playuncensored.com
Open in
urlscan Pro
68.169.89.142
Public Scan
Effective URL: https://playuncensored.com/f1/index.php?t=Ex-Native&tk=ZjhiNDQwYzQ3OTcyY2VkZWEwMjEzOGQzNTA0ODNkZjIgMTU1OTAxNzQxNSAxIDE=
Submission: On May 28 via manual from AU
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on February 11th 2019. Valid for: a year.
This is the only time playuncensored.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 1 | 209.239.160.12 209.239.160.12 | 29789 (REFLECTED) (REFLECTED - Reflected Networks) | |
1 | 95.211.229.246 95.211.229.246 | 60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands) | |
1 2 | 68.169.89.142 68.169.89.142 | 23393 (NUCDN) (NUCDN - NuCDN LLC) | |
7 | 151.139.128.10 151.139.128.10 | 20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group) | |
4 | 2606:4700::68... 2606:4700::6810:d0a5 | 13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare) | |
13 | 4 |
ASN29789 (REFLECTED - Reflected Networks, Inc., US)
www.al4a.com |
ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
cdn2.playuncensored.com |
ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)
cdn.onesignal.com | |
onesignal.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
9 |
playuncensored.com
1 redirects
playuncensored.com cdn2.playuncensored.com |
170 KB |
4 |
onesignal.com
cdn.onesignal.com onesignal.com |
59 KB |
1 |
dynsrvbaa.com
main.dynsrvbaa.com |
771 B |
1 |
al4a.com
1 redirects
www.al4a.com |
523 B |
13 | 4 |
Domain | Requested by | |
---|---|---|
7 | cdn2.playuncensored.com |
playuncensored.com
|
2 | onesignal.com |
cdn.onesignal.com
|
2 | cdn.onesignal.com |
playuncensored.com
cdn.onesignal.com |
2 | playuncensored.com | 1 redirects |
1 | main.dynsrvbaa.com | |
1 | www.al4a.com | 1 redirects |
13 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
playuncensored.com Sectigo RSA Domain Validation Secure Server CA |
2019-02-11 - 2020-02-11 |
a year | crt.sh |
cdn2.playuncensored.com Sectigo RSA Domain Validation Secure Server CA |
2019-05-15 - 2019-08-13 |
3 months | crt.sh |
ssl473492.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2 |
2019-01-22 - 2019-07-31 |
6 months | crt.sh |
This page contains 2 frames:
Primary Page:
https://playuncensored.com/f1/index.php?t=Ex-Native&tk=ZjhiNDQwYzQ3OTcyY2VkZWEwMjEzOGQzNTA0ODNkZjIgMTU1OTAxNzQxNSAxIDE=
Frame ID: CEC25DF448C71DC749812927DF958C46
Requests: 12 HTTP requests in this frame
Frame:
https://onesignal.com/webPushAnalytics
Frame ID: DC8E9775A5C30C12CE1D573659F486E3
Requests: 1 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
-
https://www.al4a.com/includes/ebl.php?XcJ4N=bWFpbi5keW5zcnZiYWEuY29tL2NsaWNrLnBocD9kYXRhPUlId3lOe...
HTTP 302
http://main.dynsrvbaa.com/click.php?data=IHwyNzE3ODk3fHxodHRwcyUzQSUyRiUyRnBsYXl1bmNlbnNvcmVkLmNvbSUyR... Page URL
-
https://playuncensored.com/f1/index.php?t=Ex-Native
HTTP 302
https://playuncensored.com/f1/index.php?t=Ex-Native&tk=ZjhiNDQwYzQ3OTcyY2VkZWEwMjEzOGQzNTA0ODNkZjIgMTU1... Page URL
Detected technologies
PHP (Programming Languages) ExpandDetected patterns
- url /\.php(?:$|\?)/i
Nginx (Web Servers) Expand
Detected patterns
- headers server /nginx(?:\/([\d.]+))?/i
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://www.al4a.com/includes/ebl.php?XcJ4N=bWFpbi5keW5zcnZiYWEuY29tL2NsaWNrLnBocD9kYXRhPUlId3lOekUzT0RrM2ZIeG9kSFJ3Y3lVelFTVXlSaVV5Um5Cc1lYbDFibU5sYm5OdmNtVmtMbU52YlNVeVJtWXhKVEpHYVc1a1pYZ3VjR2h3SlROR2RDVXpSRVY0TFU1aGRHbDJaWHg4ZkRCOGZERTFOVGt3TVRjeE1EaDhZV3cwWVM1amIyMThNVEl5TGpFd055NDROQzR4TkRkOGZESTFNRE13T1RRemZESTJNelF3TlROOE5UQTRmSHcwTVh3eWZEUXdmREI4TUh4OGZERjhNSHg4ZkRJeE5ueDhNWHd3Zkh3eGZEQjhNSHdnSUh4OE1Yd3dmREI4TUh3d2ZESXhOVFUwTURCOE1Id3lNVFV3TnpZM2ZIQm9jRjh6TGpWOGZEQjhOeko4ZkRCOE1IeFBTM3hqWkdFeE1tRmlOakl5TVROa05qaGxObUk1Tm1ReE5tVm1NelJsTTJOa05BJTNEJTNE
HTTP 302
http://main.dynsrvbaa.com/click.php?data=IHwyNzE3ODk3fHxodHRwcyUzQSUyRiUyRnBsYXl1bmNlbnNvcmVkLmNvbSUyRmYxJTJGaW5kZXgucGhwJTNGdCUzREV4LU5hdGl2ZXx8fDB8fDE1NTkwMTcxMDh8YWw0YS5jb218MTIyLjEwNy44NC4xNDd8fDI1MDMwOTQzfDI2MzQwNTN8NTA4fHw0MXwyfDQwfDB8MHx8fDF8MHx8fDIxNnx8MXwwfHwxfDB8MHwgIHx8MXwwfDB8MHwwfDIxNTU0MDB8MHwyMTUwNzY3fHBocF8zLjV8fDB8NzJ8fDB8MHxPS3xjZGExMmFiNjIyMTNkNjhlNmI5NmQxNmVmMzRlM2NkNA%3D%3D Page URL
-
https://playuncensored.com/f1/index.php?t=Ex-Native
HTTP 302
https://playuncensored.com/f1/index.php?t=Ex-Native&tk=ZjhiNDQwYzQ3OTcyY2VkZWEwMjEzOGQzNTA0ODNkZjIgMTU1OTAxNzQxNSAxIDE= Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 0- https://www.al4a.com/includes/ebl.php?XcJ4N=bWFpbi5keW5zcnZiYWEuY29tL2NsaWNrLnBocD9kYXRhPUlId3lOekUzT0RrM2ZIeG9kSFJ3Y3lVelFTVXlSaVV5Um5Cc1lYbDFibU5sYm5OdmNtVmtMbU52YlNVeVJtWXhKVEpHYVc1a1pYZ3VjR2h3SlROR2RDVXpSRVY0TFU1aGRHbDJaWHg4ZkRCOGZERTFOVGt3TVRjeE1EaDhZV3cwWVM1amIyMThNVEl5TGpFd055NDROQzR4TkRkOGZESTFNRE13T1RRemZESTJNelF3TlROOE5UQTRmSHcwTVh3eWZEUXdmREI4TUh4OGZERjhNSHg4ZkRJeE5ueDhNWHd3Zkh3eGZEQjhNSHdnSUh4OE1Yd3dmREI4TUh3d2ZESXhOVFUwTURCOE1Id3lNVFV3TnpZM2ZIQm9jRjh6TGpWOGZEQjhOeko4ZkRCOE1IeFBTM3hqWkdFeE1tRmlOakl5TVROa05qaGxObUk1Tm1ReE5tVm1NelJsTTJOa05BJTNEJTNE HTTP 302
- http://main.dynsrvbaa.com/click.php?data=IHwyNzE3ODk3fHxodHRwcyUzQSUyRiUyRnBsYXl1bmNlbnNvcmVkLmNvbSUyRmYxJTJGaW5kZXgucGhwJTNGdCUzREV4LU5hdGl2ZXx8fDB8fDE1NTkwMTcxMDh8YWw0YS5jb218MTIyLjEwNy44NC4xNDd8fDI1MDMwOTQzfDI2MzQwNTN8NTA4fHw0MXwyfDQwfDB8MHx8fDF8MHx8fDIxNnx8MXwwfHwxfDB8MHwgIHx8MXwwfDB8MHwwfDIxNTU0MDB8MHwyMTUwNzY3fHBocF8zLjV8fDB8NzJ8fDB8MHxPS3xjZGExMmFiNjIyMTNkNjhlNmI5NmQxNmVmMzRlM2NkNA%3D%3D
13 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
click.php
main.dynsrvbaa.com/ Redirect Chain
|
178 B 771 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
index.php
playuncensored.com/f1/ Redirect Chain
|
12 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Oswald-Bold-subset.woff2
cdn2.playuncensored.com/f1// |
4 KB 4 KB |
Font
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalSDK.js
cdn.onesignal.com/sdks/ |
17 KB 6 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gender.webp
cdn2.playuncensored.com/f1//images/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
mute.svg
cdn2.playuncensored.com/f1//images/ |
975 B 824 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
no-mute.svg
cdn2.playuncensored.com/f1//images/ |
1 KB 767 B |
Image
image/svg+xml |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-1.webp
cdn2.playuncensored.com/f1//images/ |
79 KB 79 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ |
212 KB 52 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
web
onesignal.com/api/v1/sync/7cb5d7e3-a223-4e04-9612-f9f31441dd59/ |
3 KB 2 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
character.webp
cdn2.playuncensored.com/f1//images/ |
17 KB 17 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bg-2.webp
cdn2.playuncensored.com/f1//images/ |
49 KB 49 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
webPushAnalytics
onesignal.com/ Frame DC8E |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
7 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| onselectstart object| onselectionchange function| queueMicrotask string| joinLink function| OneSignal number| __oneSignalSdkLoadCount function| __jp00 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
2 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
cdn.onesignal.com
cdn2.playuncensored.com
main.dynsrvbaa.com
onesignal.com
playuncensored.com
www.al4a.com
151.139.128.10
209.239.160.12
2606:4700::6810:d0a5
68.169.89.142
95.211.229.246
0e10b6e9c0b5b9586c6cdf307466474b438989e57732c2b41ec69b03b363533b
30d9e4b90e88f6aa211440cff833f7fafff20ce51db09d6bc860486923f0da73
4a0a7048c91048d2c7ebadf647023c3218cb6d6a77b1bf3e73a49387073ffcde
5ba40853b603420b9e4804981173329725bc02a1e3449e89a42f7ece21c1426e
63119862355fecb00ab5234a5aebdf81f0e565a3c57fd8f6dbfd147a65e1c9b7
63a23cb228a3b6e6a33e3a12e6c5bcdf13fe0b28346ccdadca36097a4b13ac50
92ad858762be0601090c22f9febc8885e0f21199e1f8dcafd620e69cf8f28d1d
b3abcb1c978c6b940630f0bbc293523e5db686fc1a2e7528ccb8272f32de4e20
d472a6e0c1db24ae23c82a791e5736d588ece28773fcc2de59cb629634d614c5
de17db4e0d74d7deb069198432d28fceecaafa9d87a79f892ab7d032df7e0e7d
f16a6366088bc5c81766124e34ea77d807685ab5a6582ce9227334a1ed1b82c9