play.leadzuaf.com
Open in
urlscan Pro
217.13.124.96
Public Scan
Effective URL: https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976
Submission: On July 23 via manual from GR
Summary
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on June 13th 2020. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 | 5.9.127.225 5.9.127.225 | 24940 (HETZNER-AS) (HETZNER-AS) | |
2 3 | 213.32.106.141 213.32.106.141 | 16276 (OVH) (OVH) | |
1 | 172.64.105.7 172.64.105.7 | 13335 (CLOUDFLAR...) (CLOUDFLARENET) | |
1 | 31.170.100.126 31.170.100.126 | 201942 (SOLTIA) (SOLTIA) | |
1 3 | 173.236.118.102 173.236.118.102 | 32475 (SINGLEHOP...) (SINGLEHOP-LLC) | |
1 | 217.13.124.96 217.13.124.96 | 24592 (NEXICA-AS) (NEXICA-AS) | |
7 | 6 |
ASN24940 (HETZNER-AS, DE)
PTR: static.225.127.9.5.clients.your-server.de
1d61c60835e.trffcmpny.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
3 |
sponsides.com
1 redirects
bxt1.sponsides.com |
7 KB |
3 |
content-mobile.club
2 redirects
www.content-mobile.club |
5 KB |
1 |
leadzuaf.com
play.leadzuaf.com |
157 B |
1 |
fungiers.com
track.fungiers.com |
453 B |
1 |
internetious.com
internetious.com |
4 KB |
1 |
trffcmpny.com
1d61c60835e.trffcmpny.com |
1 KB |
7 | 6 |
Domain | Requested by | |
---|---|---|
3 | bxt1.sponsides.com |
1 redirects
bxt1.sponsides.com
|
3 | www.content-mobile.club | 2 redirects |
1 | play.leadzuaf.com |
bxt1.sponsides.com
|
1 | track.fungiers.com | |
1 | internetious.com |
www.content-mobile.club
|
1 | 1d61c60835e.trffcmpny.com | |
7 | 6 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
www.content-mobile.club Let's Encrypt Authority X3 |
2020-05-28 - 2020-08-26 |
3 months | crt.sh |
sni.cloudflaressl.com Cloudflare Inc ECC CA-3 |
2020-06-08 - 2021-06-08 |
a year | crt.sh |
track.ethinner.com Let's Encrypt Authority X3 |
2020-07-07 - 2020-10-05 |
3 months | crt.sh |
bxt1.sponsides.com Let's Encrypt Authority X3 |
2020-06-10 - 2020-09-08 |
3 months | crt.sh |
leadzuin.com Sectigo RSA Domain Validation Secure Server CA |
2020-06-13 - 2021-07-13 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976
Frame ID: 898DD5BD2AF428082AB9A7DFE5C3DD98
Requests: 7 HTTP requests in this frame
Screenshot
Page URL History Show full URLs
- http://1d61c60835e.trffcmpny.com/ Page URL
- https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website= Page URL
-
https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&eyeg=56...
HTTP 302
https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&oyeg=56... HTTP 301
https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb... Page URL
- https://track.fungiers.com/203092/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b... Page URL
- https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M... Page URL
- https://bxt1.sponsides.com/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc... Page URL
-
https://bxt1.sponsides.com/proc.php?4ae148ec72b6bbc527c9148192d1c002cd710687
HTTP 302
https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976 Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
- http://1d61c60835e.trffcmpny.com/ Page URL
- https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website= Page URL
-
https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&eyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=1d61c60835e.trffcmpny.com
HTTP 302
https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&oyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=1d61c60835e.trffcmpny.com&eyeg=3 HTTP 301
https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb88f817f90723-202007-flb&ext1=4715457-a245e&ext2=sl_4715457-a245e&aff_cid=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&aff_h=8d72c9799a70d2180f719264737e5efdd7a3b0d8** Page URL
- https://track.fungiers.com/203092/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lCH20HKPU090a560000RS00EM30TPJ804CPGFC00QR04CPG00000000/ Page URL
- https://bxt1.sponsides.com/?utm_medium=f2a0c4f3fbe2823ee80dc4ba2e1e834b8d892f53&utm_campaign=Push&cid=M2020072309-0d6fa9b1c8d29d52603c41244832110f&kw1=203092 Page URL
- https://bxt1.sponsides.com/?utm_term=6852608990661050410&clickverify=1&utm_content=e6c2c6dcd68fd49594fc9695a6a795938a8bb8888c8f8cbdb2c6b0c4b6b78583babb88b8bcbfbc8dafb2b2b186b68485ab9b9899f2fef2f9e1f0f1e1f3bae4e78386899b97efddeda58c8f868a82c4ac9498d6f9cccbfccfc6f3f0f182858190cacbf9c9fff9fcfdc2f2f2f1f6c7c4c54d Page URL
-
https://bxt1.sponsides.com/proc.php?4ae148ec72b6bbc527c9148192d1c002cd710687
HTTP 302
https://play.leadzuaf.com/red/?code=T4LYP514ERRE&a=6852608990661050410&pubid=976 Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 2- https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&eyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=1d61c60835e.trffcmpny.com HTTP 302
- https://www.content-mobile.club/?sl=4715457-a245e&tag=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&website=&oyeg=568de944b2f5b81be5a9d8dad6344722&eyer=0.9006591352461544&eyei=0&eyew=1600&eyeh=1200&eyetd=210&eyef=1d61c60835e.trffcmpny.com&eyeg=3 HTTP 301
- https://internetious.com/c/e9b43369-c77d-464a-bda4-b205cd94c15f?clickid=13000006e45acd936709897a452bb88f817f90723-202007-flb&ext1=4715457-a245e&ext2=sl_4715457-a245e&aff_cid=5nlm3c80ieysqfqjwj3kscgk0,14816193,5,&aff_h=8d72c9799a70d2180f719264737e5efdd7a3b0d8**
7 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H/1.1 |
Cookie set
/
1d61c60835e.trffcmpny.com/ |
780 B 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
/
www.content-mobile.club/ |
4 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
e9b43369-c77d-464a-bda4-b205cd94c15f
internetious.com/c/ Redirect Chain
|
6 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
track.fungiers.com/203092/f6612a1d516725be822f3424f22fe64f/e3513143202a282b3c89436ac2877991/07b1b23c-e62e-4fe8-b6ca-0d81ed8f01a1/lCH20HKPU090a560000RS00EM30TPJ804CPGFC00QR04CPG00000000/ |
246 B 453 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
bxt1.sponsides.com/ |
3 KB 2 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
bxt1.sponsides.com/ |
11 KB 5 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
Primary Request
/
play.leadzuaf.com/red/ Redirect Chain
|
7 B 157 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
0 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
0 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
1d61c60835e.trffcmpny.com
bxt1.sponsides.com
internetious.com
play.leadzuaf.com
track.fungiers.com
www.content-mobile.club
172.64.105.7
173.236.118.102
213.32.106.141
217.13.124.96
31.170.100.126
5.9.127.225
10a06bb5fa458abc358e1f84ff1b01cb558a1715f9f28f3fc6cb26295546e0ad
1fa6472e094e7c876548de3af409e599b12fb46a232b6912836fea5123078155
51bed404a1045cb80e12b8db0637ca9b3ebf4ade76f3533308120ff365446ff5
551c7d1ddbf1ab368a5e3fabb559cca37e9a14a75a9b53bc2f757a0d6afb2685
6c975fd0d3a43a039544f2269c6dc3d2efbfa8c2047d1ff32c562460bc80725c
9e2fdbc5c953ebed77ebd5519c8464309f5ed86b87e0282d2e48059cdd26127a
fcc735f60e0320f19f820aac700083bca467108932a7b1c5ecf96751776b542a