play.leadzutw.com Open in urlscan Pro
212.92.39.33 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Submission: On November 29 via api (November 29th 2019, 10:00:47 am UTC) from CA

Summary HTTP 95 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 5 countries across 11 domains to perform 95 HTTP transactions. The main IP is 212.92.39.33, located in Barcelona, Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzutw.com.

This is the only time play.leadzutw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	212.92.39.33 212.92.39.33	24592 (NEXICA-AS) (NEXICA-AS)
1 39	51.68.180.203 51.68.180.203	16276 (OVH) (OVH)
1	51.68.35.185 51.68.35.185	16276 (OVH) (OVH)
3	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
21	2a00:1450:400... 2a00:1450:4001:820::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	185.28.138.9 185.28.138.9	197541 (VIDEOPLAZ...) (VIDEOPLAZA-AS)
7	2a00:1450:400... 2a00:1450:4001:820::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:800::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
4	195.138.255.11 195.138.255.11	201011 (NETZBETRI...) (NETZBETRIEB-GMBH)
4	185.86.137.43 185.86.137.43	201081 (SMARTADSE...) (SMARTADSERVER)
1	46.4.252.240 46.4.252.240	24940 (HETZNER-AS) (HETZNER-AS)
95	13

1 212.92.39.33 (Barcelona, Spain)

ASN24592 (NEXICA-AS, ES)

play.leadzutw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 51.68.180.203 (Germany) 1 redirects

ASN16276 (OVH, FR)
PTR: ns3125521.ip-51-68-180.eu

platform.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vast.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creatives.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.35.185 (France)

ASN16276 (OVH, FR)
PTR: ns3128584.ip-51-68-35.eu

services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:820::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.28.138.9 (Sweden)

ASN197541 (VIDEOPLAZA-AS, SE)

es-sunicontent.videoplaza.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
es-sunelespanol.videoplaza.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:820::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 195.138.255.11 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.43 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.4.252.240 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: eu.srv504.richaudience.com

s.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	sunmedia.tv 1 redirects platform.sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv vast.sunmedia.tv creatives.sunmedia.tv	224 KB
21	googleapis.com fonts.googleapis.com imasdk.googleapis.com	749 KB
7	googlesyndication.com tpc.googlesyndication.com	5 KB
6	google.com adservice.google.com	1 KB
6	2mdn.net s0.2mdn.net	62 KB
4	smartadserver.com www8.smartadserver.com	6 KB
4	sascdn.com ced.sascdn.com	41 KB
3	videoplaza.tv es-sunicontent.videoplaza.tv es-sunelespanol.videoplaza.tv	9 KB
3	spotxchange.com search.spotxchange.com	4 KB
1	richaudience.com s.richaudience.com	347 B
1	leadzutw.com play.leadzutw.com	548 B
95	11

	Domain	Requested by
20	imasdk.googleapis.com	static.sunmedia.tv imasdk.googleapis.com
15	static.sunmedia.tv	play.leadzutw.com static.sunmedia.tv creatives.sunmedia.tv
11	track.sunmedia.tv
8	creatives.sunmedia.tv	static.sunmedia.tv creatives.sunmedia.tv
7	tpc.googlesyndication.com	static.sunmedia.tv
6	adservice.google.com	imasdk.googleapis.com
6	s0.2mdn.net	imasdk.googleapis.com
4	www8.smartadserver.com	ced.sascdn.com
4	ced.sascdn.com	creatives.sunmedia.tv
4	vast.sunmedia.tv	static.sunmedia.tv
3	search.spotxchange.com	static.sunmedia.tv
2	es-sunicontent.videoplaza.tv	static.sunmedia.tv
1	es-sunelespanol.videoplaza.tv	static.sunmedia.tv
1	s.richaudience.com	static.sunmedia.tv
1	fonts.googleapis.com
1	services.sunmedia.tv	static.sunmedia.tv
1	platform.sunmedia.tv	1 redirects
1	play.leadzutw.com
95	18

This site contains no links.

Subject Issuer	Validity	Valid
*.sunmedia.tv COMODO RSA Domain Validation Secure Server CA	`2018-01-19` - `2021-01-18`	3 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
*.googleapis.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.videoplaza.com Let's Encrypt Authority X3	`2019-11-27` - `2020-02-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.google.com GTS CA 1O1	`2019-11-05` - `2020-01-28`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-10-17` - `2020-10-16`	a year	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh

This page contains 22 frames:

Primary Page: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Frame ID: 6888D8ABCF81786A50251271E696C3E0
Requests: 37 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=1523725633
Frame ID: 416BBB6EAA0A90D2B6AB5EB409A6EA40
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: FCD3002637ABB5EC8AA8170E0A106F38
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=${xclk}
Frame ID: 90743A4100B7EA67B482DBA621D34552
Requests: 3 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: ACA4C17E10E9ACE102000D667135F17B
Requests: 4 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/330901cb-6c24-4165-b37e-5b4f69939eb1/video/330901cb-6c24-4165-b37e-5b4f69939eb1.js?xclk=${xclk}
Frame ID: A8047FE1DB22216E7F5B159E64ADF0C6
Requests: 3 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 170DE25A064179204FBF6B76ADAFBD61
Requests: 4 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Frame ID: FA47A540B7CD7CA9079DB927B8036A24
Requests: 3 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: C01A03F0A406411F57095C5D8BBFCD8A
Requests: 4 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=${xclk}
Frame ID: D50051060EF2A31B6D18B1C7B5789E92
Requests: 3 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 010A14C6C5BBACB7478BCA17B89AB88F
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=232435217
Frame ID: 532E228AC3F19FA5A4D6151DB42C2042
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: F0097B949780B84CEECDD3FDB71C3CE3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3Dclick%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=1549103596
Frame ID: D0909E8DF21DF04372FB989FABE539DC
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: E3428A60A51E9C99CEE646A4D898755E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=441039708
Frame ID: 2169EB88F607124888412059838EDD9D
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 2585EF987D63270A2E884A2CD923D0D0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp
Frame ID: 8BFAACE6A1C0E1DF2034EE39D977259A
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 862BDC2E1FDA32F59BD53A163FC62D42
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp
Frame ID: 4ECC4484EBF7352259179D2A845FA8B1
Requests: 4 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html
Frame ID: 193F59F1FD4CA19A790F0755F62A0EB6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp
Frame ID: A84DC1F4248EFF3649D1F28563425882
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

95
Requests

81 %
HTTPS

33 %
IPv6

11
Domains

18
Subdomains

13
IPs

5
Countries

1102 kB
Transfer

3591 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://platform.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js HTTP 301
https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

95 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set zone.php Show response
play.leadzutw.com/red/ 212 B
548 B 257ms
86ms Document
text/html 212.92.39.33
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Protocol: HTTP/1.1
Server: 212.92.39.33 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software: Apache /
Resource Hash: ea008d427b7b50f3ad66c49b3c2cff6153d364bb8ca02ea3a3863ace13825c2d

Request headers

Host: play.leadzutw.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 09:52:28 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 212
Connection: close
Server: Apache
Set-Cookie: lz_frecy=%7B%222NVXEZWY2WFF%22%3A%7B%22times%22%3A1%2C%22time%22%3A1575068400%7D%7D; expires=Sat, 28-Nov-2020 10:00:27 GMT; Max-Age=31536000; path=/; domain=.leadzutw.com

GET
H2

200

94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js Show response
static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/
Redirect Chain

https://platform.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

174 KB
47 KB

23ms
22ms

Script
application/javascript

51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Requested by: Host: play.leadzutw.com
URL: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: a4c84868d01693b6465ba01a3c688ad2b7e7bfb0ca87878d7e2b1b4832f61e2e

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:27 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:54:12 GMT
server: nginx
age: 61447
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 47562

Redirect headers

date: Fri, 29 Nov 2019 10:00:27 GMT
content-encoding: gzip
tp-cache: HIT
server: nginx
age: 1301035
location: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/html; charset=UTF-8
status: 301
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
vary: Accept-Encoding
content-length: 242

GET
H2 200 eu_country.php Show response
static.sunmedia.tv/SMVpaidCreatives/geotarget/ 19 B
316 B 66ms
21ms XHR
application/json 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMVpaidCreatives/geotarget/eu_country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com

Response headers

date: Fri, 29 Nov 2019 10:00:27 GMT
tp-cache: HIT
server: nginx
age: 1303953
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: http://play.leadzutw.com
content-length: 19

GET
H2 200 country.php Show response
services.sunmedia.tv/geotarget/ 16 B
261 B 58ms
18ms XHR
application/json 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com

Response headers

date: Fri, 29 Nov 2019 10:00:27 GMT
tp-cache: HIT
server: nginx
age: 926110
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: http://play.leadzutw.com
content-length: 16

GET
H2 200 intext-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 2 KB
2 KB 66ms
22ms XHR
application/json 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/intext-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 0e3f100f141f1f81a6156791d5ca3db32c9ea353e15bf5bc0a38272e247bb8ff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com

Response headers

date: Fri, 29 Nov 2019 10:00:27 GMT
tp-cache: HIT
last-modified: Thu, 21 Nov 2019 14:55:37 GMT
server: nginx
age: 61815
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 1785
accept-ranges: bytes
x-device: desktop

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 22 B
306 B 66ms
22ms XHR
application/json 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: a900cf30af5c043697090d375d6babafc4d0a0b85a99e5e4317b1c358946a729

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com

Response headers

date: Fri, 29 Nov 2019 10:00:27 GMT
tp-cache: HIT
last-modified: Fri, 18 Oct 2019 10:57:34 GMT
server: nginx
age: 61817
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 22
accept-ranges: bytes
x-device: desktop

GET
H2 200 adblockDetector.js Show response
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/ 13 KB
5 KB 22ms
21ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:27 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61818
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
x-device: desktop
accept-ranges: bytes
content-length: 4831

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 SMPlayer_d.css
static.sunmedia.tv/SMSdk/css/SMVast/ 4 KB
1 KB 21ms
20ms Stylesheet
text/css 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 194b85c10c911ac7a204d734b732c3b7af39682d9690273d56d0fc808be650a8

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:49 GMT
server: nginx
age: 61818
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/css
status: 200
cache-control: max-age=0, s-maxage=2592000
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: *
content-length: 963

GET
H/1.1 200
OK 267639 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 225ms
182ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/267639?VPAID=JS&content_page_url=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3D2NVXEZWY2WFF%26lgid%3D9122717070.5465877401043553&cb=590438697&player_width=1584&player_height=891&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:28 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000324
X-SpotX-Timing-SpotMarket: 0.161666
X-SpotX-Timing-Page-Mux: 0.000239
X-SpotX-Timing-Page-Require: 0.000338
X-fe: 001
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000040
Content-Length: 76
X-SpotX-Timing-Page: 0.165402
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000268
Last-Modified: Fri, 29 Nov 2019 10:00:28 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.070904
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: http://play.leadzutw.com
X-SpotX-Timing-Page-Misc: 0.002490
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.090762
X-SpotX-Timing-Page-URI: 0.000036
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 23ms
21ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=94fc3ae3-182d-4cd3-9594-155b5eaf8ffa&tp=op&pb=1&pos=0&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883456
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 22ms
22ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=94fc3ae3-182d-4cd3-9594-155b5eaf8ffa&tp=req&pb=1&pos=0&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883456
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 23ms
22ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=94fc3ae3-182d-4cd3-9594-155b5eaf8ffa&tp=ef&pb=1&pos=0&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883456
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 css
fonts.googleapis.com/ 767 B
435 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 29 Nov 2019 10:00:27 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 29 Nov 2019 10:00:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:00:27 GMT

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ 3 KB
3 KB 22ms
21ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61818
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 fullscreen-on.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 22ms
21ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/fullscreen-on.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61818
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1351
accept-ranges: bytes
x-device: desktop

GET
H2 200 skip.png
static.sunmedia.tv/SMSdk/ico/ 3 KB
3 KB 22ms
22ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/skip.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61818
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2761
accept-ranges: bytes
x-device: desktop

GET
H2 200 adlabel.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 23ms
22ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/adlabel.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61818
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1359
accept-ranges: bytes
x-device: desktop

GET
H2 200 play.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 23ms
22ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/play.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61818
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1525
accept-ranges: bytes
x-device: desktop

GET
H2 200 v2 Show response
es-sunicontent.videoplaza.tv/proxy/distributor/ 82 KB
5 KB 83ms
30ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIT/CarrerasPopDesktop&tt=p&rt=vast_2.0&rnd=630454121&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3D2NVXEZWY2WFF%26lgid%3D9122717070.5465877401043553&vht=891&vwt=1584&cp.schain=1.0,1!sunmedia.tv,ddad5817-cbb7-4340-bf6c-01d15c13aaee,1,,,
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: d256f9bed1d8c231a3089c24127859474d4081637fc3660003750e13761ceaa5

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
content-encoding: gzip
status: 200
vary: Origin, Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: http://play.leadzutw.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 267639 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 204ms
204ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/267639?VPAID=JS&content_page_url=http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553&cb=-2096408493&player_width=1584&player_height=891&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1&schain=1.0,1!sunmedia.tv,ddad5817-cbb7-4340-bf6c-01d15c13aaee,1,,,
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:28 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.004784
X-SpotX-Timing-SpotMarket: 0.178419
X-SpotX-Timing-Page-Mux: 0.000204
X-SpotX-Timing-Page-Require: 0.000344
X-fe: 085
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000027
Content-Length: 76
X-SpotX-Timing-Page: 0.186679
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000248
Last-Modified: Fri, 29 Nov 2019 10:00:28 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.088030
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: http://play.leadzutw.com
X-SpotX-Timing-Page-Misc: 0.002640
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.090389
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 782 B
946 B 27ms
14ms XHR
text/xml 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1523725633&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttp://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553%26vpos%3Dpreroll%26iu%3D%2F21631112852%2FRevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0f1d1df8704b0606a918c920a13dbdd1d90783b83f11c328b8045b56eed0c9a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Nov 2019 10:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://play.leadzutw.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 503
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 416B 38 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=1523725633

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 19:35:27 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:15:28 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 416B 273 KB
93 KB 44ms
38ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=1523725633

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:28 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 94888
X-XSS-Protection: 0
Expires: Fri, 29 Nov 2019 10:00:28 GMT

GET
H/1.1 200
OK bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame FCD3 0
0 6ms
5ms Document
text/html 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196419
Date: Fri, 29 Nov 2019 08:51:53 GMT
Expires: Sat, 28 Nov 2020 08:51:53 GMT
Last-Modified: Wed, 20 Nov 2019 19:30:13 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 4116

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 416B 26 KB
11 KB 51ms
39ms Script
text/javascript 2a00:1450:4001:800::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:00:29 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 416B 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=play.leadzutw.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 23ms
21ms XHR
text/xml 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 3ba21f251feadf825b24c44ebe5752d3c53e572cbeb9779c5fb06a1b8bf5270e

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:29 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://play.leadzutw.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame 9074 197 KB
34 KB 22ms
21ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: bb125eb80c0ee6b8eef6e30864775092684e571bb223684d8ae6b2d1c44c1759

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:29 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 26 Nov 2019 16:39:55 GMT
server: nginx
age: 235230
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 34572

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame ACA4 3 KB
3 KB 21ms
20ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:30 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61821
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 9074 42 B
279 B 22ms
21ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=SMAdFactory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:30 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883459
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 9074 42 B
279 B 21ms
21ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=adl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:30 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883459
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_low.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame ACA4 895 B
737 B 21ms
20ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 00117fe5f15b6166d5979931289ff4c36ff22733e4a2457ed7701459510a5adb

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:30 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Fri, 05 Apr 2019 12:43:38 GMT
server: nginx
age: 1291459
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 424

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame ACA4 24 KB
10 KB 39ms
14ms Script
application/javascript 195.138.255.11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.138.255.11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: /
Resource Hash: 98fc00528a207dee025a6c14d3b5ddea456fe2a07a10cf88ff197e1cf1057141

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:30 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=208
Content-Length: 10143
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame ACA4 22 B
2 KB 98ms
92ms Script
application/javascript 185.86.137.43
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039318&fmtid=70691&async=1&visit=m&tmstp=4688719384&tag=sas_70691&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Server: 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Nov 2019 10:00:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b21%3b109
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H2 200 330901cb-6c24-4165-b37e-5b4f69939eb1 Show response
vast.sunmedia.tv/creatives/ 1 KB
705 B 23ms
22ms XHR
text/xml 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/330901cb-6c24-4165-b37e-5b4f69939eb1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 270171eb1c94d47a8f7489a38958d11b3473827bc9acc7866e17f39e6038f133

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:31 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://play.leadzutw.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 330901cb-6c24-4165-b37e-5b4f69939eb1.js Show response
creatives.sunmedia.tv/330901cb-6c24-4165-b37e-5b4f69939eb1/video/ Frame A804 196 KB
34 KB 22ms
21ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/330901cb-6c24-4165-b37e-5b4f69939eb1/video/330901cb-6c24-4165-b37e-5b4f69939eb1.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 4b3ca5b4a532ddc3c3ac36211c0aa738bdc70d32affacfe1dc8018ccdfe2f3fb

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:31 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 26 Nov 2019 16:42:10 GMT
server: nginx
age: 235093
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 34516

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 170D 3 KB
3 KB 21ms
20ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/330901cb-6c24-4165-b37e-5b4f69939eb1/video/330901cb-6c24-4165-b37e-5b4f69939eb1.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:32 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61823
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame A804 42 B
279 B 20ms
20ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=330901cb-6c24-4165-b37e-5b4f69939eb1&tp=SMAdFactory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:32 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883460
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame A804 42 B
279 B 21ms
20ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=330901cb-6c24-4165-b37e-5b4f69939eb1&tp=adl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:32 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883460
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_direct.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 170D 798 B
714 B 20ms
20ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_direct.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/330901cb-6c24-4165-b37e-5b4f69939eb1/video/330901cb-6c24-4165-b37e-5b4f69939eb1.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 9e37c26d26667a2aa46b31cff734cb9cd4bd1e6c9fbd0f6b064412ff7cd050b7

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:32 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 31 Oct 2019 09:15:38 GMT
server: nginx
age: 2503878
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 401

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 170D 24 KB
10 KB 10ms
10ms Script
application/javascript 195.138.255.11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_direct.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.138.255.11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: /
Resource Hash: 98fc00528a207dee025a6c14d3b5ddea456fe2a07a10cf88ff197e1cf1057141

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:32 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=206
Content-Length: 10143
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 170D 22 B
2 KB 134ms
133ms Script
application/javascript 185.86.137.43
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1160690&fmtid=70691&async=1&visit=m&tmstp=8784608988&tag=sas_70691&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Server: 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Nov 2019 10:00:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b13%3b52
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5 Show response
vast.sunmedia.tv/creatives/ 1 KB
702 B 21ms
21ms XHR
text/xml 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/855c843c-c46c-46a8-994a-d0500eeecff5
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 8e3194a6bf96d447a6e3d867e9d185b37bedc8b7e94eda83c1de94aac757ee08

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:32 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://play.leadzutw.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5.js Show response
creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/ Frame FA47 197 KB
34 KB 22ms
21ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: a569da07c37c944ab0d844c76666cc80de11e8a8cb8cdaea6144a6f199d126dc

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:32 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 26 Nov 2019 16:42:28 GMT
server: nginx
age: 235079
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 34574

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame C01A 3 KB
3 KB 21ms
21ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:33 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61824
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame FA47 42 B
279 B 21ms
20ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=SMAdFactory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:33 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883461
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame FA47 42 B
279 B 21ms
21ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=adl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:33 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883461
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_ava.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame C01A 895 B
736 B 21ms
20ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: a4c0d24adb25697451a4dfa83295e3208beb7debd06d615a67614319ae4e9fac

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:33 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 18 Mar 2019 17:18:45 GMT
server: nginx
age: 1291461
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 423

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame C01A 24 KB
10 KB 11ms
10ms Script
application/javascript 195.138.255.11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.138.255.11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: /
Resource Hash: 98fc00528a207dee025a6c14d3b5ddea456fe2a07a10cf88ff197e1cf1057141

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:33 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=205
Content-Length: 10143
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame C01A 22 B
2 KB 92ms
92ms Script
application/javascript 185.86.137.43
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=6223748519&tag=sas_70691&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Server: 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Nov 2019 10:00:32 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b21%3b132
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 21ms
21ms XHR
text/xml 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 3ba21f251feadf825b24c44ebe5752d3c53e572cbeb9779c5fb06a1b8bf5270e

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:33 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://play.leadzutw.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame D500 197 KB
34 KB 21ms
21ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: bb125eb80c0ee6b8eef6e30864775092684e571bb223684d8ae6b2d1c44c1759

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:33 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 26 Nov 2019 16:39:55 GMT
server: nginx
age: 235233
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 34572

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 010A 3 KB
3 KB 21ms
21ms Image
image/png 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:34 GMT
tp-cache: HIT
last-modified: Thu, 28 Nov 2019 16:42:50 GMT
server: nginx
age: 61825
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame D500 42 B
279 B 21ms
21ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=SMAdFactory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:34 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883463
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame D500 42 B
279 B 21ms
21ms Image
image/gif 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=adl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:34 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3883463
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_low.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 010A 895 B
737 B 21ms
20ms Script
application/javascript 51.68.180.203
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.180.203 , Germany, ASN16276 (OVH, FR),
Reverse DNS: ns3125521.ip-51-68-180.eu
Software: nginx /
Resource Hash: 00117fe5f15b6166d5979931289ff4c36ff22733e4a2457ed7701459510a5adb

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:34 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Fri, 05 Apr 2019 12:43:38 GMT
server: nginx
age: 1291463
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 424

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 010A 24 KB
10 KB 11ms
10ms Script
application/javascript 195.138.255.11
NETZBETRIEB-GMBH

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.138.255.11 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software: /
Resource Hash: 98fc00528a207dee025a6c14d3b5ddea456fe2a07a10cf88ff197e1cf1057141

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:34 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=204
Content-Length: 10143
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 010A 22 B
2 KB 86ms
86ms Script
application/javascript 185.86.137.43
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039318&fmtid=70691&async=1&visit=m&tmstp=5225714522&tag=sas_70691&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Server: 185.86.137.43 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 29 Nov 2019 10:00:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b21%3b79
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 916 B
666 B 14ms
14ms XHR
text/xml 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=232435217&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d025992081ffa3ce2684cb671e61bbabbe77fdc8e0dff74fb4c699e87fdfef8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Nov 2019 10:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://play.leadzutw.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 594
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 532E 38 KB
14 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=232435217

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 19:35:27 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:15:34 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 532E 273 KB
93 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=232435217

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:34 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 94888
X-XSS-Protection: 0
Expires: Fri, 29 Nov 2019 10:00:34 GMT

GET
H/1.1 200
OK bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame F009 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196419
Date: Fri, 29 Nov 2019 08:51:53 GMT
Expires: Sat, 28 Nov 2020 08:51:53 GMT
Last-Modified: Wed, 20 Nov 2019 19:30:13 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 4122

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 532E 26 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:800::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:00:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 532E 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=play.leadzutw.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 918 B
667 B 14ms
14ms XHR
text/xml 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1549103596&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3Dclick%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

fb5b4b0dbf4145e3be7d8ce2d29f7ca299ba775fd299182aea0b74f847cbf71e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Nov 2019 10:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://play.leadzutw.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 595
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D090 38 KB
14 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3Dclick%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=1549103596

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 19:35:27 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:15:36 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D090 273 KB
93 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3Dclick%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=1549103596

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:36 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 94888
X-XSS-Protection: 0
Expires: Fri, 29 Nov 2019 10:00:36 GMT

GET
H/1.1 200
OK bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame E342 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196419
Date: Fri, 29 Nov 2019 08:51:53 GMT
Expires: Sat, 28 Nov 2020 08:51:53 GMT
Last-Modified: Wed, 20 Nov 2019 19:30:13 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 4124

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D090 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:00:37 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D090 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=play.leadzutw.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 997 B
700 B 14ms
14ms XHR
text/xml 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=441039708&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

9f5fd0122a8c822b4dc3364b4134386d1b899b6cd5c54bfef3a4110462a7f7bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Nov 2019 10:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://play.leadzutw.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 628
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2169 38 KB
14 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=441039708

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 19:35:27 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:15:37 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2169 273 KB
93 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dauto%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp&correlator=441039708

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:37 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 94888
X-XSS-Protection: 0
Expires: Fri, 29 Nov 2019 10:00:37 GMT

GET
H/1.1 200
OK bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 2585 0
0 6ms
5ms Document
text/html 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196419
Date: Fri, 29 Nov 2019 08:51:53 GMT
Expires: Sat, 28 Nov 2020 08:51:53 GMT
Last-Modified: Wed, 20 Nov 2019 19:30:13 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 4125

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 2169 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:00:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2169 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=play.leadzutw.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 896 B
649 B 15ms
14ms XHR
text/xml 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-1799014259&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

828b1321873e68400cdfdf322ff8e490f78a4533846a753cc001a9f7d44de9c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Nov 2019 10:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://play.leadzutw.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 577
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8BFA 38 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 19:35:27 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:15:38 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8BFA 273 KB
93 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3Dclick%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:38 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 94888
X-XSS-Protection: 0
Expires: Fri, 29 Nov 2019 10:00:38 GMT

GET
H/1.1 200
OK bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 862B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196419
Date: Fri, 29 Nov 2019 08:51:53 GMT
Expires: Sat, 28 Nov 2020 08:51:53 GMT
Last-Modified: Wed, 20 Nov 2019 19:30:13 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 4126

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8BFA 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:800::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:00:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8BFA 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=play.leadzutw.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 / Show response
s.richaudience.com/vid/1rc6krD187/870791066/ 160 B
347 B 170ms
117ms XHR
text/xml 46.4.252.240
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.richaudience.com/vid/1rc6krD187/870791066/?hasConsent=1&consentString=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 46.4.252.240 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: eu.srv504.richaudience.com
Software: nginx/1.10.3 /
Resource Hash: 21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:40 GMT
content-encoding: gzip
server: nginx/1.10.3
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=UTF-8
access-control-allow-origin: http://play.leadzutw.com
access-control-max-age: 86400
access-control-allow-credentials: true

GET
H2 200 v2
es-sunicontent.videoplaza.tv/proxy/tracker/ 0
226 B 31ms
29ms Image
text/plain 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEO5RGLANIKPsEC1UdEhCNWXwCkE6EWZyYW5rZnVydCBhbSBtYWluQgMjIyM&pf=fl_11&pid=1225029e-128f-11ea-935a-0a58ac1627ed&s=MobusiIT/CarrerasPopDesktop&tid=1225029d-128f-11ea-935a-0a58ac1627ed&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Fri, 29 Nov 2019 10:00:40 GMT
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2 Show response
es-sunelespanol.videoplaza.tv/proxy/distributor/ 58 KB
4 KB 89ms
29ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIT/Desktop&tt=p&rt=vast_2.0&rnd=280262973&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3D2NVXEZWY2WFF%26lgid%3D9122717070.5465877401043553&vht=891&vwt=1584
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: 6a01afbebe884c079831664e53647f6415c52505f1938dfa89681d930d6cb4e8

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:40 GMT
content-encoding: gzip
status: 200
vary: Origin, Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: http://play.leadzutw.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 267639 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 165ms
165ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/267639?VPAID=JS&content_page_url=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3D2NVXEZWY2WFF%26lgid%3D9122717070.5465877401043553&cb=-321199973&player_width=1584&player_height=891&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:40 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000264
X-SpotX-Timing-SpotMarket: 0.144219
X-SpotX-Timing-Page-Mux: 0.000275
X-SpotX-Timing-Page-Require: 0.000513
X-fe: 132
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
Content-Length: 76
X-SpotX-Timing-Page: 0.148604
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000362
Last-Modified: Fri, 29 Nov 2019 10:00:40 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.047679
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: http://play.leadzutw.com
X-SpotX-Timing-Page-Misc: 0.002936
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.096540
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 669 B
512 B 14ms
14ms XHR
text/xml 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-134905249&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x480%26description_url%3Dhttp://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553%26vpos%3Dpreroll%26iu%3D%2F21631112852%2FRevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D1%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a2872e2c5802559aaf6fe1bf3a98342fc481406641a25e1403af61ad0ace8db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Nov 2019 10:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://play.leadzutw.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 440
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4ECC 38 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 19:35:27 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:15:40 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4ECC 273 KB
93 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:40 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 94888
X-XSS-Protection: 0
Expires: Fri, 29 Nov 2019 10:00:40 GMT

GET
H/1.1 200
OK bridge3.353.0_en.html
imasdk.googleapis.com/js/core/ Frame 193F 0
0 6ms
6ms Document
text/html 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.353.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196419
Date: Fri, 29 Nov 2019 08:51:53 GMT
Expires: Sat, 28 Nov 2020 08:51:53 GMT
Last-Modified: Wed, 20 Nov 2019 19:30:13 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 4128

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4ECC 26 KB
10 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:800::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:00:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4ECC 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=play.leadzutw.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 669 B
508 B 14ms
14ms XHR
text/xml 2a00:1450:4001:820::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-1459551979&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x480%26description_url%3Dhttp://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553%26vpos%3Dpreroll%26iu%3D%2F21631112852%2FRevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

a2872e2c5802559aaf6fe1bf3a98342fc481406641a25e1403af61ad0ace8db1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
Origin: http://play.leadzutw.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 29 Nov 2019 10:00:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://play.leadzutw.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 440
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A84D 38 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa/94fc3ae3-182d-4cd3-9594-155b5eaf8ffa.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 29 Nov 2019 10:00:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 20 Nov 2019 19:35:27 GMT
server: sffe
age: 1
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14224
x-xss-protection: 0
expires: Fri, 29 Nov 2019 10:15:40 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A84D 273 KB
93 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:820::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://play.leadzutw.com/red/zone.php%3Fcode%3D2NVXEZWY2WFF%26channel%3Dvastadp

Protocol

HTTP/1.1

Server

2a00:1450:4001:820::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://play.leadzutw.com/red/zone.php?code=2NVXEZWY2WFF&lgid=9122717070.5465877401043553
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Fri, 29 Nov 2019 10:00:41 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 94888
X-XSS-Protection: 0
Expires: Fri, 29 Nov 2019 10:00:41 GMT

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.leadzutw.com/	1970-01-19 14:15:57	Name: lz_frecy Value: %7B%222NVXEZWY2WFF%22%3A%7B%22times%22%3A1%2C%22time%22%3A1575068400%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ced.sascdn.com
creatives.sunmedia.tv
es-sunelespanol.videoplaza.tv
es-sunicontent.videoplaza.tv
fonts.googleapis.com
imasdk.googleapis.com
platform.sunmedia.tv
play.leadzutw.com
s.richaudience.com
s0.2mdn.net
search.spotxchange.com
services.sunmedia.tv
static.sunmedia.tv
tpc.googlesyndication.com
track.sunmedia.tv
vast.sunmedia.tv
www8.smartadserver.com
185.28.138.9
185.86.137.43
185.94.180.124
195.138.255.11
212.92.39.33
2a00:1450:4001:800::2002
2a00:1450:4001:800::2006
2a00:1450:4001:820::2001
2a00:1450:4001:820::200a
46.4.252.240
51.68.180.203
51.68.35.185
00117fe5f15b6166d5979931289ff4c36ff22733e4a2457ed7701459510a5adb
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0e3f100f141f1f81a6156791d5ca3db32c9ea353e15bf5bc0a38272e247bb8ff
0f1d1df8704b0606a918c920a13dbdd1d90783b83f11c328b8045b56eed0c9a1
194b85c10c911ac7a204d734b732c3b7af39682d9690273d56d0fc808be650a8
21aa80733a2e64012e3f4f18beb996d922b2cbe4eb24fe383c556ee13baf1fd2
270171eb1c94d47a8f7489a38958d11b3473827bc9acc7866e17f39e6038f133
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2
3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3
3ba21f251feadf825b24c44ebe5752d3c53e572cbeb9779c5fb06a1b8bf5270e
47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60
4b3ca5b4a532ddc3c3ac36211c0aa738bdc70d32affacfe1dc8018ccdfe2f3fb
4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877
529c00446502c1e3f4c46ed903dcd0a20d3f10a1ca22c7b790d448e6d8cb6902
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5fa6833aaa4245a425c0bf047e200f7be29f46246239529a6e4ac8085736671d
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
6a01afbebe884c079831664e53647f6415c52505f1938dfa89681d930d6cb4e8
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb
828b1321873e68400cdfdf322ff8e490f78a4533846a753cc001a9f7d44de9c3
8e3194a6bf96d447a6e3d867e9d185b37bedc8b7e94eda83c1de94aac757ee08
98fc00528a207dee025a6c14d3b5ddea456fe2a07a10cf88ff197e1cf1057141
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9e37c26d26667a2aa46b31cff734cb9cd4bd1e6c9fbd0f6b064412ff7cd050b7
9f5fd0122a8c822b4dc3364b4134386d1b899b6cd5c54bfef3a4110462a7f7bc
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a2872e2c5802559aaf6fe1bf3a98342fc481406641a25e1403af61ad0ace8db1
a4c0d24adb25697451a4dfa83295e3208beb7debd06d615a67614319ae4e9fac
a4c84868d01693b6465ba01a3c688ad2b7e7bfb0ca87878d7e2b1b4832f61e2e
a569da07c37c944ab0d844c76666cc80de11e8a8cb8cdaea6144a6f199d126dc
a900cf30af5c043697090d375d6babafc4d0a0b85a99e5e4317b1c358946a729
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
bb125eb80c0ee6b8eef6e30864775092684e571bb223684d8ae6b2d1c44c1759
bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412
d025992081ffa3ce2684cb671e61bbabbe77fdc8e0dff74fb4c699e87fdfef8c
d256f9bed1d8c231a3089c24127859474d4081637fc3660003750e13761ceaa5
dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea008d427b7b50f3ad66c49b3c2cff6153d364bb8ca02ea3a3863ace13825c2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fb5b4b0dbf4145e3be7d8ce2d29f7ca299ba775fd299182aea0b74f847cbf71e

play.leadzutw.com Open in urlscan Pro 212.92.39.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

95 Requests

81 %HTTPS

33 %IPv6

11 Domains

18 Subdomains

13 IPs

5 Countries

1102 kBTransfer

3591 kBSize

1 Cookies

0 Outgoing links

Redirected requests

95 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

play.leadzutw.com Open in urlscan Pro
212.92.39.33 Public Scan

Screenshot
Live screenshot

Full Image

95
Requests

81 %
HTTPS

33 %
IPv6

11
Domains

18
Subdomains

13
IPs

5
Countries

1102 kB
Transfer

3591 kB
Size

1
Cookies

95 HTTP transactions
2 data transactions