play.leadzuaf.com
Open in
urlscan Pro
212.92.39.33
Public Scan
Effective URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Submission: On April 20 via manual from GB
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 23rd 2017. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 95.173.180.163 95.173.180.163 | 51559 (NETINTERNET) (NETINTERNET) | |
1 1 | 104.27.142.223 104.27.142.223 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 104.27.145.143 104.27.145.143 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 34.252.150.25 34.252.150.25 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
1 1 | 52.19.27.232 52.19.27.232 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 91.213.228.131 91.213.228.131 | 198477 (MEDGR-NET) (MEDGR-NET) | |
2 2 | 79.171.200.160 79.171.200.160 | 34031 (JD-AS) (JD-AS) | |
1 | 212.92.39.33 212.92.39.33 | 24592 (NEXICA-AS) (NEXICA-AS) | |
5 | 89.255.250.53 89.255.250.53 | 60626 (LEASEWEBCDN) (LEASEWEBCDN) | |
1 | 216.58.214.106 216.58.214.106 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 216.58.214.99 216.58.214.99 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
13 | 6 |
ASN51559 (NETINTERNET, TR)
PTR: web.kaydet.net
kameleon.bydirector.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ardentdate.info |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
findthegirl.info |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-150-25.eu-west-1.compute.amazonaws.com
securecloud-smart.com |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-27-232.eu-west-1.compute.amazonaws.com
securessl-smart.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f106.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f99.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
mobusi.com
img.mobusi.com |
94 KB |
3 |
novaffil.com
tr.novaffil.com |
7 KB |
2 |
gstatic.com
fonts.gstatic.com |
57 KB |
2 |
ydr.to
2 redirects
ydr.to |
699 B |
1 |
googleapis.com
fonts.googleapis.com |
330 B |
1 |
leadzuaf.com
play.leadzuaf.com |
2 KB |
1 |
securessl-smart.com
1 redirects
securessl-smart.com |
2 KB |
1 |
securecloud-smart.com
1 redirects
securecloud-smart.com |
407 B |
1 |
findthegirl.info
1 redirects
findthegirl.info |
1 KB |
1 |
ardentdate.info
1 redirects
ardentdate.info |
430 B |
1 |
bydirector.com
kameleon.bydirector.com |
287 B |
13 | 11 |
Domain | Requested by | |
---|---|---|
5 | img.mobusi.com |
play.leadzuaf.com
|
3 | tr.novaffil.com |
tr.novaffil.com
|
2 | fonts.gstatic.com |
play.leadzuaf.com
|
2 | ydr.to | 2 redirects |
1 | fonts.googleapis.com |
play.leadzuaf.com
|
1 | play.leadzuaf.com | |
1 | securessl-smart.com | 1 redirects |
1 | securecloud-smart.com | 1 redirects |
1 | findthegirl.info | 1 redirects |
1 | ardentdate.info | 1 redirects |
1 | kameleon.bydirector.com | |
13 | 11 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
leadzuin.com COMODO RSA Domain Validation Secure Server CA |
2017-05-23 - 2018-04-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181
Frame ID: 15934CDBE0B10DF83918416205902F47
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://kameleon.bydirector.com/media/editors/codemirror/mode/turtle/ Page URL
-
https://ardentdate.info/gjwsxjobhe
HTTP 302
http://findthegirl.info/gjwsxjobhe HTTP 302
http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack HTTP 302
http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=... HTTP 302
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436 Page URL
- http://tr.novaffil.com/go/DEatpbUos1474oh142332d200418u57a0a5fc98f?r=32895278 Page URL
-
http://ydr.to/s/C6P?pubref=DEatpbUos1474oh142332d200418u57a0a5fc98f&affpubid=tpbUo
HTTP 302
http://ydr.to/s/2MK HTTP 302
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181 Page URL
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://kameleon.bydirector.com/media/editors/codemirror/mode/turtle/ Page URL
-
https://ardentdate.info/gjwsxjobhe
HTTP 302
http://findthegirl.info/gjwsxjobhe HTTP 302
http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack HTTP 302
http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack&ref=http%3A%2F%2Fkameleon.bydirector.com%2Fmedia%2Feditors%2Fcodemirror%2Fmode%2Fturtle%2F HTTP 302
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436 Page URL
- http://tr.novaffil.com/go/DEatpbUos1474oh142332d200418u57a0a5fc98f?r=32895278 Page URL
-
http://ydr.to/s/C6P?pubref=DEatpbUos1474oh142332d200418u57a0a5fc98f&affpubid=tpbUo
HTTP 302
http://ydr.to/s/2MK HTTP 302
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e370536a48c8o150f55od29aad06cba0&tsp=1380181 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://ardentdate.info/gjwsxjobhe HTTP 302
- http://findthegirl.info/gjwsxjobhe HTTP 302
- http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack HTTP 302
- http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=BvUrUazKhWmGtETbKOZXqZzWKKQ&s3=notrack&ref=http%3A%2F%2Fkameleon.bydirector.com%2Fmedia%2Feditors%2Fcodemirror%2Fmode%2Fturtle%2F HTTP 302
- http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=7ec3186d29e74aa091f8d2a0332d23c9_28834&sub2=28436
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
kameleon.bydirector.com/media/editors/codemirror/mode/turtle/ |
75 B 287 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
tr.novaffil.com/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dmpc.png
tr.novaffil.com/img/ |
133 B 379 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DEatpbUos1474oh142332d200418u57a0a5fc98f
tr.novaffil.com/go/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
play.leadzuaf.com/red/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1510144915_4ae8d197f42f.css
img.mobusi.com/ad/9/j/3/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
652 B 330 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pcz1jgde-2_1523983718.jpg
img.mobusi.com/ad/9/m/d/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1510132855_699f2a3cb94d.jpg
img.mobusi.com/ad/n/2/1/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ |
57 KB 29 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1510071550_f2f2337d2fc8.jpg
img.mobusi.com/ad/b/8/n/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1508421592_e4f95ad93bf9.png
img.mobusi.com/ad/g/0/s/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
S6u9w4BMUTPHh50XSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ |
54 KB 28 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.leadzuaf.com/ | Name: leadzu_seen_0AZE Value: %5B%5D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
ardentdate.info
findthegirl.info
fonts.googleapis.com
fonts.gstatic.com
img.mobusi.com
kameleon.bydirector.com
play.leadzuaf.com
securecloud-smart.com
securessl-smart.com
tr.novaffil.com
ydr.to
104.27.142.223
104.27.145.143
212.92.39.33
216.58.214.106
216.58.214.99
34.252.150.25
52.19.27.232
79.171.200.160
89.255.250.53
91.213.228.131
95.173.180.163
07b52b0bfd07bcca772a01a8af6fbea0bde2fd7f162924fc574c68de57fe09f0
08bc1301467bdf65c86ffff26717a8251420770f4f78ece0a0026daab859ea78
10e4c171bb56eb7cf4a4f0bc0119865220ba0d80ea910a3416de2ecb33e30514
21a944aae4aa197042ae42774f505b7c61f0d1a821d52337ef653deae817a9e5
5325b464e6d4ee38938effddbf635299e888d2740b30aaf906d18dfa04bd1435
675df0ac583fffb3864cbafcdf52c67357bc019f5e7195ffa4e4418662fc2a7a
95d768658c194e25233d45e778f4605f84526de74b29bb69205cf8d1705e5aea
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
a08222c333ef92c1156477022cdb6f0a46f1555cd916ef2416a8d62dd703eb6e
f0eca8b399537224c13871530124d2c0e3f21f92a8e59fd0e3b6c0060c78cd45
f4a3d56706ed98adcf25500097f25ee1ccb6459435e2b9566613d47031dd7d24
f5626010476be4549e7c17257fb8ce3b5cca4188accd51dddb3852f99835177a
fed11a003e6099354b4e9265bd2423161e6cddbae6e593b350f7581e34afc954