play.leadzuaf.com
Open in
urlscan Pro
217.13.124.96
Public Scan
Effective URL: https://play.leadzuaf.com/red/?code=2KKE0ZC39KLK&a=6808375195510767813&pubid=240
Submission: On March 26 via api from DE
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2019. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 103.224.182.249 103.224.182.249 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 4 | 103.224.182.206 103.224.182.206 | 133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited) | |
1 1 | 2606:4700:303... 2606:4700:3035::681c:f4a | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 2606:4700:303... 2606:4700:3031::6818:6e52 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 2 | 173.236.118.102 173.236.118.102 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
1 | 217.13.124.96 217.13.124.96 | 24592 (NEXICA-AS) (NEXICA-AS) | |
1 | 217.13.124.74 217.13.124.74 | 24592 (NEXICA-AS) (NEXICA-AS) | |
7 | 5 |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-182-249.above.com
xrpflix.xyz |
ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com
bidr.trellian.com |
ASN32475 (SINGLEHOP-LLC, US)
PTR: server04.com-2.mobi
click.affordableshape.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
4 |
trellian.com
1 redirects
bidr.trellian.com |
3 KB |
2 |
affordableshape.com
1 redirects
click.affordableshape.com |
4 KB |
1 |
fast-push.com
services.fast-push.com |
|
1 |
leadzuaf.com
play.leadzuaf.com |
1 KB |
1 |
click2partner.com
secure.click2partner.com |
438 B |
1 |
clicktrade.org
1 redirects
secure.clicktrade.org |
506 B |
1 |
xrpflix.xyz
1 redirects
xrpflix.xyz |
1 KB |
7 | 7 |
Domain | Requested by | |
---|---|---|
4 | bidr.trellian.com |
1 redirects
bidr.trellian.com
|
2 | click.affordableshape.com | 1 redirects |
1 | services.fast-push.com | |
1 | play.leadzuaf.com |
click.affordableshape.com
|
1 | secure.click2partner.com |
bidr.trellian.com
|
1 | secure.clicktrade.org | 1 redirects |
1 | xrpflix.xyz | 1 redirects |
7 | 7 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
sni.cloudflaressl.com CloudFlare Inc ECC CA-2 |
2020-03-24 - 2020-10-09 |
7 months | crt.sh |
click.affordableshape.com Let's Encrypt Authority X3 |
2020-03-13 - 2020-06-11 |
3 months | crt.sh |
leadzuin.com Sectigo RSA Domain Validation Secure Server CA |
2019-05-20 - 2020-06-18 |
a year | crt.sh |
services.fast-push.com Let's Encrypt Authority X3 |
2020-03-16 - 2020-06-14 |
3 months | crt.sh |
This page contains 1 frames:
Frame:
https://services.fast-push.com/index.html?formato=331kow4c240&a=1585198380mb24439285789&target=BE
Frame ID: AEA042E909A87CF93AD2A1A2948DA060
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
http://xrpflix.xyz/
HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yO7ZKW%2Bnuy0XeKd%2FhqwR9%2BELWX%2BdghHdlbuACNo... Page URL
-
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrade.org%2Findex.php%3Fkey%3Dz6lzicrucf3l...
HTTP 302
https://secure.clicktrade.org/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=1636801621&sid=2020032615... HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campai... Page URL
- https://click.affordableshape.com/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2... Page URL
-
https://click.affordableshape.com/proc.php?1144286aeb41b744aaf7c31266ab4a21cede3fbe
HTTP 302
https://play.leadzuaf.com/red/?code=2KKE0ZC39KLK&a=6808375195510767813&pubid=240 Page URL
Detected technologies
Debian (Operating Systems) ExpandDetected patterns
- headers server /Debian/i
Apache (Web Servers) Expand
Detected patterns
- headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://xrpflix.xyz/
HTTP 302
http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yO7ZKW%2Bnuy0XeKd%2FhqwR9%2BELWX%2BdghHdlbuACNoGxLRUhhV72JtzXAU0evYwfFJaq01sjR3uADDYbXFWLDqcjsszWQFxftE%2FKJ1DqEeFjuxOjchEuU7fIHsYYUp9ftAdnYMgeadYy1y3Ddeu8lm%2Fr5bv6nIj3B5t%2FmhHECUPb9b2iHh%2FnSwGgf8jm26cTUX%2FnGIcXTgnqaqPdyJCnyV9qnEKqAptmFzjgjMk7qTu4kCqT2CnpSrJVDZuJM8bDqDnHNoUHVBGUtYgkFEDWugbvoGfTTFKIoNrygHXjaofR78JLDNH3k%2F7VGG0ZJU9ge%2FC3lSDyGfciYXImJ4ml6RG5s8NAV2S3hFfGTY6zubXCEDp3uw828SiMeufLag6%2FwYf3ED9bDSGEMChJDIC3gBOpY9T3iqTDXkdXrszRSKHeRlGH85ftnYQmB5Um%2F%2BSrj%2F7MJUMZTHI3JvUy2gSOtiocd7i%2FNqfeTaQ2AQD2tMUTtXRIkm50L%2BPPvI8Oeabm%2FL%2F9z2VBGXByHuuuiFRrVNKyoAKce7vZeoe%2ByaItBhtqNReTRxdML0n2E1Doe7fMy867pwSPq8wlQ%2FBJ20ck5iOAtNpyrBq6eHdKtKDYj63tZaz7oF7twCxHoS3frIh0Ce81fD8X5vv3pkXgn5BFR8cjEDhohlNK73ySKeSNRNEigqQj32cMRBO9pVWDm9QAOwSSLLwS5E%2FMi5huBHdJhYyL%2BM4D7%2Bp88Pm6FZ3r1zaL%2BTL61d6hbmFgxI2%2FZROsTxqLBM347Lv4q2z Page URL
-
http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrade.org%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D1636801621%26sid%3D20200326155257bda7c1b813410d79bd&s=j
HTTP 302
https://secure.clicktrade.org/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=1636801621&sid=20200326155257bda7c1b813410d79bd HTTP 302
https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=e9596xs8wntef2&url_bnm_redirect=https://click.affordableshape.com/ Page URL
- https://click.affordableshape.com/?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=e9596xs8wntef2 Page URL
-
https://click.affordableshape.com/proc.php?1144286aeb41b744aaf7c31266ab4a21cede3fbe
HTTP 302
https://play.leadzuaf.com/red/?code=2KKE0ZC39KLK&a=6808375195510767813&pubid=240 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- http://xrpflix.xyz/ HTTP 302
- http://bidr.trellian.com/r2.php?e=qzBy2CbrFCx2iAr9Vom1yO7ZKW%2Bnuy0XeKd%2FhqwR9%2BELWX%2BdghHdlbuACNoGxLRUhhV72JtzXAU0evYwfFJaq01sjR3uADDYbXFWLDqcjsszWQFxftE%2FKJ1DqEeFjuxOjchEuU7fIHsYYUp9ftAdnYMgeadYy1y3Ddeu8lm%2Fr5bv6nIj3B5t%2FmhHECUPb9b2iHh%2FnSwGgf8jm26cTUX%2FnGIcXTgnqaqPdyJCnyV9qnEKqAptmFzjgjMk7qTu4kCqT2CnpSrJVDZuJM8bDqDnHNoUHVBGUtYgkFEDWugbvoGfTTFKIoNrygHXjaofR78JLDNH3k%2F7VGG0ZJU9ge%2FC3lSDyGfciYXImJ4ml6RG5s8NAV2S3hFfGTY6zubXCEDp3uw828SiMeufLag6%2FwYf3ED9bDSGEMChJDIC3gBOpY9T3iqTDXkdXrszRSKHeRlGH85ftnYQmB5Um%2F%2BSrj%2F7MJUMZTHI3JvUy2gSOtiocd7i%2FNqfeTaQ2AQD2tMUTtXRIkm50L%2BPPvI8Oeabm%2FL%2F9z2VBGXByHuuuiFRrVNKyoAKce7vZeoe%2ByaItBhtqNReTRxdML0n2E1Doe7fMy867pwSPq8wlQ%2FBJ20ck5iOAtNpyrBq6eHdKtKDYj63tZaz7oF7twCxHoS3frIh0Ce81fD8X5vv3pkXgn5BFR8cjEDhohlNK73ySKeSNRNEigqQj32cMRBO9pVWDm9QAOwSSLLwS5E%2FMi5huBHdJhYyL%2BM4D7%2Bp88Pm6FZ3r1zaL%2BTL61d6hbmFgxI2%2FZROsTxqLBM347Lv4q2z
- http://bidr.trellian.com/r.php?u=https%3A%2F%2Fsecure.clicktrade.org%2Findex.php%3Fkey%3Dz6lzicrucf3l6lfp558m%26cpv%3D0.005%26subid%3D1636801621%26sid%3D20200326155257bda7c1b813410d79bd&s=j HTTP 302
- https://secure.clicktrade.org/index.php?key=z6lzicrucf3l6lfp558m&cpv=0.005&subid=1636801621&sid=20200326155257bda7c1b813410d79bd HTTP 302
- https://secure.click2partner.com/nlp/index.php?utm_medium=ded4240ced7be1491cb7a15d25000683ea21df45&utm_campaign=smartlink2&cid=e9596xs8wntef2&url_bnm_redirect=https://click.affordableshape.com/
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
r2.php
bidr.trellian.com/ Redirect Chain
|
2 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.js
bidr.trellian.com/javascript/ |
858 B 701 B |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
jscheck.php
bidr.trellian.com/ |
0 166 B |
XHR
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
index.php
secure.click2partner.com/nlp/ Redirect Chain
|
174 B 438 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
click.affordableshape.com/ |
9 KB 3 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
Cookie set
/
play.leadzuaf.com/red/ Redirect Chain
|
768 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
index.html
services.fast-push.com/ |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
2 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onformdata object| onpointerrawupdate2 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
.leadzuaf.com/ | Name: leadzu_seen_1KOW Value: %5B%5D |
|
.leadzuaf.com/red | Name: leadzu_seen_1KOW Value: %5B%5D |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
bidr.trellian.com
click.affordableshape.com
play.leadzuaf.com
secure.click2partner.com
secure.clicktrade.org
services.fast-push.com
xrpflix.xyz
103.224.182.206
103.224.182.249
173.236.118.102
217.13.124.74
217.13.124.96
2606:4700:3031::6818:6e52
2606:4700:3035::681c:f4a
075606168cc1b4faa7c36f03d36dd9a4bc38797c70b8a0cfe5a253667fb8472c
0766f527fcf931c99f93825401ea5d39f6cfe63b56bfd1050f9d1689a8266ab4
1d22b1bf77b2128065b15ade5b6002965e5036d33408c21cf7b14b117c687b51
a680daef7b49ad0d263c088f7ed50794b5247dea791d84bea0f010078465bbf2