urlscan.io logo urlscan.io
SecurityTrails logo

play.leadzuaf.com Open in urlscan Pro
217.13.124.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://1d61c60835e.trffcmpny.com/
Effective URL: https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976
Submission: On July 23 via manual from GR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 4 countries across 6 domains to perform 7 HTTP transactions. The main IP is 217.13.124.96, located in Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzuaf.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 13th 2020. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5.9.127.225 24940 (HETZNER-AS)
2 3 213.32.106.141 16276 (OVH)
1 172.64.105.7 13335 (CLOUDFLAR...)
1 31.170.100.126 201942 (SOLTIA)
1 3 173.236.118.102 32475 (SINGLEHOP...)
1 217.13.124.96 24592 (NEXICA-AS)
7 6
1    5.9.127.225 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.225.127.9.5.clients.your-server.de
1d61c60835e.trffcmpny.com
3    213.32.106.141 (France)

ASN16276 (OVH, FR)
www.content-mobile.club
1    172.64.105.7 (United States)

ASN13335 (CLOUDFLARENET, US)
internetious.com
1    31.170.100.126 (Spain)

ASN201942 (SOLTIA, ES)
track.fungiers.com
3    173.236.118.102 (Chicago, United States)

ASN32475 (SINGLEHOP-LLC, US)
bxt1.sponsides.com
1    217.13.124.96 (Spain)

ASN24592 (NEXICA-AS, ES)
play.leadzuaf.com
Domain Requested by
3 bxt1.sponsides.com 1 redirects bxt1.sponsides.com
3 www.content-mobile.club 2 redirects
1 play.leadzuaf.com bxt1.sponsides.com
1 track.fungiers.com
1 internetious.com www.content-mobile.club
1 1d61c60835e.trffcmpny.com
7 6

This site contains no links.

Subject Issuer Validity Valid
www.content-mobile.club
Let's Encrypt Authority X3		 2020-05-28 -
2020-08-26		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-06-08 -
2021-06-08		 a year crt.sh
track.ethinner.com
Let's Encrypt Authority X3		 2020-07-07 -
2020-10-05		 3 months crt.sh
bxt1.sponsides.com
Let's Encrypt Authority X3		 2020-06-10 -
2020-09-08		 3 months crt.sh
leadzuin.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-13 -
2021-07-13		 a year crt.sh

This page contains 1 frames:

Primary Page: https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976
Frame ID: 898DD5BD2AF428082AB9A7DFE5C3DD98
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://1d61c60835e.trffcmpny.com/ Page URL
  2. https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website= Page URL
  3. https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&eyeg=56... HTTP 302
    https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&oyeg=56... HTTP 301
    https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb... Page URL
  4. https://track.fungiers.com/203092/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b... Page URL
  5. https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M... Page URL
  6. https://bxt1.sponsides.com/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
  7. https://bxt1.sponsides.com/proc.php?4ae148ec72b6bbc527c9148192d1c002cd710687 HTTP 302
    https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976 Page URL

Page Statistics

7
Requests

86 %
HTTPS

0 %
IPv6

6
Domains

6
Subdomains

6
IPs

4
Countries

16 kB
Transfer

25 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://1d61c60835e.trffcmpny.com/ Page URL
  2. https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website= Page URL
  3. https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&eyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=1d61c60835e.trffcmpny.com HTTP 302
    https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&oyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=1d61c60835e.trffcmpny.com&eyeg=3 HTTP 301
    https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb88f817f90723-202007-flb&ext1=4715457-a245e&ext2=sl_4715457-a245e&aff_cid=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&aff_h=8d72c9799a70d2180f719264737e5efdd7a3b0d8** Page URL
  4. https://track.fungiers.com/203092/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lCH20HKPU090a560000RS00EM30TPJ804CPGFC00QR04CPG00000000/ Page URL
  5. https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020072309-0d6fa9b1c8d29d52603c41244832110f&kw1=203092 Page URL
  6. https://bxt1.sponsides.com/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d Page URL
  7. https://bxt1.sponsides.com/proc.php?4ae148ec72b6bbc527c9148192d1c002cd710687 HTTP 302
    https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2
  • https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&eyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=1d61c60835e.trffcmpny.com HTTP 302
  • https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&oyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=1d61c60835e.trffcmpny.com&eyeg=3 HTTP 301
  • https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb88f817f90723-202007-flb&ext1=4715457-a245e&ext2=sl_4715457-a245e&aff_cid=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&aff_h=8d72c9799a70d2180f719264737e5efdd7a3b0d8**

7 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Cookie set /
1d61c60835e.trffcmpny.com/ 		780 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://1d61c60835e.trffcmpny.com/
Protocol
HTTP/1.1
Server
5.9.127.225 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.225.127.9.5.clients.your-server.de
Software
/
Resource Hash
6c975fd0d3a43a039544f2269c6dc3d2efbfa8c2047d1ff32c562460bc80725c

Request headers

Host
1d61c60835e.trffcmpny.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Thu, 23 Jul 2020 09:42:40 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Vary
Accept-Encoding
Set-Cookie
t-uuid=5nlm3c80p670aknieqxc8k8ws; expires=Tue, 23-Jul-2030 09:42:40 GMT; Max-Age=315532800; path=/; domain=.trffcmpny.com traffic-visited-offers=150954%7C1595497360%7C150954%7Cunspecified; expires=Fri, 24-Jul-2020 09:42:40 GMT; Max-Age=86400; path=/; domain=.trffcmpny.com traffic-back=ok; expires=Thu, 23-Jul-2020 09:43:10 GMT; Max-Age=30; path=/; domain=.trffcmpny.com rts-trck=1; expires=Thu, 23-Jul-2020 09:52:40 GMT; Max-Age=600; path=/; domain=1d61c60835e.trffcmpny.com
Last-Modified
Thu, 23 Jul 2020 09:42:40 GMT
Expires
Thu, 23 Jul 2020 09:42:40 GMT
Cache-Control
no-store, no-cache, must-revalidate post-check=0, pre-check=0
Pragma
no-cache
X-Robots-Tag
noindex, nofollow
Content-Encoding
gzip
/
www.content-mobile.club/ 		4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.32.106.141 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
openresty /
Resource Hash
10a06bb5fa458abc358e1f84ff1b01cb558a1715f9f28f3fc6cb26295546e0ad

Request headers

Host
www.content-mobile.club
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
http://1d61c60835e.trffcmpny.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
http://1d61c60835e.trffcmpny.com/

Response headers

Server
openresty
Date
Thu, 23 Jul 2020 09:42:40 GMT
Content-Type
text/html
Transfer-Encoding
chunked
Connection
keep-alive
e9b43369-c77d-464a-bda4-b205cd94c15f
internetious.com/c/
Redirect Chain
  • https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&eyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=2...
  • https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&oyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=2...
  • https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb88f817f90723-202007-flb&ext1=4715457-a245e&ext2=sl_4715457-a245e&aff_cid=5nlm3c80ieysqfqjwj3kscg...
6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb88f817f90723-202007-flb&ext1=4715457-a245e&ext2=sl_4715457-a245e&aff_cid=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&aff_h=8d72c9799a70d2180f719264737e5efdd7a3b0d8**
Requested by
Host: www.content-mobile.club
URL: https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.105.7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51bed404a1045cb80e12b8db0637ca9b3ebf4ade76f3533308120ff365446ff5

Request headers

:method
GET
:authority
internetious.com
:scheme
https
:path
/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb88f817f90723-202007-flb&ext1=4715457-a245e&ext2=sl_4715457-a245e&aff_cid=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&aff_h=8d72c9799a70d2180f719264737e5efdd7a3b0d8**
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=

Response headers

status
200
date
Thu, 23 Jul 2020 09:42:41 GMT
content-type
text/html;charset=utf-8
set-cookie
__cfduid=d852f272a4b1b887e8faface85c070b941595497360; expires=Sat, 22-Aug-20 09:42:40 GMT; path=/; domain=.internetious.com; HttpOnly; SameSite=Lax; Secure m5LFa0B4kHq4uYzinbvAvbB1%2Bp2QNF%2B5QmXh2iLk44M%3D=0881b26c2efc69b0dbfc867d24094c5f_1595497360.9242; domain=internetious.com; path=/; expires=Sun, 21-Jul-2030 09:42:40 UTC VMInsBnHJRlZvMFLI8rBgwZQiHAIRdp5aVTAvH9UUKw%3D=1595497360.9315; domain=internetious.com; path=/; expires=Sun, 21-Jul-2030 09:42:40 UTC dyZO1zxF75RJLmcAXuJqOrYFT%2BtviVGhUkv9agwkxLs%3D=WHlvZ1RKeTY5eW1UQkpKSmh1Sjl3Vzk2aTRUcWJLaVZNMXBZbzAxTHJzdm9vNkMvWjMzNmFEby81NHhhVlkyMA%3D%3D; domain=internetious.com; path=/; expires=Sun, 21-Jul-2030 09:42:40 UTC 0881b26c2efc69b0dbfc867d24094c5f_1595497360.9242_ck=N3hQZmdab3cweW53akh4UnJQSEhNREtMZk9YOWtBaEdJZy95RTdSRi9rb2k1M1BQWjQySklvQjZqbG9XRFRMNHQ0UUE3RnZpWGtLenNnazluM1k0RXR5dktDR0ZiRTdIeHhYbE1zS0d5WVBlam5BdnVnZ21JS2RteFMzY0Nwang3MTRmU0xmTzNoWFZqQVAxSTFUMHJzNjU5ZjBxdG9BandvMHplK2lxaHhpKzhzR0o2YU9nNHpSYUZhTjZxQ1lEUzJTZ1BuSHpqRXZxaVVlSzF3V3pkNGxLSk4yMDhXaDBuOHcvQkFrTHd2NDRSTVRKM2dteFRqS0xMMFV4R0N3TEtoVm9WcFdlN3YxNlhwVm1FRnQzVjNuQXR2OXNsY3EySnNBRnBTMGo1Tm9RS3pmRlJ6UG5ONTNNK3hROFNMTzFrNStvRmdxL1pKWnVkTUt5OUdyUHNuR2c1TVcyVU5BcVdNM3dBUEh2YkRheCtoQS91SXhBd1cxZU1DUkp2ME5rNE9tQlBCaUdrd3hFU3U2ZEl5TVBMRUhhL3UrbUFoVm9FbG9pZFFZMGVWZUhLaURoOTZKQmhjYXhnaWhaU2txNTcyeGU0bVZzcXBjWXZRbFR5dERjdnl1MjVYQkYwQ3pwK2lCZUVqMGtGT3ByaG1xT0tVaVBSUmVRb25iWk5BRXJGck10aEhOYTJmU0h0Slh5QlB5UjZJcUhvUnhRdDlVVDUvQXdGdFd5Ni81UHk5UHQ5cTNCMmdhaTAwVHNaTEpGeTdQOFpXcWJIUHN3SWJvVFc3N2xRK0g5ZEd3dC9GWUxGc3czWVFUSFZGNFdoZzMxVU5Ha1N1VjNrS0M4b1FhLzlUL2lPU3ZEcnYzVGlwSDljUGJQZ2ZnbXI0bzJ4QjJmemVKYytTMTRtUkdYSXA4Tk1uVVVaTnlLRHZZV0FJV0dkT250ZUJLL0hUS21HVUxqbFBzY2tEY1NheGwzbERUK0dGM3phTlNMOS9YMHNUc09TRnZubHQzWk1oVW1UUnF3Wk9hSjQ5U29GOXR4d0VKVGluN0tPZ3ZtaGFjSjBFbC9neDAxYkFxZ0w3UVlvTlFaZENxVXBReWVRSzk4N1UrUWY4Z0VhWkxBU2txRWw0QmtodE9FaStqYTJsMjA3ZmZibGwxZDNEVWpYcmt6S3ZyYjhTd3QydGFMNW9lV0dtQ0dtekkzWmd6bHNXUDdxZEd4VjVqemEzYkZDOExMdlpON3J0alNWYkcrN1J6Y1JOR1djSkNpZGVCK2h6eFFVRDFxVGlJTFVUVXdpc0hlYlg3V1grdjFGY3l1NnpQR21kYkt1UlFIbW92Ny9tUXgwbzJnV3NXSlZZNXlJRmFVVXpXdDBwZWNZSURuZDdHTHNkSW9pbGRDY1FDT0t1ZW1Ua3RrYng2YlAybkR4WFJGZ0xUdGQ4RTVYVWl1ZkJsMjBsYmU4OHJXbEI4RGE2V1RMRTVuQ1lRb083REZtZkQxWiswWUxCcDd3ZmQ4dUwzOVdDcjAvM2t5NnpHT1RpVlp5NHloV3ZaVjQ3ZEZRbHFKNW8xTEtlWVZTK2lVRE5ab3ZReUNBZFI4V3F3Vmdib1FFcUNUaThVemZtcXBZVUtXTEhKUA%3D%3D; domain=internetious.com; path=/; expires=Sun, 21-Jul-2030 09:42:40 UTC %2FZW8fs1%2BvCABaguSKE9HpxaL%2FwYm48FwoQvyehz0ej0%3D=bFZZMml3V2F0cEtmZmQ3Z0llNVNEMVZPbnFvSE9IWnh6YUxIYnZ6cEJXTHMveTRqT0YwZFpoelRtZ282T0JibHc4QVVPeXphMEROaE1oNTZBUUlQOWV6L3RzRnJDeU9UUkJPNjVZalJobjQ9; domain=internetious.com; path=/; expires=Thu, 23-Jul-2020 10:47:41 UTC SERVERID=sfc110; path=/
vary
Accept-Encoding
cache-control
no-store, no-cache, must-revalidate, no-transform, max-age=0, post-check=0, pre-check=0
expires
Sat, 26 Jul 1997 05:00:00 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
cf-request-id
041ca6c60c00000b43da0a0200000001
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
5b7473e9a8ea0b43-AMS

Redirect headers

Server
openresty
Date
Thu, 23 Jul 2020 09:42:40 GMT
Content-Type
text/html
Content-Length
685
Connection
keep-alive
Pragma
no-cache
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Cache-Control
no-cache, no-store, must-revalidate
Location
https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb88f817f90723-202007-flb&ext1=4715457-a245e&ext2=sl_4715457-a245e&aff_cid=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&aff_h=8d72c9799a70d2180f719264737e5efdd7a3b0d8**
/
track.fungiers.com/203092/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lCH20HKPU090a560000RS00EM30TPJ804CPGFC00QR04CPG00000000/ 		246 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://track.fungiers.com/203092/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lCH20HKPU090a560000RS00EM30TPJ804CPGFC00QR04CPG00000000/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
31.170.100.126 , Spain, ASN201942 (SOLTIA, ES),
Reverse DNS
Software
nginx /
Resource Hash
1fa6472e094e7c876548de3af409e599b12fb46a232b6912836fea5123078155

Request headers

:method
GET
:authority
track.fungiers.com
:scheme
https
:path
/203092/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lCH20HKPU090a560000RS00EM30TPJ804CPGFC00QR04CPG00000000/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://internetious.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://internetious.com/

Response headers

status
200
server
nginx
date
Thu, 23 Jul 2020 09:42:41 GMT
content-type
text/html; charset=UTF-8
content-length
206
access-control-allow-origin
*
access-control-allow-headers
Content-Type
cache-control
no-cache, private
content-encoding
gzip
x-device
desktop
accept-ranges
bytes
age
0
tp-cache
MISS
vary
Accept-Encoding
/
bxt1.sponsides.com/ 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020072309-0d6fa9b1c8d29d52603c41244832110f&kw1=203092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.118.102 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx / PHP/7.3.4
Resource Hash
9e2fdbc5c953ebed77ebd5519c8464309f5ed86b87e0282d2e48059cdd26127a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
bxt1.sponsides.com
:scheme
https
:path
/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020072309-0d6fa9b1c8d29d52603c41244832110f&kw1=203092
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

status
200
server
nginx
date
Thu, 23 Jul 2020 09:42:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
set-cookie
u=b60befe84624840c2e967adbffd2c05f; expires=Fri, 23-Jul-2021 09:42:42 GMT; Max-Age=31536000; path=/
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
/
bxt1.sponsides.com/ 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bxt1.sponsides.com/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Requested by
Host: bxt1.sponsides.com
URL: https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020072309-0d6fa9b1c8d29d52603c41244832110f&kw1=203092
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
173.236.118.102 Chicago, United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
nginx / PHP/7.3.4
Resource Hash
fcc735f60e0320f19f820aac700083bca467108932a7b1c5ecf96751776b542a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

:method
GET
:authority
bxt1.sponsides.com
:scheme
https
:path
/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020072309-0d6fa9b1c8d29d52603c41244832110f&kw1=203092
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
u=b60befe84624840c2e967adbffd2c05f
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020072309-0d6fa9b1c8d29d52603c41244832110f&kw1=203092

Response headers

status
200
server
nginx
date
Thu, 23 Jul 2020 09:42:42 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-powered-by
PHP/7.3.4
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
Primary Request /
play.leadzuaf.com/red/
Redirect Chain
  • https://bxt1.sponsides.com/proc.php?4ae148ec72b6bbc527c9148192d1c002cd710687
  • https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976
7 B
157 B 		Document
General
Check archive.org
Download Go to
Full URL
https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976
Requested by
Host: bxt1.sponsides.com
URL: https://bxt1.sponsides.com/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
217.13.124.96 , Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software
Apache /
Resource Hash
551c7d1ddbf1ab368a5e3fabb559cca37e9a14a75a9b53bc2f757a0d6afb2685

Request headers

Host
play.leadzuaf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
document
Referer
https://bxt1.sponsides.com/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://bxt1.sponsides.com/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d#

Response headers

Date
Thu, 23 Jul 2020 09:42:43 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
7
Connection
close
Server
Apache

Redirect headers

status
302
server
nginx
date
Thu, 23 Jul 2020 09:42:42 GMT
content-type
text/html; charset=UTF-8
location
https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976
cache-control
no-store, no-cache, must-revalidate, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
strict-transport-security
max-age=31536000; includeSubdomains;

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies