r.leadzu.com - urlscan.io

Summary

This website contacted 6 IPs in 2 countries across 7 domains to perform 7 HTTP transactions. The main IP is 212.92.39.35, located in Barcelona, Spain and belongs to NEXICA-AS, ES. The main domain is r.leadzu.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on April 20th 2018. Valid for: a year.

This is the only time r.leadzu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	216.58.205.225 216.58.205.225	15169 (GOOGLE) (GOOGLE - Google LLC)
3 4	107.180.9.111 107.180.9.111	26496 (AS-26496-...) (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com)
1	216.58.214.99 216.58.214.99	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.210.9 216.58.210.9	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.205.233 216.58.205.233	15169 (GOOGLE) (GOOGLE - Google LLC)
1	212.92.39.35 212.92.39.35	24592 (NEXICA-AS) (NEXICA-AS)
7	6

3 216.58.205.225 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f1.1e100.net

videosmasintimos.blogspot.mx	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
videosmasintimos.blogspot.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.180.9.111 (Scottsdale, United States) 3 redirects

ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US)
PTR: ip-107-180-9-111.ip.secureserver.net

sexy.sangalioplote.ga	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.214.99 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s05-in-f99.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.210.9 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s07-in-f9.1e100.net

resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.205.233 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s24-in-f9.1e100.net

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.92.39.35 (Barcelona, Spain)

ASN24592 (NEXICA-AS, ES)

r.leadzu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
4	sangalioplote.ga 3 redirects sexy.sangalioplote.ga	1 KB
2	blogspot.de videosmasintimos.blogspot.de	17 KB
1	leadzu.com r.leadzu.com	832 B
1	blogger.com www.blogger.com	52 KB
1	blogblog.com resources.blogblog.com	44 KB
1	gstatic.com www.gstatic.com	4 KB
1	blogspot.mx 1 redirects videosmasintimos.blogspot.mx	387 B
7	7

	Domain	Requested by
4	sexy.sangalioplote.ga	3 redirects videosmasintimos.blogspot.de
2	videosmasintimos.blogspot.de	videosmasintimos.blogspot.de
1	r.leadzu.com	sexy.sangalioplote.ga
1	www.blogger.com	videosmasintimos.blogspot.de
1	resources.blogblog.com	videosmasintimos.blogspot.de
1	www.gstatic.com	videosmasintimos.blogspot.de
1	videosmasintimos.blogspot.mx	1 redirects
7	7

This site contains no links.

Subject Issuer	Validity	Valid
leadzuin.com COMODO RSA Domain Validation Secure Server CA	`2018-04-20` - `2019-05-20`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://r.leadzu.com/?m=1LGJADULT758&a=user11294
Frame ID: 141DF9013E314112DA3305E4D77DC4C5
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://videosmasintimos.blogspot.mx/ HTTP 302
http://videosmasintimos.blogspot.de/ Page URL
http://sexy.sangalioplote.ga/space/11294/ HTTP 302
http://sexy.sangalioplote.ga/nuevo/direct_validacion.php?s=11294&area=script HTTP 302
http://sexy.sangalioplote.ga/nuevo/redirect.php?s=11294&area=script HTTP 302
https://r.leadzu.com/?m=1LGJADULT758&a=user11294 Page URL

Detected technologies

Java (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

OpenGSE (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /GSE/i

Page Statistics

7
Requests

14 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

119 kB
Transfer

360 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://videosmasintimos.blogspot.mx/ HTTP 302
http://videosmasintimos.blogspot.de/ Page URL
http://sexy.sangalioplote.ga/space/11294/ HTTP 302
http://sexy.sangalioplote.ga/nuevo/direct_validacion.php?s=11294&area=script HTTP 302
http://sexy.sangalioplote.ga/nuevo/redirect.php?s=11294&area=script HTTP 302
https://r.leadzu.com/?m=1LGJADULT758&a=user11294 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://videosmasintimos.blogspot.mx/ HTTP 302
http://videosmasintimos.blogspot.de/

7 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

/ Show response
videosmasintimos.blogspot.de/
Redirect Chain

http://videosmasintimos.blogspot.mx/
http://videosmasintimos.blogspot.de/

71 KB
15 KB

394ms
372ms

Document
text/html

216.58.205.225
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://videosmasintimos.blogspot.de/

Protocol

HTTP/1.1

Server

216.58.205.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f1.1e100.net

Software

GSE /

Resource Hash

1658b0ae6f65d8b76343151e58f01baee0bab51ee87ea3073cebece25fc166b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: videosmasintimos.blogspot.de
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 141DF9013E314112DA3305E4D77DC4C5

Response headers

Content-Type: text/html; charset=UTF-8
Expires: Wed, 16 May 2018 10:51:34 GMT
Date: Wed, 16 May 2018 10:51:34 GMT
Cache-Control: private, max-age=0
Last-Modified: Fri, 30 Mar 2018 03:11:22 GMT
ETag: W/"4bf49ac5e1f5f626f936f3aff5ca0015fdb6ce0b52c660b613f69fdb5f4a523f"
Content-Encoding: gzip
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Length: 15147
Server: GSE

Redirect headers

Location: http://videosmasintimos.blogspot.de/
Content-Type: text/html; charset=UTF-8
Content-Encoding: gzip
Date: Wed, 16 May 2018 10:51:34 GMT
Expires: Wed, 16 May 2018 10:51:34 GMT
Cache-Control: private, max-age=0
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
Content-Length: 181
Server: GSE

GET
H/1.1 200
OK /
sexy.sangalioplote.ga/direct/ 185 B
432 B 293ms
173ms Script
text/html 107.180.9.111
GoDaddy.com

General

Check archive.org

Show headers Download Go to

Full URL: http://sexy.sangalioplote.ga/direct/?s=11294&c=2&t=0
Requested by: Host: videosmasintimos.blogspot.de
URL: http://videosmasintimos.blogspot.de/
Protocol: HTTP/1.1
Server: 107.180.9.111 Scottsdale, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC - GoDaddy.com, LLC, US),
Reverse DNS: ip-107-180-9-111.ip.secureserver.net
Software: Apache / PHP/7.1.14
Resource Hash

Request headers

Referer: http://videosmasintimos.blogspot.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 16 May 2018 10:51:35 GMT
Content-Encoding: gzip
Server: Apache
X-Powered-By: PHP/7.1.14
Vary: Accept-Encoding,User-Agent
Content-Type: text/html; charset=UTF-8
Connection: Keep-Alive
Keep-Alive: timeout=5
Content-Length: 168

GET
S 200 clipboard.min.js Show response
www.gstatic.com/external_hosted/clipboardjs/ 12 KB
4 KB 14ms
14ms Script
text/javascript 216.58.214.99
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/external_hosted/clipboardjs/clipboard.min.js

Requested by

Host: videosmasintimos.blogspot.de
URL: http://videosmasintimos.blogspot.de/

Protocol

SPDY

Server

216.58.214.99 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s05-in-f99.1e100.net

Software

sffe /

Resource Hash

a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://videosmasintimos.blogspot.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Wed, 16 May 2018 10:51:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 12 May 2017 18:45:00 GMT
server: sffe
age: 0
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=0
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 4096
x-xss-protection: 1; mode=block
expires: Wed, 16 May 2018 10:51:34 GMT

GET
S 200 1594580645-rockpool_compiled.js Show response
resources.blogblog.com/blogblog/data/res/ 127 KB
44 KB 6ms
6ms Script
text/javascript 216.58.210.9
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.blogblog.com/blogblog/data/res/1594580645-rockpool_compiled.js

Requested by

Host: videosmasintimos.blogspot.de
URL: http://videosmasintimos.blogspot.de/

Protocol

SPDY

Server

216.58.210.9 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s07-in-f9.1e100.net

Software

sffe /

Resource Hash

b9b81098675b570d147e2a94737be798e61225c7835bd3f5cec3bac9c8cbd118

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://videosmasintimos.blogspot.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 14 May 2018 02:50:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 May 2018 00:20:41 GMT
server: sffe
age: 201638
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 44539
x-xss-protection: 1; mode=block
expires: Mon, 21 May 2018 02:50:56 GMT

GET
H/1.1 200
OK cookiechoices.js Show response
videosmasintimos.blogspot.de/js/ 6 KB
2 KB 40ms
40ms Script
text/javascript 216.58.205.225
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://videosmasintimos.blogspot.de/js/cookiechoices.js

Requested by

Host: videosmasintimos.blogspot.de
URL: http://videosmasintimos.blogspot.de/

Protocol

HTTP/1.1

Server

216.58.205.225 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f1.1e100.net

Software

sffe /

Resource Hash

9496f34272ab65a565d50b909f2396ce799c30ef05f2ddd54fae11ed19fe6fa6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate
Host: videosmasintimos.blogspot.de
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: */*
Referer: http://videosmasintimos.blogspot.de/
Connection: keep-alive
Cache-Control: no-cache
Referer: http://videosmasintimos.blogspot.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

Date: Wed, 16 May 2018 10:51:35 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Tue, 15 May 2018 16:33:16 GMT
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Accept-Ranges: bytes
Content-Length: 1949
X-XSS-Protection: 1; mode=block
Expires: Wed, 23 May 2018 10:51:35 GMT

GET
S 200 1285210858-widgets.js Show response
www.blogger.com/static/v1/widgets/ 145 KB
52 KB 6ms
6ms Script
text/javascript 216.58.205.233
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/1285210858-widgets.js

Requested by

Host: videosmasintimos.blogspot.de
URL: http://videosmasintimos.blogspot.de/

Protocol

SPDY

Server

216.58.205.233 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s24-in-f9.1e100.net

Software

sffe /

Resource Hash

ba5a5ffbe8ffceeb7197b738ea50b9ad0e778fc133db9d90e784b567981b531f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://videosmasintimos.blogspot.de/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36

Response headers

date: Mon, 14 May 2018 01:03:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 11 May 2018 20:56:19 GMT
server: sffe
age: 208096
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=31536000
accept-ranges: bytes
alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
content-length: 53166
x-xss-protection: 1; mode=block
expires: Tue, 14 May 2019 01:03:18 GMT

GET
H/1.1

200
OK

Primary Request / Show response
r.leadzu.com/
Redirect Chain

http://sexy.sangalioplote.ga/space/11294/
http://sexy.sangalioplote.ga/nuevo/direct_validacion.php?s=11294&area=script
http://sexy.sangalioplote.ga/nuevo/redirect.php?s=11294&area=script
https://r.leadzu.com/?m=1LGJADULT758&a=user11294

680 B
832 B

168ms
51ms

Document
text/html

212.92.39.35
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://r.leadzu.com/?m=1LGJADULT758&a=user11294
Requested by: Host: sexy.sangalioplote.ga
URL: http://sexy.sangalioplote.ga/direct/?s=11294&c=2&t=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.39.35 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software: Apache /
Resource Hash: 3f546253a5f0df9e3a3624fe79d4d115b184635afa9f3992ff687513cf0ece21

Request headers

Host: r.leadzu.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: http://videosmasintimos.blogspot.de/
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) HeadlessChrome/66.0.3359.139 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id: 141DF9013E314112DA3305E4D77DC4C5
Referer: http://videosmasintimos.blogspot.de/

Response headers

Date: Wed, 16 May 2018 10:51:35 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 680
Connection: close
Server: Apache

Redirect headers

Date: Wed, 16 May 2018 10:51:35 GMT
Server: Apache
X-Powered-By: PHP/7.1.14
Set-Cookie: entrada=1526467895; expires=Thu, 17-May-2018 10:51:35 GMT; Max-Age=86400
location: https://r.leadzu.com/?m=1LGJADULT758&a=user11294
Vary: User-Agent
Content-Length: 2
Keep-Alive: timeout=5
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

r.leadzu.com
resources.blogblog.com
sexy.sangalioplote.ga
videosmasintimos.blogspot.de
videosmasintimos.blogspot.mx
www.blogger.com
www.gstatic.com
107.180.9.111
212.92.39.35
216.58.205.225
216.58.205.233
216.58.210.9
216.58.214.99
1658b0ae6f65d8b76343151e58f01baee0bab51ee87ea3073cebece25fc166b8
3f546253a5f0df9e3a3624fe79d4d115b184635afa9f3992ff687513cf0ece21
9496f34272ab65a565d50b909f2396ce799c30ef05f2ddd54fae11ed19fe6fa6
a00d3cabd4a8dbdbd2e992e238d11ec889fb3cc7751d9bc271f063a17ec8bf7d
b9b81098675b570d147e2a94737be798e61225c7835bd3f5cec3bac9c8cbd118
ba5a5ffbe8ffceeb7197b738ea50b9ad0e778fc133db9d90e784b567981b531f

r.leadzu.com Open in urlscan Pro 212.92.39.35 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

7 Requests

14 %HTTPS

0 %IPv6

7 Domains

7 Subdomains

6 IPs

2 Countries

119 kBTransfer

360 kBSize

0 Cookies

0 Outgoing links

Page URL History

Redirected requests

7 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

0 Cookies

Security Headers

Indicators

r.leadzu.com Open in urlscan Pro
212.92.39.35 Public Scan

Screenshot
Live screenshot

Full Image

7
Requests

14 %
HTTPS

0 %
IPv6

7
Domains

7
Subdomains

6
IPs

2
Countries

119 kB
Transfer

360 kB
Size

0
Cookies

7 HTTP transactions
0 data transactions