urlscan.io logo urlscan.io
SecurityTrails logo

play.leadzuaf.com Open in urlscan Pro
217.13.124.95  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://souwenjian.com/images/bak/10/
Effective URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Submission: On April 20 via manual from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 7 countries across 12 domains to perform 13 HTTP transactions. The main IP is 217.13.124.95, located in Sant Joan Despi, Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzuaf.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on May 23rd 2017. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 27.126.176.139 38186 (FTG-AS-AP...)
1 1 104.27.143.223 13335 (CLOUDFLAR...)
1 1 104.27.145.143 13335 (CLOUDFLAR...)
1 1 34.252.150.25 16509 (AMAZON-02)
1 1 52.19.27.232 16509 (AMAZON-02)
3 91.213.228.131 198477 (MEDGR-NET)
1 1 212.32.250.2 60781 (LEASEWEB-...)
2 2 79.171.200.160 34031 (JD-AS)
1 217.13.124.95 24592 (NEXICA-AS)
5 89.255.250.53 60626 (LEASEWEBCDN)
1 216.58.214.106 15169 (GOOGLE)
2 216.58.214.99 15169 (GOOGLE)
13 6
1    27.126.176.139 (Central District, Hong Kong)

ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK)
souwenjian.com
1    104.27.143.223 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
ardentdate.info
1    104.27.145.143 (San Francisco, United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
findthegirl.info
1    34.252.150.25 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-34-252-150-25.eu-west-1.compute.amazonaws.com
securecloud-smart.com
1    52.19.27.232 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-27-232.eu-west-1.compute.amazonaws.com
securessl-smart.com
3    91.213.228.131 (Greece)

ASN198477 (MEDGR-NET, GR)
tr.novaffil.com
1    212.32.250.2 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
mottcp.go2affise.com
2    79.171.200.160 (Germany)

ASN34031 (JD-AS, DE)
ydr.to
1    217.13.124.95 (Sant Joan Despi, Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unnamed.nexica.net
play.leadzuaf.com
5    89.255.250.53 (Netherlands)

ASN60626 (LEASEWEBCDN, NL)
img.mobusi.com
1    216.58.214.106 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f106.1e100.net
fonts.googleapis.com
2    216.58.214.99 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f99.1e100.net
fonts.gstatic.com
Domain Requested by
5 img.mobusi.com play.leadzuaf.com
3 tr.novaffil.com tr.novaffil.com
2 fonts.gstatic.com play.leadzuaf.com
2 ydr.to 2 redirects
1 fonts.googleapis.com play.leadzuaf.com
1 play.leadzuaf.com
1 mottcp.go2affise.com 1 redirects
1 securessl-smart.com 1 redirects
1 securecloud-smart.com 1 redirects
1 findthegirl.info 1 redirects
1 ardentdate.info 1 redirects
1 souwenjian.com
13 12

This site contains no links.

Subject Issuer Validity Valid
leadzuin.com
COMODO RSA Domain Validation Secure Server CA		 2017-05-23 -
2018-04-26		 a year crt.sh

This page contains 1 frames:

Primary Page: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Frame ID: 6891C8002FD2761527FCC5F5E29A2E6D
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://souwenjian.com/images/bak/10/ Page URL
  2. https://ardentdate.info/gjwsxjobhe HTTP 302
    http://findthegirl.info/gjwsxjobhe HTTP 302
    http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=QyUlULOvFErpTZTEyxlVomXaLZk&s3=notrack HTTP 302
    http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=QyUlULOvFErpTZTEyxlVomXaLZk&s3=... HTTP 302
    http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436 Page URL
  3. http://tr.novaffil.com/go/DEatpbUos1474oh131422d200418u7353d05fc18?r=53581178 Page URL
  4. http://mottcp.go2affise.com/click?pid=123&offer_id=1858&sub5=DEatpbUos1474oh131422d200418u7353d05fc18&su... HTTP 302
    http://ydr.to/s/EXS?pubref=5ad9e7aaf07b3f0001268aa4&affpubid=123_tpbUo HTTP 302
    http://ydr.to/s/2MK HTTP 302
    https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • headers server /IIS(?:\/([\d.]+))?/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

13
Requests

8 %
HTTPS

0 %
IPv6

12
Domains

12
Subdomains

6
IPs

7
Countries

161 kB
Transfer

228 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://souwenjian.com/images/bak/10/ Page URL
  2. https://ardentdate.info/gjwsxjobhe HTTP 302
    http://findthegirl.info/gjwsxjobhe HTTP 302
    http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=QyUlULOvFErpTZTEyxlVomXaLZk&s3=notrack HTTP 302
    http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=QyUlULOvFErpTZTEyxlVomXaLZk&s3=notrack&ref=http%3A%2F%2Fsouwenjian.com%2Fimages%2Fbak%2F10%2F HTTP 302
    http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436 Page URL
  3. http://tr.novaffil.com/go/DEatpbUos1474oh131422d200418u7353d05fc18?r=53581178 Page URL
  4. http://mottcp.go2affise.com/click?pid=123&offer_id=1858&sub5=DEatpbUos1474oh131422d200418u7353d05fc18&sub1=tpbUo HTTP 302
    http://ydr.to/s/EXS?pubref=5ad9e7aaf07b3f0001268aa4&affpubid=123_tpbUo HTTP 302
    http://ydr.to/s/2MK HTTP 302
    https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://ardentdate.info/gjwsxjobhe HTTP 302
  • http://findthegirl.info/gjwsxjobhe HTTP 302
  • http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=QyUlULOvFErpTZTEyxlVomXaLZk&s3=notrack HTTP 302
  • http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=QyUlULOvFErpTZTEyxlVomXaLZk&s3=notrack&ref=http%3A%2F%2Fsouwenjian.com%2Fimages%2Fbak%2F10%2F HTTP 302
  • http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436

13 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
souwenjian.com/images/bak/10/ 		75 B
583 B 		Document
General
Check archive.org
Download Go to
Full URL
http://souwenjian.com/images/bak/10/
Protocol
HTTP/1.1
Server
27.126.176.139 Central District, Hong Kong, ASN38186 (FTG-AS-AP Forewin Telecom Group Limited, ISP at, HK),
Reverse DNS
Software
Microsoft-IIS/7.5 / WAF/2.0
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
souwenjian.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Cache-Control
no-cache
Connection
keep-alive
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 13:14:14 GMT
Content-Encoding
gzip
Last-Modified
Wed, 04 Apr 2018 02:29:20 GMT
Server
Microsoft-IIS/7.5
X-Powered-By
WAF/2.0
ETag
"0c075bcbccbd31:0"
Vary
Accept-Encoding
Content-Type
text/html
Set-Cookie
safedog-flow-item=; expires=Fri, 20-Arp-2018 16:00:14 GMT; domain=souwenjian.com; path=/
Accept-Ranges
bytes
Content-Length
188
Cookie set /
tr.novaffil.com/
Redirect Chain
  • https://ardentdate.info/gjwsxjobhe
  • http://findthegirl.info/gjwsxjobhe
  • http://securecloud-smart.com/?a=28436&c=124215&s1=165603&s2=QyUlULOvFErpTZTEyxlVomXaLZk&s3=notrack
  • http://securessl-smart.com/?a=28436&c=124215&oc=35341&sr=t&s1=165603&s2=QyUlULOvFErpTZTEyxlVomXaLZk&s3=notrack&ref=http%3A%2F%2Fsouwenjian.com%2Fimages%2Fbak%2F10%2F
  • http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
f878b20f6f8a5f954e9dafee660c00f72ae95d0d608d24ea9e647a4369eee841

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://souwenjian.com/images/bak/10/
Connection
keep-alive
Cache-Control
no-cache
Referer
http://souwenjian.com/images/bak/10/
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 13:14:22 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Fri, 20 Apr 2018 13:14:22 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/html; charset=utf-8
Cache-Control
public, no-cache="Set-Cookie", no-store, max-age=0
Set-Cookie
ASP.NET_SessionId=wbw4ozwzzr0gtwouct4wbh4m; path=/; HttpOnly uid=1227448f-115c-4e2e-881e-ec9a7fbb8698; expires=Fri, 31-Dec-9999 23:59:59 GMT; path=/ unique=HYMmZ=1; expires=Fri, 20-Apr-2018 23:59:59 GMT; path=/ rotaror=; expires=Fri, 20-Apr-2018 23:59:59 GMT; path=/
Content-Length
3445
Expires
Fri, 20 Apr 2018 13:14:22 GMT

Redirect headers

Date
Fri, 20 Apr 2018 13:14:21 GMT
Server
nginx
Transfer-Encoding
chunked
Content-Language
en-US
Location
http://tr.novaffil.com?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
Set-Cookie
gdm_click_freq_v1_1_001=eZHHqo8CCkSeFmsh51Khrg3/j436btHVud/ZSGPyhVT0xuA8QRMnUmGIjG/u+Bj1; Expires=Thu, 19-Jul-2018 13:14:21 GMT gdm_sid_v1_3_001=mkdaeZ7VuNZVOm+x4rFcCJmTP459s1LYhMARL5wCN6I8iH1u8DXClomS0ysXFTJh/0I+wpLR5AjZBQt5pBFaJ8iGw4Y1rvS/0ZmDbWdscNIsGD+Rq5p/IaTjiZTz5icSyer46onx13KProU2H0UYDe4/xjsPfVTJsCjQfJEoTEt0O6bQn4/MmOdA8altx4RrVNe/1V++mMsc/swhiQNURahaQg+lxjBRtkhoyRrSr2J9zQUZD82a1Am3fzAtUPC3ekgAeEED5mGb7WS2TBRYAu4sbixLmIjJws0axpEbrX3s59RM5AhAcKHZqvORp4HMxwnMhPjpQKhEo/rK1UJ4/eVnf1EECl6NOZ7aDo1OvNQenVERC0gtgwuyrzVvlM5Un/bOryL5tPkVZY+DSLPoLjfEZaao52QQyrRzl/et71Nu0bqsCbti3IiE9nJy0ZI0Ra4T7Vqx6dPhyhfs+qBXziu1Wtrg3YWbWDXc4bat8W6+nIbAiG68RIZNnpd7dctKb/5kFtvLCzrAdEuocE+iZ1zjWGmOGb97tmB++3WPRmQvBMfPZCZhwvp975kGtqG6AeMOsocDGWKoWBpH5rw/bF1kpMF0xm0N1WKP1QMSabjnrtXbKHHzWuMW8p3ThKHbiEG4+tFIt9+agpQ521WhZJiYaRy1OwM43QfpT4hK4dx685mQgcJ+BOs6nEkhvFbcMIj1yTD0BjkLjG8q+qIXhNvOt5S280KntwyXX6bn4l8m9KAuuyFKLRHYZw+mBwsX0IxuKhFFMI3EQ3OntYb4qLmwi6UYsj3zIrICJynZ/v55GfuizHov/IoOMY1VjMnvzlH317tvc2GJdXtnr8Lsyn1qBoA69TimzEvQ72lZnRXvgMLkQWImkQp9iUm/6lqX/Pu+ve1yaanoqKeTDtOcheLKLoVcQF10i5jM3c0dhD+JwvHwpVhHk8IZdvBLq/HkB48EMiQ8/pFAa2RqaMEJn8HkYDynSvZEYZO9z8dkt1V9mMWtts+SqGs/3fRg92Bo; Expires=Thu, 19-Jul-2018 13:14:21 GMT gdm_uid_v1_1_001=+i0CT5T6VHx5RdxCXjM4xnMQGtWEL7+Dgr3Xhl6EDM19VM2B2O9XwFW9bDFUMLPf; Expires=Thu, 19-Jul-2018 13:14:21 GMT gdm_click_adv_freq_v1_1_001=Z3QDxQhErL/Po58Keh8wY4iEm6Sa4r/QsSAXXsKYTpb8ifn9V6hfvl3L8NpbYDt+; Expires=Thu, 19-Jul-2018 13:14:21 GMT
Connection
keep-alive
Content-Type
text/html;charset=ISO-8859-1
dmpc.png
tr.novaffil.com/img/ 		133 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://tr.novaffil.com/img/dmpc.png
Requested by
Host: tr.novaffil.com
URL: http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
95d768658c194e25233d45e778f4605f84526de74b29bb69205cf8d1705e5aea

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
image/webp,image/apng,image/*,*/*;q=0.8
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
Cookie
ASP.NET_SessionId=wbw4ozwzzr0gtwouct4wbh4m; uid=1227448f-115c-4e2e-881e-ec9a7fbb8698; unique=HYMmZ=1; rotaror=
Connection
keep-alive
Cache-Control
no-cache
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 13:14:22 GMT
Last-Modified
Wed, 21 Mar 2018 14:57:42 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"c1776f624c1d31:0"
Content-Type
image/png
Accept-Ranges
bytes
Content-Length
133
DEatpbUos1474oh131422d200418u7353d05fc18
tr.novaffil.com/go/ 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://tr.novaffil.com/go/DEatpbUos1474oh131422d200418u7353d05fc18?r=53581178
Requested by
Host: tr.novaffil.com
URL: http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
Protocol
HTTP/1.1
Server
91.213.228.131 , Greece, ASN198477 (MEDGR-NET, GR),
Reverse DNS
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
tr.novaffil.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
Cookie
ASP.NET_SessionId=wbw4ozwzzr0gtwouct4wbh4m; uid=1227448f-115c-4e2e-881e-ec9a7fbb8698; unique=HYMmZ=1; rotaror=; visible=Yes; iframe=No; opener=No; browsediniframe=No; tracking=http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
Connection
keep-alive
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
Referer
http://tr.novaffil.com/?s=1474o&a=tpbUo&sub1=0a06093476a24324b5a2d0646c97848f_28834&sub2=28436
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 13:14:23 GMT
Content-Encoding
gzip
X-AspNetMvc-Version
5.2
Last-Modified
Fri, 20 Apr 2018 13:14:23 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
Vary
*
Content-Type
text/html; charset=utf-8
Cache-Control
public, no-store, max-age=0
Content-Length
1982
Expires
Fri, 20 Apr 2018 13:14:23 GMT
Primary Request Cookie set /
play.leadzuaf.com/red/
Redirect Chain
  • http://mottcp.go2affise.com/click?pid=123&offer_id=1858&sub5=DEatpbUos1474oh131422d200418u7353d05fc18&sub1=tpbUo
  • http://ydr.to/s/EXS?pubref=5ad9e7aaf07b3f0001268aa4&affpubid=123_tpbUo
  • http://ydr.to/s/2MK
  • https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
HTTP/1.1
Security
TLS 1.0, ECDHE_RSA, AES_256_CBC
Server
217.13.124.95 Sant Joan Despi, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
unnamed.nexica.net
Software
Apache /
Resource Hash
49257a3faf782e1c9db424c3a3ef133fbf22451f09c6a781d2f54328d5ebf747

Request headers

Pragma
no-cache
Accept-Encoding
gzip, deflate
Host
play.leadzuaf.com
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer
http://tr.novaffil.com/go/DEatpbUos1474oh131422d200418u7353d05fc18?r=53581178
Connection
keep-alive
Cache-Control
no-cache
Referer
http://tr.novaffil.com/go/DEatpbUos1474oh131422d200418u7353d05fc18?r=53581178
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

Date
Fri, 20 Apr 2018 13:14:23 GMT
Connection
close
Server
Apache
Set-Cookie
leadzu_seen_0AZE=%5B%5D; expires=Fri, 20-Apr-2018 16:14:23 GMT; Max-Age=10800; path=/; domain=.leadzuaf.com
Content-Type
text/html; charset=UTF-8
Content-Length
2207
P3P
CP="NOI ADM DEV COM NAV OUR STP"

Redirect headers

Pragma
no-cache
Date
Fri, 20 Apr 2018 13:14:22 GMT
Server
nginx/1.4.6 (Ubuntu)
Transfer-Encoding
chunked
Location
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Cache-Control
max-age=0 must-revalidate no-cache no-store
Connection
keep-alive
Expires
0
1510144915_4ae8d197f42f.css
img.mobusi.com/ad/9/j/3/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
10e4c171bb56eb7cf4a4f0bc0119865220ba0d80ea910a3416de2ecb33e30514

Request headers

Referer
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 13:14:22 GMT
content-encoding
gzip
cdn-cache-hit
1
last-modified
Wed, 08 Nov 2017 12:41:55 GMT
server
leasewebcdn/5.4.2
etag
W/"2597815248"
content-type
text/css
status
200
cdn-cache
HIT
cdn-node
FRA1-SO03001
css
fonts.googleapis.com/ 		652 B
330 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
SPDY
Server
216.58.214.106 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f106.1e100.net
Software
ESF /
Resource Hash
a08222c333ef92c1156477022cdb6f0a46f1555cd916ef2416a8d62dd703eb6e
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 13:14:22 GMT
content-encoding
gzip
server
ESF
status
200
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
timing-allow-origin
*
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
x-xss-protection
1; mode=block
expires
Fri, 20 Apr 2018 13:14:22 GMT
pcz1jgde-2_1523983718.jpg
img.mobusi.com/ad/9/m/d/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/9/m/d/pcz1jgde-2_1523983718.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
fed11a003e6099354b4e9265bd2423161e6cddbae6e593b350f7581e34afc954

Request headers

Referer
https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 13:14:22 GMT
cdn-cache-hit
1
last-modified
Tue, 17 Apr 2018 16:48:44 GMT
server
leasewebcdn/5.4.2
etag
"1916893501"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
50403
cdn-node
FRA1-SO03001
1510132855_699f2a3cb94d.jpg
img.mobusi.com/ad/n/2/1/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/n/2/1/1510132855_699f2a3cb94d.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
07b52b0bfd07bcca772a01a8af6fbea0bde2fd7f162924fc574c68de57fe09f0

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 13:14:22 GMT
cdn-cache-hit
1
last-modified
Wed, 08 Nov 2017 09:20:55 GMT
server
leasewebcdn/5.4.2
etag
"3460979681"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
16831
cdn-node
FRA1-SO03001
S6u9w4BMUTPHh6UVSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ 		57 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPHA.ttf
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
SPDY
Server
216.58.214.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f99.1e100.net
Software
sffe /
Resource Hash
9cc39c759cd72b2f53c5c177a239eec038cf2a6614a686f150fdd59435df222f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Origin
https://play.leadzuaf.com

Response headers

date
Fri, 23 Feb 2018 11:30:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4844612
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
29554
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:24:09 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Feb 2019 11:30:50 GMT
1510071550_f2f2337d2fc8.jpg
img.mobusi.com/ad/b/8/n/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/b/8/n/1510071550_f2f2337d2fc8.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
f4a3d56706ed98adcf25500097f25ee1ccb6459435e2b9566613d47031dd7d24

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 13:14:22 GMT
cdn-cache-hit
1
last-modified
Tue, 07 Nov 2017 16:19:10 GMT
server
leasewebcdn/5.4.2
etag
"1988099904"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
22836
cdn-node
FRA1-SO03001
1508421592_e4f95ad93bf9.png
img.mobusi.com/ad/g/0/s/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/g/0/s/1508421592_e4f95ad93bf9.png
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
f5626010476be4549e7c17257fb8ce3b5cca4188accd51dddb3852f99835177a

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36

Response headers

date
Fri, 20 Apr 2018 13:14:22 GMT
cdn-cache-hit
1
last-modified
Thu, 19 Oct 2017 13:59:52 GMT
server
leasewebcdn/5.4.2
etag
"2054276222"
content-type
image/png
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
3073
cdn-node
FRA1-SO03001
S6u9w4BMUTPHh50XSwiPHA.ttf
fonts.gstatic.com/s/lato/v14/ 		54 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh50XSwiPHA.ttf
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=PMY9QB0V6BD3&a=162e331017d4141o150f55ofb163bdc9b41&tsp=1380181
Protocol
SPDY
Server
216.58.214.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s05-in-f99.1e100.net
Software
sffe /
Resource Hash
21a944aae4aa197042ae42774f505b7c61f0d1a821d52337ef653deae817a9e5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/65.0.3325.181 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Origin
https://play.leadzuaf.com

Response headers

date
Mon, 12 Feb 2018 18:55:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5768316
status
200
alt-svc
hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length
28567
x-xss-protection
1; mode=block
last-modified
Wed, 11 Oct 2017 18:23:58 GMT
server
sffe
vary
Accept-Encoding
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 12 Feb 2019 18:55:46 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.leadzuaf.com/ Name: leadzu_seen_0AZE
Value: %5B%5D