urlscan.io logo urlscan.io
SecurityTrails logo

play.leadzuaf.com Open in urlscan Pro
212.92.39.33  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://xml.mobra.in/redirect?feed=123972&auth=uzehhh&subid=000364_000199_000849_mob0bee4b0ead79466f&query=1807270836...
Effective URL: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Submission: On July 30 via manual from JP
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 4 countries across 8 domains to perform 8 HTTP transactions. The main IP is 212.92.39.33, located in Barcelona, Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzuaf.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on April 20th 2018. Valid for: a year.
This is the only time play.leadzuaf.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 174.137.133.16 27257 (WEBAIR-IN...)
1 1 52.206.4.12 14618 (AMAZON-AES)
1 1 34.234.253.213 14618 (AMAZON-AES)
1 1 52.73.197.100 14618 (AMAZON-AES)
1 212.92.39.33 24592 (NEXICA-AS)
5 89.255.250.53 60626 (LEASEWEBCDN)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
8 4
1    174.137.133.16 (Garden City, United States)

ASN27257 (WEBAIR-INTERNET - Webair Internet Development Company Inc., US)
xml.mobra.in
1    52.206.4.12 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-206-4-12.compute-1.amazonaws.com
t1.wiseforwarding.com
1    34.234.253.213 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-234-253-213.compute-1.amazonaws.com
t1.contentfall.com
1    52.73.197.100 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-73-197-100.compute-1.amazonaws.com
t1.trackingfall.com
1    212.92.39.33 (Barcelona, Spain)

ASN24592 (NEXICA-AS, ES)
play.leadzuaf.com
5    89.255.250.53 (Netherlands)

ASN60626 (LEASEWEBCDN, NL)
img.mobusi.com
1    2a00:1450:4001:821::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.googleapis.com
1    2a00:1450:4001:821::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)
fonts.gstatic.com
Domain Requested by
5 img.mobusi.com play.leadzuaf.com
1 fonts.gstatic.com play.leadzuaf.com
1 fonts.googleapis.com play.leadzuaf.com
1 play.leadzuaf.com
1 t1.trackingfall.com 1 redirects
1 t1.contentfall.com 1 redirects
1 t1.wiseforwarding.com 1 redirects
1 xml.mobra.in 1 redirects
8 8

This site contains links to these domains. Also see Links.

Domain
www.modamania.es
Subject Issuer Validity Valid
leadzuin.com
COMODO RSA Domain Validation Secure Server CA		 2018-04-20 -
2019-05-20		 a year crt.sh

This page contains 1 frames:

Primary Page: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Frame ID: EB1CA243D1B89933275C80C2C990745F
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://xml.mobra.in/redirect?feed=123972&auth=uzehhh&subid=000364_000199_000849_mob0bee4b0ead794... HTTP 302
    http://t1.wiseforwarding.com/a8b0e3b HTTP 302
    http://t1.contentfall.com/c/1iiap7p?c=0&po=&a=a8b0e3b&p=null&s=2097&st=2243&f=4&sh=&ct=&w=&h=&isp=Hetz... HTTP 302
    http://t1.trackingfall.com/1iiap7p?a=a8b0e3b&c=0&callback_url=%7Bcallbackurl%7D&f=4&p=null&po=&s=2097&s... HTTP 302
    https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i
Overall confidence: 100%
Detected patterns
  • html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Page Statistics

8
Requests

13 %
HTTPS

25 %
IPv6

8
Domains

8
Subdomains

4
IPs

4
Countries

130 kB
Transfer

134 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://xml.mobra.in/redirect?feed=123972&auth=uzehhh&subid=000364_000199_000849_mob0bee4b0ead79466f&query=1807270836a5f0ad41583642 HTTP 302
    http://t1.wiseforwarding.com/a8b0e3b HTTP 302
    http://t1.contentfall.com/c/1iiap7p?c=0&po=&a=a8b0e3b&p=null&s=2097&st=2243&f=4&sh=&ct=&w=&h=&isp=Hetzner%20Online%20GmbH&callback_url={callbackurl}&xcl=mobrain_193132 HTTP 302
    http://t1.trackingfall.com/1iiap7p?a=a8b0e3b&c=0&callback_url=%7Bcallbackurl%7D&f=4&p=null&po=&s=2097&sh=&st=2243&xcl=mobrain_193132 HTTP 302
    https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

8 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request Cookie set /
play.leadzuaf.com/red/
Redirect Chain
  • http://xml.mobra.in/redirect?feed=123972&auth=uzehhh&subid=000364_000199_000849_mob0bee4b0ead79466f&query=1807270836a5f0ad41583642
  • http://t1.wiseforwarding.com/a8b0e3b?
  • http://t1.contentfall.com/c/1iiap7p?c=0&po=&a=a8b0e3b&p=null&s=2097&st=2243&f=4&sh=&ct=&w=&h=&isp=Hetzner%20Online%20GmbH&callback_url={callbackurl}&xcl=mobrain_193132
  • http://t1.trackingfall.com/1iiap7p?a=a8b0e3b&c=0&callback_url=%7Bcallbackurl%7D&f=4&p=null&po=&s=2097&sh=&st=2243&xcl=mobrain_193132
  • https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Protocol
HTTP/1.1
Security
TLS 1.0, ECDHE_RSA, AES_256_CBC
Server
212.92.39.33 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software
Apache /
Resource Hash
be245f0880199b950ca309be7bd3639006a2a7758a91f5a9e9d1fbe9d2d04312

Request headers

Host
play.leadzuaf.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id
EB1CA243D1B89933275C80C2C990745F

Response headers

Date
Mon, 30 Jul 2018 00:56:30 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
2045
Connection
close
Server
Apache
P3P
CP="NOI ADM DEV COM NAV OUR STP"
Set-Cookie
leadzu_seen_VAPB=%7B%22pc2ujgde-1%22%3A%22pc2ujgde-1%22%7D; expires=Mon, 30-Jul-2018 03:56:31 GMT; Max-Age=10800; path=/; domain=.leadzuaf.com

Redirect headers

Content-Type
application/json
Date
Mon, 30 Jul 2018 00:56:30 GMT
location
https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Server
nginx
Content-Length
4
Connection
keep-alive
1510144915_4ae8d197f42f.css
img.mobusi.com/ad/9/j/3/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
10e4c171bb56eb7cf4a4f0bc0119865220ba0d80ea910a3416de2ecb33e30514

Request headers

Referer
https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 30 Jul 2018 00:56:30 GMT
content-encoding
gzip
cdn-cache-hit
1
last-modified
Wed, 08 Nov 2017 12:41:55 GMT
server
leasewebcdn/5.4.2
etag
W/"2597815248"
content-type
text/css
status
200
cdn-cache
HIT
cdn-node
FRA1-SO03001
css
fonts.googleapis.com/ 		2 KB
541 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Protocol
SPDY
Server
2a00:1450:4001:821::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
ESF /
Resource Hash
70e172a92621bda986187b07992973ec727729b6c7e123dff0578094dcb5a1de
Security Headers
Name Value
Strict-Transport-Security max-age=600
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security
max-age=600
content-encoding
gzip
last-modified
Mon, 30 Jul 2018 00:56:30 GMT
server
ESF
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
status
200
date
Mon, 30 Jul 2018 00:56:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
x-xss-protection
1; mode=block
expires
Mon, 30 Jul 2018 00:56:30 GMT
14068855501126.jpg
img.mobusi.com/ad/t/k/o/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/t/k/o/14068855501126.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
3d5eec14bf6aa47ff4ccf2928916e3944fedfdee05c424c37458046752dd40ee

Request headers

Referer
https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 30 Jul 2018 00:56:30 GMT
cdn-cache-hit
1
last-modified
Fri, 01 Aug 2014 09:32:30 GMT
server
leasewebcdn/5.4.2
etag
"1913357831"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
69848
cdn-node
FRA1-SO03001
1510132855_699f2a3cb94d.jpg
img.mobusi.com/ad/n/2/1/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/n/2/1/1510132855_699f2a3cb94d.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
07b52b0bfd07bcca772a01a8af6fbea0bde2fd7f162924fc574c68de57fe09f0

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 30 Jul 2018 00:56:30 GMT
cdn-cache-hit
1
last-modified
Wed, 08 Nov 2017 09:20:55 GMT
server
leasewebcdn/5.4.2
etag
"3997422076"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
16831
cdn-node
FRA1-SO03001
1510071550_f2f2337d2fc8.jpg
img.mobusi.com/ad/b/8/n/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/b/8/n/1510071550_f2f2337d2fc8.jpg
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
f4a3d56706ed98adcf25500097f25ee1ccb6459435e2b9566613d47031dd7d24

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 30 Jul 2018 00:56:30 GMT
cdn-cache-hit
1
last-modified
Tue, 07 Nov 2017 16:19:10 GMT
server
leasewebcdn/5.4.2
etag
"1988099904"
content-type
image/jpeg
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
22836
cdn-node
FRA1-SO03001
1508421592_e4f95ad93bf9.png
img.mobusi.com/ad/g/0/s/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.mobusi.com/ad/g/0/s/1508421592_e4f95ad93bf9.png
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Protocol
SPDY
Server
89.255.250.53 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
f5626010476be4549e7c17257fb8ce3b5cca4188accd51dddb3852f99835177a

Request headers

Referer
https://img.mobusi.com/ad/9/j/3/1510144915_4ae8d197f42f.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date
Mon, 30 Jul 2018 00:56:30 GMT
cdn-cache-hit
1
last-modified
Thu, 19 Oct 2017 13:59:52 GMT
server
leasewebcdn/5.4.2
etag
"2054276222"
content-type
image/png
status
200
accept-ranges
bytes
cdn-cache
HIT
content-length
3073
cdn-node
FRA1-SO03001
S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
fonts.gstatic.com/s/lato/v14/ 		14 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v14/S6u9w4BMUTPHh6UVSwiPGQ3q5d0.woff2
Requested by
Host: play.leadzuaf.com
URL: https://play.leadzuaf.com/red/?code=5IZO3XMPIPI5&a=1807292156a57274bcc35d66&pubid=000364_null
Protocol
SPDY
Server
2a00:1450:4001:821::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
a3b3c4f67bf2b44294215e2be76f12794e6b142edec201e199c93c38739f2bfc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer
https://fonts.googleapis.com/css?family=Lato:300,600,700,900
Origin
https://play.leadzuaf.com

Response headers

date
Sat, 14 Jul 2018 17:03:59 GMT
x-content-type-options
nosniff
last-modified
Wed, 11 Oct 2017 18:24:00 GMT
server
sffe
age
1324351
status
200
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="44,43,39,35"
content-length
14076
x-xss-protection
1; mode=block
expires
Sun, 14 Jul 2019 17:03:59 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Domain/Path Name / Value
.leadzuaf.com/ Name: leadzu_seen_VAPB
Value: %7B%22pc2ujgde-1%22%3A%22pc2ujgde-1%22%7D