play.leadzuaf.com
Open in
urlscan Pro
212.92.39.33
Public Scan
Effective URL: https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Submission: On April 19 via manual from CA
Summary
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 23rd 2017. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 94.73.146.147 94.73.146.147 | 34619 (CIZGI) (CIZGI) | |
1 1 | 104.27.142.223 104.27.142.223 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
1 1 | 104.27.144.143 104.27.144.143 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
2 2 | 52.19.27.232 52.19.27.232 | 16509 (AMAZON-02) (AMAZON-02 - Amazon.com) | |
3 | 91.213.228.131 91.213.228.131 | 198477 (MEDGR-NET) (MEDGR-NET) | |
1 | 212.92.39.33 212.92.39.33 | 24592 (NEXICA-AS) (NEXICA-AS) | |
5 | 89.255.250.54 89.255.250.54 | 60626 (LEASEWEBCDN) (LEASEWEBCDN) | |
1 | 216.58.214.106 216.58.214.106 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
2 | 216.58.210.3 216.58.210.3 | 15169 (GOOGLE) (GOOGLE - Google LLC) | |
13 | 6 |
ASN34619 (CIZGI, TR)
PTR: 94-73-146-147.cizgi.net.tr
antalyaresimcerceve.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ardentdate.info |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
findthegirl.info |
ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-27-232.eu-west-1.compute.amazonaws.com
securecloud-smart.com | |
securessl-smart.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f106.1e100.net
fonts.googleapis.com |
ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f3.1e100.net
fonts.gstatic.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
5 |
mobusi.com
img.mobusi.com |
94 KB |
3 |
novaffil.com
tr.novaffil.com |
7 KB |
2 |
gstatic.com
fonts.gstatic.com |
57 KB |
1 |
googleapis.com
fonts.googleapis.com |
332 B |
1 |
leadzuaf.com
play.leadzuaf.com |
2 KB |
1 |
securessl-smart.com
1 redirects
securessl-smart.com |
2 KB |
1 |
securecloud-smart.com
1 redirects
securecloud-smart.com |
412 B |
1 |
findthegirl.info
1 redirects
findthegirl.info |
1 KB |
1 |
ardentdate.info
1 redirects
ardentdate.info |
432 B |
1 |
antalyaresimcerceve.com
antalyaresimcerceve.com |
378 B |
13 | 10 |
Domain | Requested by | |
---|---|---|
5 | img.mobusi.com |
play.leadzuaf.com
|
3 | tr.novaffil.com |
tr.novaffil.com
|
2 | fonts.gstatic.com |
play.leadzuaf.com
|
1 | fonts.googleapis.com |
play.leadzuaf.com
|
1 | play.leadzuaf.com | |
1 | securessl-smart.com | 1 redirects |
1 | securecloud-smart.com | 1 redirects |
1 | findthegirl.info | 1 redirects |
1 | ardentdate.info | 1 redirects |
1 | antalyaresimcerceve.com | |
13 | 10 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
leadzuin.com COMODO RSA Domain Validation Secure Server CA |
2017-05-23 - 2018-04-26 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo
Frame ID: 9D27619F7D6C1E65D4F8FF8EE2F44D38
Requests: 13 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/ Page URL
-
https://ardentdate.info/gjwsxjobhe
HTTP 302
http://findthegirl.info/gjwsxjobhe HTTP 302
http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack HTTP 302
http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=... HTTP 302
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436 Page URL
- http://tr.novaffil.com/go/DEatpbUos1474oh155922d190418u2b1267780b3?r=52177017 Page URL
- https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubi... Page URL
Detected technologies
LiteSpeed (Web Servers) ExpandDetected patterns
- headers server /^LiteSpeed$/i
Google Font API (Font Scripts) Expand
Detected patterns
- html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/ Page URL
-
https://ardentdate.info/gjwsxjobhe
HTTP 302
http://findthegirl.info/gjwsxjobhe HTTP 302
http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack HTTP 302
http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack&ref=http%3A%2F%2Fantalyaresimcerceve.com%2Fmedia%2Fwidgetkit%2Fwidgets%2Fslideshow%2Flayouts%2F HTTP 302
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436 Page URL
- http://tr.novaffil.com/go/DEatpbUos1474oh155922d190418u2b1267780b3?r=52177017 Page URL
- https://play.leadzuaf.com/red/?code=B3HTJ7PV4TGU&a=tpbUo.DEatpbUos1474oh155922d190418u2b1267780b3&pubid=tpbUo Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 1- https://ardentdate.info/gjwsxjobhe HTTP 302
- http://findthegirl.info/gjwsxjobhe HTTP 302
- http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack HTTP 302
- http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=MjUNUKMbhkvKSNTkljNraBNGvwQ&s3=notrack&ref=http%3A%2F%2Fantalyaresimcerceve.com%2Fmedia%2Fwidgetkit%2Fwidgets%2Fslideshow%2Flayouts%2F HTTP 302
- http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=713c3b8e14874c2da2d48dbe17331b2e_28834&sub2=28436
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
/
antalyaresimcerceve.com/media/widgetkit/widgets/slideshow/layouts/ |
75 B 378 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Cookie set
/
tr.novaffil.com/ Redirect Chain
|
11 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dmpc.png
tr.novaffil.com/img/ |
133 B 379 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
DEatpbUos1474oh155922d190418u2b1267780b3
tr.novaffil.com/go/ |
6 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
play.leadzuaf.com/red/ |
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1510144915_4ae8d197f42f.css
img.mobusi.com/ad/9/j/3/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
css
fonts.googleapis.com/ |
652 B 332 B |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
pcz1jgde-2_1523983718.jpg
img.mobusi.com/ad/9/m/d/ |
49 KB 49 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1510132855_699f2a3cb94d.jpg
img.mobusi.com/ad/n/2/1/ |
16 KB 17 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1510071550_f2f2337d2fc8.jpg
img.mobusi.com/ad/b/8/n/ |
22 KB 22 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
1508421592_e4f95ad93bf9.png
img.mobusi.com/ad/g/0/s/ |
3 KB 3 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ |
57 KB 29 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET S |
S6u9w4BMUTPHh50XSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ |
54 KB 28 KB |
Font
font/ttf |
||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
1 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.leadzuaf.com/ | Name: leadzu_seen_1K5Q Value: %5B%5D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
antalyaresimcerceve.com
ardentdate.info
findthegirl.info
fonts.googleapis.com
fonts.gstatic.com
img.mobusi.com
play.leadzuaf.com
securecloud-smart.com
securessl-smart.com
tr.novaffil.com
104.27.142.223
104.27.144.143
212.92.39.33
216.58.210.3
216.58.214.106
52.19.27.232
89.255.250.54
91.213.228.131
94.73.146.147
07b52b0bfd07bcca772a01a8af6fbea0bde2fd7f162924fc574c68de57fe09f0
10e4c171bb56eb7cf4a4f0bc0119865220ba0d80ea910a3416de2ecb33e30514
21a944aae4aa197042ae42774f505b7c61f0d1a821d52337ef653deae817a9e5
5325b464e6d4ee38938effddbf635299e888d2740b30aaf906d18dfa04bd1435
64d13110c647ccaa7da288a3645c6f5276241443214a0925f01858746f8cf48c
832e53554723c2ff6c65515283df92efa4685c58806401de22aab4817e832911
95d768658c194e25233d45e778f4605f84526de74b29bb69205cf8d1705e5aea
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
a08222c333ef92c1156477022cdb6f0a46f1555cd916ef2416a8d62dd703eb6e
db12b8ec7141b906ba4d71955e3a1ce753d0c1423fbe31143f201f3b437dbd6b
f4a3d56706ed98adcf25500097f25ee1ccb6459435e2b9566613d47031dd7d24
f5626010476be4549e7c17257fb8ce3b5cca4188accd51dddb3852f99835177a
fed11a003e6099354b4e9265bd2423161e6cddbae6e593b350f7581e34afc954