urlscan.io logo urlscan.io
SecurityTrails logo

play.leadzuaf.com Open in urlscan Pro
212.92.39.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/
Effective URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Submission: On April 19 via manual from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 6 countries across 10 domains to perform 13 HTTP transactions. The main IP is 212.92.39.33, located in Barcelona, Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzuaf.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 23rd 2017. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 94.73.146.147 34619 (CIZGI)
1 1 104.27.142.223 13335 (CLOUDFLAR...)
1 1 104.27.144.143 13335 (CLOUDFLAR...)
2 2 52.19.27.232 16509 (AMAZON-02)
3 91.213.228.131 198477 (MEDGR-NET)
1 212.92.39.33 24592 (NEXICA-AS)
5 89.255.250.54 60626 (LEASEWEBCDN)
1 216.58.214.106 15169 (GOOGLE)
2 216.58.210.3 15169 (GOOGLE)
13 6
1    94.73.146.147 (Turkey)

ASN34619 (CIZGI, TR)
PTR: 94-73-146-147.cizgi.net.tr
antalyaresimcerceve.com
1    104.27.142.223 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ardentdate.info
1    104.27.144.143 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
findthegirl.info
2    52.19.27.232 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-27-232.eu-west-1.compute.amazonaws.com
securecloud-smart.com
securessl-smart.com
3    91.213.228.131 (Greece)

ASN198477 (MEDGR-NET, GR)
tr.novaffil.com
1    212.92.39.33 (Barcelona, Spain)

ASN24592 (NEXICA-AS, ES)
play.leadzuaf.com
5    89.255.250.54 (Netherlands)

ASN60626 (LEASEWEBCDN, NL)
img.mobusi.com
1    216.58.214.106 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f106.1e100.net
fonts.googleapis.com
2    216.58.210.3 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f3.1e100.net
fonts.gstatic.com
Domain Requested by
5 img.mobusi.com play.leadzuaf.com
3 tr.novaffil.com tr.novaffil.com
2 fonts.gstatic.com play.leadzuaf.com
1 fonts.googleapis.com play.leadzuaf.com
1 play.leadzuaf.com
1 securessl-smart.com 1 redirects
1 securecloud-smart.com 1 redirects
1 findthegirl.info 1 redirects
1 ardentdate.info 1 redirects
1 antalyaresimcerceve.com
13 10

This site contains no links.

Subject Issuer Validity Valid
leadzuin.com
COMODO RSA Domain Validation Secure Server CA		 2017-05-23 -
2018-04-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Frame ID: 9D27619F7D6C1E65D4F8FF8EE2F44D38
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/ Page URL
  2. https://ardentdate.info/gjwsxjobhe HTTP 302
    http://findthegirl.info/gjwsxjobhe HTTP 302
    http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack HTTP 302
    http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=... HTTP 302
    http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436 Page URL
  3. http://tr.novaffil.com/go/DEatpbUos1474oh155922d190418u2b1267780b3?r=52177017 Page URL
  4. https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubi... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /^LiteSpeed$/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

13
Requests

8 %
HTTPS

0 %
IPv6

10
Domains

10
Subdomains

6
IPs

6
Countries

161 kB
Transfer

228 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/ Page URL
  2. https://ardentdate.info/gjwsxjobhe HTTP 302
    http://findthegirl.info/gjwsxjobhe HTTP 302
    http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack HTTP 302
    http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack&ref=http%3A%2F%2Fantalyaresimcerceve.com%2Fmedia%2Fwidgetkit%2Fwidgets%2Fslideshow%2Flayouts%2F HTTP 302
    http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436 Page URL
  3. http://tr.novaffil.com/go/DEatpbUos1474oh155922d190418u2b1267780b3?r=52177017 Page URL
  4. https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ardentdate.info/gjwsxjobhe HTTP 302
  • http://findthegirl.info/gjwsxjobhe HTTP 302
  • http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack HTTP 302
  • http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack&ref=http%3A%2F%2Fantalyaresimcerceve.com%2Fmedia%2Fwidgetkit%2Fwidgets%2Fslideshow%2Flayouts%2F HTTP 302
  • http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/ 		75 B
378 B 		Document
General
Check archive.org
Download Go to
Full URL
http://antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/
Protocol
HTTP/1.1
Server
94.73.146.147 , Turkey, ASN34619 (CIZGI, TR),
Reverse DNS
94-73-146-147.cizgi.net.tr
Software
LiteSpeed /
Resource Hash
5325b464e6d4ee38938effddbf635299e888d2740b30aaf906d18dfa04bd1435

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
antalyaresimcerceve.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 19 Apr 2018 15:59:19 GMT
Content-Encoding
gzip
Last-Modified
Mon, 02 Apr 2018 19:23:40 GMT
Server
LiteSpeed
ntCoent-Length
75
Vary
Accept-Encoding
Content-Type
text/html
Connection
Keep-Alive
Accept-Ranges
bytes
Content-Length
91
Cookie set /
tr.novaffil.com/
Redirect Chain
  • https://ardentdate.info/gjwsxjobhe
  • http://findthegirl.info/gjwsxjobhe
  • http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack
  • http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack&ref=http%3A%2F%2Fantalyaresimcerceve.com%2Fmedia%2Fwidgetkit%2Fwidgets%2Fslideshow%2Fl...
  • http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
db12b8ec7141b906ba4d71955e3a1ce753d0c1423fbe31143f201f3b437dbd6b

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 19 Apr 2018 15:59:22 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Thu, 19 Apr 2018 15:59:22 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/html; charset=utf-8
Cache-Control
public, no-cache="Set-Cookie", no-store, max-age=0
Set-Cookie
ASP.NET_SessionId=wxo4jwrjketl0e3uel3pr2ow; path=/; HttpOnly uid=b56542cf-37f9-4bf2-ac3e-dd7eccff9eaa; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ unique=WgS54=1; expires=Thu, 19-Apr-2018 23:59:59 GMT; path=/
Content-Length
3448
Expires
Thu, 19 Apr 2018 15:59:22 GMT

Redirect headers

Date
Thu, 19 Apr 2018 15:59:22 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Language
en-US
Location
http://tr.novaffil.com?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
Set-Cookie
gdm_sid_v1_3_001=mfmpce8YRsMZAkU6IKyunRp6be9SJxMJOwZgY0j/AUbgOBh+v48E8sVKX697bwGCm8nyfpD6zt0P0kkrARBLIkBdKmlI8I95Lmmh0V0AG5Zry3WIgRHch8rrH2O867myBPioZftoNT470fF63NyOgdqd4RojmzYXOml14rHGSFqxyf8lvQto8GjAnjHOVvBCiZ2fKdhaaXbQvjobcCplBrmWkIWIiQN6VK+pJDCCdo9hv0j9EULaMAgf29hu2mNMS/Fe4TzkZT3VRy7DaffOrKQv+p1rrFB0JSar+JqNpMkHRIXs72N0QZnjj4CgrvOCbyhs1ednZNXCyz6m7CsRjiEoHIEQNnMpefaghKhZWOB0Kj+M0RI4ZZk9t9/pRrdFThH7kmC+jNugib7MzuiWPA/FHoGloe7/rixc+IUYI5Rr59O3NkrMGFM2LUsAzU1pz5yBMA+JzZBwS1SKPuX6Jem+zwqPODb4Tie4ZM7pYhc7QIK5BvV2OytH6c7rNYHC7h5uANqj351xIv0H3wPWMRaQ4rwaiUCHS++artdx4KEt8RKVDRWTCDUlqeWZDFhMT5dpA+q4Uim55USRY+RHM13cXyTFZXpZmIoqritstBjrSd70O253IbY12dSrqXchG9tKG4D0Jir20JjY4FhiNI2ZOoKNqbEa3WPTc5Mpcazb+f+9fKljpx12cM5QwOh2BzoL+/R8WIMcEKQHnOHgn1ifhPU6l0lqltRiro9rNNg3aCyvOMREsH4XoZoVFOXD1gw/uGfGQld6eYU4JSnz1X+0Dx8LETeXzQjzg05RTJXIsi+omhxpjuVCobRBWwkePPmi3k04ivyMIZEXvn3QxQUMhZUZHM5P7InGkkHwWmzPhyWLKVvjdhTSZ49qlyKUgu2r0FSr1Os6XAKZ+N7+xGE4jW+efhBrvFNtwOO2q4w4FWqqXXl5gnr1INf41pc+oMYMTImuAKB0oduAgIhD7jnWELHQRzvW6VywTYHZXM0kLgjbqJkiGo+Sy7X4DqynKBVVT5FaIRLRY6/vdcLQOccTv2lsG2bO3NtX0uqA15E=; Expires=Wed, 18-Jul-2018 15:59:22 GMT gdm_click_adv_freq_v1_1_001=Z3QDxQhErL/Po58Keh8wY4eSMNuU4FdFl3Szf42BRBdgk3bK91cREC+ghB6fOqWQ; Expires=Wed, 18-Jul-2018 15:59:22 GMT gdm_uid_v1_1_001=TxX61gZ8AK1L0l/Mfmcv/PUZPTrnb8o2y0u7VV08ccJaFhCia182fDfwRH5hxIJF; Expires=Wed, 18-Jul-2018 15:59:22 GMT gdm_click_freq_v1_1_001=eZHHqo8CCkSeFmsh51KhrrSvFfIJdRWOQOcs8ro5qggG5ehCHAwxkKCziIa4o3mO; Expires=Wed, 18-Jul-2018 15:59:22 GMT
Connection
keep-alive
Content-Type
text/html;charset=ISO-8859-1
dmpc.png
tr.novaffil.com/img/ 		133 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tr.novaffil.com/img/dmpc.png
Requested by
Host: tr.novaffil.com
URL: http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
95d768658c194e25233d45e778f4605f84526de74b29bb69205cf8d1705e5aea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
Cookie
ASP.NET_SessionId=wxo4jwrjketl0e3uel3pr2ow; uid=b56542cf-37f9-4bf2-ac3e-dd7eccff9eaa; unique=WgS54=1
Connection
keep-alive
Cache-Control
no-cache
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 19 Apr 2018 15:59:22 GMT
Last-Modified
Wed, 21 Mar 2018 14:57:42 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c1776f624c1d31:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
133
DEatpbUos1474oh155922d190418u2b1267780b3
tr.novaffil.com/go/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tr.novaffil.com/go/DEatpbUos1474oh155922d190418u2b1267780b3?r=52177017
Requested by
Host: tr.novaffil.com
URL: http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
64d13110c647ccaa7da288a3645c6f5276241443214a0925f01858746f8cf48c

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
Cookie
ASP.NET_SessionId=wxo4jwrjketl0e3uel3pr2ow; uid=b56542cf-37f9-4bf2-ac3e-dd7eccff9eaa; unique=WgS54=1; visible=Yes; iframe=No; opener=No; browsediniframe=No; tracking=http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 19 Apr 2018 15:59:22 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Thu, 19 Apr 2018 15:59:22 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/html; charset=utf-8
Cache-Control
public, no-store, max-age=0
Content-Length
1984
Expires
Thu, 19 Apr 2018 15:59:22 GMT
Primary Request Cookie set /
play.leadzuaf.com/red/ 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
HTTP/1.1
Security
TLS 1.0, ECDHE_RSA, AES_256_CBC
Server
212.92.39.33 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software
Apache /
Resource Hash
832e53554723c2ff6c65515283df92efa4685c58806401de22aab4817e832911

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
play.leadzuaf.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://tr.novaffil.com/go/DEatpbUos1474oh155922d190418u2b1267780b3?r=52177017
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://tr.novaffil.com/go/DEatpbUos1474oh155922d190418u2b1267780b3?r=52177017
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Thu, 19 Apr 2018 15:59:22 GMT
Connection
close
Server
Apache
Set-Cookie
leadzu_seen_1K5Q=%5B%5D; expires=Thu, 19-Apr-2018 18:59:22 GMT; Max-Age=10800; path=/; domain=.leadzuaf.com
Content-Type
text/html; charset=UTF-8
Content-Length
2219
P3P
CP="NOI ADM DEV COM NAV OUR STP"
1510144915_4ae8d197f42f.css
img.mobusi.com/ad/9/j/3/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
SPDY
Server
89.255.250.54 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
10e4c171bb56eb7cf4a4f0bc0119865220ba0d80ea910a3416de2ecb33e30514

Request headers

Referer
https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 19 Apr 2018 15:59:23 GMT
content-encoding
gzip
cdn-cache-hit
1
last-modified
Wed, 08 Nov 2017 12:41:55 GMT
server
leasewebcdn/5.4.2
etag
W/"4267133809"
content-type
text/css
status
200
cdn-cache
HIT
cdn-node
FRA1-SO03022
css
fonts.googleapis.com/ 		652 B
332 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
SPDY
Server
216.58.214.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f106.1e100.net
Software
ESF /
Resource Hash
a08222c333ef92c1156477022cdb6f0a46f1555cd916ef2416a8d62dd703eb6e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 19 Apr 2018 15:59:23 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Thu, 19 Apr 2018 15:59:23 GMT
pcz1jgde-2_1523983718.jpg
img.mobusi.com/ad/9/m/d/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/9/m/d/pcz1jgde-2_1523983718.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
SPDY
Server
89.255.250.54 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
fed11a003e6099354b4e9265bd2423161e6cddbae6e593b350f7581e34afc954

Request headers

Referer
https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 19 Apr 2018 15:59:23 GMT
cdn-cache-hit
1
last-modified
Tue, 17 Apr 2018 16:48:44 GMT
server
leasewebcdn/5.4.2
etag
"1078506914"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
50403
cdn-node
FRA1-SO03022
1510132855_699f2a3cb94d.jpg
img.mobusi.com/ad/n/2/1/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/n/2/1/1510132855_699f2a3cb94d.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
SPDY
Server
89.255.250.54 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
07b52b0bfd07bcca772a01a8af6fbea0bde2fd7f162924fc574c68de57fe09f0

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 19 Apr 2018 15:59:23 GMT
cdn-cache-hit
1
last-modified
Wed, 08 Nov 2017 09:20:55 GMT
server
leasewebcdn/5.4.2
etag
"3460979681"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
16831
cdn-node
FRA1-SO03022
1510071550_f2f2337d2fc8.jpg
img.mobusi.com/ad/b/8/n/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/b/8/n/1510071550_f2f2337d2fc8.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
SPDY
Server
89.255.250.54 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
f4a3d56706ed98adcf25500097f25ee1ccb6459435e2b9566613d47031dd7d24

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 19 Apr 2018 15:59:23 GMT
cdn-cache-hit
1
last-modified
Tue, 07 Nov 2017 16:19:10 GMT
server
leasewebcdn/5.4.2
etag
"1988099904"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
22836
cdn-node
FRA1-SO03022
1508421592_e4f95ad93bf9.png
img.mobusi.com/ad/g/0/s/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/g/0/s/1508421592_e4f95ad93bf9.png
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
SPDY
Server
89.255.250.54 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
f5626010476be4549e7c17257fb8ce3b5cca4188accd51dddb3852f99835177a

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Thu, 19 Apr 2018 15:59:23 GMT
cdn-cache-hit
1
last-modified
Thu, 19 Oct 2017 13:59:52 GMT
server
leasewebcdn/5.4.2
etag
"977308399"
content-type
image/png
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
3073
cdn-node
FRA1-SO03022
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ 		57 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
SPDY
Server
216.58.210.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f3.1e100.net
Software
sffe /
Resource Hash
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Origin
https://play.leadzuaf.com

Response headers

date
Fri, 23 Feb 2018 11:30:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4768113
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29554
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:24:09 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Feb 2019 11:30:50 GMT
S6u9w4BMUTPHh50XSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ 		54 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPHA.ttf
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Protocol
SPDY
Server
216.58.210.3 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s07-in-f3.1e100.net
Software
sffe /
Resource Hash
21a944aae4aa197042ae42774f505b7c61f0d1a821d52337ef653deae817a9e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Origin
https://play.leadzuaf.com

Response headers

date
Mon, 12 Feb 2018 18:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5691817
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
28567
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:58 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Feb 2019 18:55:46 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.leadzuaf.com/ Name: leadzu_seen_1K5Q
Value: %5B%5D