs in 7 countries across 11 domains to perform 13 HTTP transactions. The main IP is 212.92.39.33, located in Barcelona, Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzuaf.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 23rd 2017. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 95.173.180.163 51559 (NETINTERNET)
1 1 104.27.142.223 13335 (CLOUDFLAR...)
1 1 104.27.145.143 13335 (CLOUDFLAR...)
1 1 34.252.150.25 16509 (AMAZON-02)
1 1 52.19.27.232 16509 (AMAZON-02)
3 91.213.228.131 198477 (MEDGR-NET)
2 2 79.171.200.160 34031 (JD-AS)
1 212.92.39.33 24592 (NEXICA-AS)
5 89.255.250.53 60626 (LEASEWEBCDN)
1 216.58.214.106 15169 (GOOGLE)
2 216.58.214.99 15169 (GOOGLE)
13 6
Domain Requested by
5 img.mobusi.com play.leadzuaf.com
3 tr.novaffil.com tr.novaffil.com
2 fonts.gstatic.com play.leadzuaf.com
2 ydr.to 2 redirects
1 fonts.googleapis.com play.leadzuaf.com
1 play.leadzuaf.com
1 securessl-smart.com 1 redirects
1 securecloud-smart.com 1 redirects
1 findthegirl.info 1 redirects
1 ardentdate.info 1 redirects
1 kameleon.bydirector.com
13 11

This site contains no links.

Subject Issuer Validity Valid
leadzuin.com
COMODO RSA Domain Validation Secure Server CA
2017-05-23 -
2018-04-26
a year crt.sh

This page contains 1 frames:

Primary Page: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Frame ID: 15934CDBE0B10DF83918416205902F47
Requests: 13 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://kameleon.bydirector.com/media/editors/codemirror/mode/turtle/ Page URL
  2. https://ardentdate.info/gjwsxjobhe HTTP 302
    http://findthegirl.info/gjwsxjobhe HTTP 302
    http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack HTTP 302
    http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=... HTTP 302
    http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436 Page URL
  3. http://tr.novaffil.com/go/DEatpbUos1474oh142332d200418u57a0a5fc98f?r=32895278 Page URL
  4. http://ydr.to/s/C6P?pubref=DEatpbUos1474oh142332d200418u57a0a5fc98f&affpubid=tpbUo HTTP 302
    http://ydr.to/s/2MK HTTP 302
    https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i

Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

13
Requests

8 %
HTTPS

0 %
IPv6

11
Domains

11
Subdomains

6
IPs

7
Countries

161 kB
Transfer

228 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://kameleon.bydirector.com/media/editors/codemirror/mode/turtle/ Page URL
  2. https://ardentdate.info/gjwsxjobhe HTTP 302
    http://findthegirl.info/gjwsxjobhe HTTP 302
    http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack HTTP 302
    http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack&ref=http%3A%2F%2Fkameleon.bydirector.com%2Fmedia%2Feditors%2Fcodemirror%2Fmode%2Fturtle%2F HTTP 302
    http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436 Page URL
  3. http://tr.novaffil.com/go/DEatpbUos1474oh142332d200418u57a0a5fc98f?r=32895278 Page URL
  4. http://ydr.to/s/C6P?pubref=DEatpbUos1474oh142332d200418u57a0a5fc98f&affpubid=tpbUo HTTP 302
    http://ydr.to/s/2MK HTTP 302
    https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ardentdate.info/gjwsxjobhe HTTP 302
  • http://findthegirl.info/gjwsxjobhe HTTP 302
  • http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack HTTP 302
  • http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack&ref=http%3A%2F%2Fkameleon.bydirector.com%2Fmedia%2Feditors%2Fcodemirror%2Fmode%2Fturtle%2F HTTP 302
  • http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436

13 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/
kameleon.bydirector.com/media/editors/codemirror/mode/turtle/
75 B
287 B
Document
General
Full URL
http://kameleon.bydirector.com/media/editors/codemirror/mode/turtle/
Protocol
HTTP/1.1
Server
95.173.180.163 Denizli, Turkey, ASN51559 (NETINTERNET, TR),
Reverse DNS
web.kaydet.net
Software
LiteSpeed /
Resource Hash
5325b464e6d4ee38938effddbf635299e888d2740b30aaf906d18dfa04bd1435

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
kameleon.bydirector.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 14:23:28 GMT
Last-Modified
Tue, 10 Apr 2018 09:36:20 GMT
Server
LiteSpeed
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
75
Content-Type
text/html
Cookie set /
tr.novaffil.com/
Redirect Chain
  • https://ardentdate.info/gjwsxjobhe
  • http://findthegirl.info/gjwsxjobhe
  • http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack
  • http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack&ref=http%3A%2F%2Fkameleon.bydirector.com%2Fmedia%2Feditors%2Fcodemirror%2Fmode%2Fturtl...
  • http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
11 KB
4 KB
Document
General
Full URL
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
675df0ac583fffb3864cbafcdf52c67357bc019f5e7195ffa4e4418662fc2a7a

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://kameleon.bydirector.com/media/editors/codemirror/mode/turtle/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://kameleon.bydirector.com/media/editors/codemirror/mode/turtle/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 14:23:31 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Fri, 20 Apr 2018 14:23:32 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/html; charset=utf-8
Cache-Control
public, no-cache="Set-Cookie", no-store, max-age=0
Set-Cookie
ASP.NET_SessionId=0oxrwmf4zz2jvjsg1bjmxfp4; path=/; HttpOnly uid=744634bf-6c69-408b-bed3-4e8b1a894563; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ unique=xTyLt=1; expires=Fri, 20-Apr-2018 23:59:59 GMT; path=/ rotaror=; expires=Fri, 20-Apr-2018 23:59:59 GMT; path=/
Content-Length
3445
Expires
Fri, 20 Apr 2018 14:23:32 GMT

Redirect headers

Date
Fri, 20 Apr 2018 14:23:31 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Language
en-US
Location
http://tr.novaffil.com?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
Set-Cookie
gdm_click_freq_v1_1_001=eZHHqo8CCkSeFmsh51KhroV696DSB/WDfwOB+AOD5SYYmUnOIOKbFcgEA1fkNyWr; Expires=Thu, 19-Jul-2018 14:23:31 GMT gdm_sid_v1_3_001=Fdd82RClTeEhmV3R6avvnjcKf0VZaIt5yoqkxQju6i7BYFqpTcQBGPQ4l+qDEKJP8g13tf2nTBPrghEi8lh34qWL/Ks3ErixhAYH62ep4fJXgVsKkNYtfFP8yuuSTTZqYXEs22FAH6wLkmtobZvn/W/Hdest8s1O0eDGdQXSBYfrGZJ9wfbcidjECfxYeDXJAbwN9SZn98X4mdFCLeJCHVW2H8OSFKqaxzORUXULOPeL+2lHoZfrykbqPYN9Xu1pEjIdxjwVRklqBZehczrkvcqUU+zlfBHqw+Jb6LrQpN0wDlC5Q/raqlUspu3/OlU/VCVbhr2VTXS9qZIQ76O6kIOJ8Zp3JFO0LZrURA0ae6LLwXCHFJZbDGQPwr/TX6oJiRyNaTOq/F/Al8RNq8v5PKvTG6jhmM1G8ghk6mxC/Lr2gYiKf3TyTIFR4vTJE2fuyXfWVGzzKa0N0SyfOVLMXeGKhDyI3AiECgfNWAc8NaHCLcSIO8a+eXf9jDlQeNYhifTf/G2mwMM1rx8N1GqyCHdJrFmQzfMvxWW6w9hDR9hh2ynTjyzPpZENaRU4vfHekRnzB9arF5wiLN4XcrnNf9k7bynZrx0ZpBXQsPqmyrH+R8iAgBIXcJ305Y4ZyFFgkuNxOqxO4eP+bkLUp8r6Tgm2RrpW3PQAD57nNYzBR/IHtlY9JTk0gBpQRjgVGM8+IW9LLQp2rqU5MB/+J1guvhltVJmr6rGCL9KD4BSNP7byLn31PeuWE8aiQpRkFutZ1DhU4+NtX7bE0RTDVBmlI2KiQj3J1WF55srpUyZhWGLJ+quNJag96W64n3qFmOJ7HcQu7zaNGFgVApfoFujdl0AR60Rh5dkJ+Ccxl1ysp1LhG0Irqj5wCkGCdRtPt04JR8K6oio2I9fKf9v4pLNwIAnGNtrmOxTTkhiUQvV5AIYP2L51yr2Atlkwt4YmGJYYY1nLcldUyDNlpAkf3qwuv0PCFivvMXPQPAkQObP9QzQw9wHEjWNZGnzJc70H8KOQY/EQWQtQKMa/l14RWC8RxMmlTZNb6xlOTgkT95DL/qI=; Expires=Thu, 19-Jul-2018 14:23:31 GMT gdm_uid_v1_1_001=h5nH0TnDgQe+f3CQyFztwxl9fnIststV3PbNAadmNmcjNbmsMn1LY7ZQ28wBO4Rq; Expires=Thu, 19-Jul-2018 14:23:31 GMT gdm_click_adv_freq_v1_1_001=Z3QDxQhErL/Po58Keh8wY8t4pUns4SQ0LenfrxoxJBVICqPbCtK6Khw9x3iQaNDX; Expires=Thu, 19-Jul-2018 14:23:31 GMT
Connection
keep-alive
Content-Type
text/html;charset=ISO-8859-1
dmpc.png
tr.novaffil.com/img/
133 B
379 B
Image
General
Full URL
http://tr.novaffil.com/img/dmpc.png
Requested by
Host: tr.novaffil.com
URL: http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
95d768658c194e25233d45e778f4605f84526de74b29bb69205cf8d1705e5aea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
Cookie
ASP.NET_SessionId=0oxrwmf4zz2jvjsg1bjmxfp4; uid=744634bf-6c69-408b-bed3-4e8b1a894563; unique=xTyLt=1; rotaror=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 14:23:31 GMT
Last-Modified
Wed, 21 Mar 2018 14:57:42 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c1776f624c1d31:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
133
DEatpbUos1474oh142332d200418u57a0a5fc98f
tr.novaffil.com/go/
6 KB
2 KB
Document
General
Full URL
http://tr.novaffil.com/go/DEatpbUos1474oh142332d200418u57a0a5fc98f?r=32895278
Requested by
Host: tr.novaffil.com
URL: http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f0eca8b399537224c13871530124d2c0e3f21f92a8e59fd0e3b6c0060c78cd45

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
Cookie
ASP.NET_SessionId=0oxrwmf4zz2jvjsg1bjmxfp4; uid=744634bf-6c69-408b-bed3-4e8b1a894563; unique=xTyLt=1; rotaror=; visible=Yes; iframe=No; opener=No; browsediniframe=No; tracking=http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 14:23:32 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Fri, 20 Apr 2018 14:23:32 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/html; charset=utf-8
Cache-Control
public, no-store, max-age=0
Content-Length
1957
Expires
Fri, 20 Apr 2018 14:23:32 GMT
Primary Request Cookie set /
play.leadzuaf.com/red/
Redirect Chain
  • http://ydr.to/s/C6P?pubref=DEatpbUos1474oh142332d200418u57a0a5fc98f&affpubid=tpbUo
  • http://ydr.to/s/2MK
  • https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
2 KB
2 KB
Document
General
Full URL
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
HTTP/1.1
Security
TLS 1.0, ECDHE_RSA, AES_256_CBC
Server
212.92.39.33 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software
Apache /
Resource Hash
08bc1301467bdf65c86ffff26717a8251420770f4f78ece0a0026daab859ea78

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
play.leadzuaf.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://tr.novaffil.com/go/DEatpbUos1474oh142332d200418u57a0a5fc98f?r=32895278
Connection
keep-alive
Cache-Control
no-cache
Referer
http://tr.novaffil.com/go/DEatpbUos1474oh142332d200418u57a0a5fc98f?r=32895278
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 14:23:32 GMT
Connection
close
Server
Apache
Set-Cookie
leadzu_seen_0AZE=%5B%5D; expires=Fri, 20-Apr-2018 17:23:32 GMT; Max-Age=10800; path=/; domain=.leadzuaf.com
Content-Type
text/html; charset=UTF-8
Content-Length
2207
P3P
CP="NOI ADM DEV COM NAV OUR STP"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Apr 2018 14:23:32 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Location
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Cache-Control
max-age=0 must-revalidate no-cache no-store
Connection
keep-alive
Expires
0
1510144915_4ae8d197f42f.css
img.mobusi.com/ad/9/j/3/
6 KB
2 KB
Stylesheet
General
Full URL
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
10e4c171bb56eb7cf4a4f0bc0119865220ba0d80ea910a3416de2ecb33e30514

Request headers

Referer
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 14:23:32 GMT
content-encoding
gzip
cdn-cache-hit
1
last-modified
Wed, 08 Nov 2017 12:41:55 GMT
server
leasewebcdn/5.4.2
etag
W/"2597815248"
content-type
text/css
status
200
cdn-cache
HIT
cdn-node
FRA1-SO03001
css
fonts.googleapis.com/
652 B
330 B
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
SPDY
Server
216.58.214.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f106.1e100.net
Software
ESF /
Resource Hash
a08222c333ef92c1156477022cdb6f0a46f1555cd916ef2416a8d62dd703eb6e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 14:23:32 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Fri, 20 Apr 2018 14:23:32 GMT
pcz1jgde-2_1523983718.jpg
img.mobusi.com/ad/9/m/d/
49 KB
49 KB
Image
General
Full URL
https://img.mobusi.com/ad/9/m/d/pcz1jgde-2_1523983718.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
fed11a003e6099354b4e9265bd2423161e6cddbae6e593b350f7581e34afc954

Request headers

Referer
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 14:23:32 GMT
cdn-cache-hit
1
last-modified
Tue, 17 Apr 2018 16:48:44 GMT
server
leasewebcdn/5.4.2
etag
"1916893501"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
50403
cdn-node
FRA1-SO03001
1510132855_699f2a3cb94d.jpg
img.mobusi.com/ad/n/2/1/
16 KB
17 KB
Image
General
Full URL
https://img.mobusi.com/ad/n/2/1/1510132855_699f2a3cb94d.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
07b52b0bfd07bcca772a01a8af6fbea0bde2fd7f162924fc574c68de57fe09f0

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 14:23:32 GMT
cdn-cache-hit
1
last-modified
Wed, 08 Nov 2017 09:20:55 GMT
server
leasewebcdn/5.4.2
etag
"3460979681"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
16831
cdn-node
FRA1-SO03001
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/
57 KB
29 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
SPDY
Server
216.58.214.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f99.1e100.net
Software
sffe /
Resource Hash
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Origin
https://play.leadzuaf.com

Response headers

date
Fri, 23 Feb 2018 11:30:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4848762
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29554
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:24:09 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Feb 2019 11:30:50 GMT
1510071550_f2f2337d2fc8.jpg
img.mobusi.com/ad/b/8/n/
22 KB
22 KB
Image
General
Full URL
https://img.mobusi.com/ad/b/8/n/1510071550_f2f2337d2fc8.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
f4a3d56706ed98adcf25500097f25ee1ccb6459435e2b9566613d47031dd7d24

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 14:23:32 GMT
cdn-cache-hit
1
last-modified
Tue, 07 Nov 2017 16:19:10 GMT
server
leasewebcdn/5.4.2
etag
"1988099904"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
22836
cdn-node
FRA1-SO03001
1508421592_e4f95ad93bf9.png
img.mobusi.com/ad/g/0/s/
3 KB
3 KB
Image
General
Full URL
https://img.mobusi.com/ad/g/0/s/1508421592_e4f95ad93bf9.png
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
f5626010476be4549e7c17257fb8ce3b5cca4188accd51dddb3852f99835177a

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 14:23:32 GMT
cdn-cache-hit
1
last-modified
Thu, 19 Oct 2017 13:59:52 GMT
server
leasewebcdn/5.4.2
etag
"2054276222"
content-type
image/png
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
3073
cdn-node
FRA1-SO03001
S6u9w4BMUTPHh50XSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/
54 KB
28 KB
Font
General
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPHA.ttf
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Protocol
SPDY
Server
216.58.214.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f99.1e100.net
Software
sffe /
Resource Hash
21a944aae4aa197042ae42774f505b7c61f0d1a821d52337ef653deae817a9e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Origin
https://play.leadzuaf.com

Response headers

date
Mon, 12 Feb 2018 18:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5772466
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
28567
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:58 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Feb 2019 18:55:46 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.leadzuaf.com/ Name: leadzu_seen_0AZE
Value: %5B%5D