play.leadzutw.com Open in urlscan Pro
212.92.39.33 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865
Submission: On October 07 via api (October 7th 2019, 12:45:54 pm UTC) from CA

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 9 IPs in 5 countries across 5 domains to perform 15 HTTP transactions. The main IP is 212.92.39.33, located in Barcelona, Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzutw.com.

This is the only time play.leadzutw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	212.92.39.33 212.92.39.33	24592 (NEXICA-AS) (NEXICA-AS)
1 4	185.103.39.29 185.103.39.29	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks - StackScale)
3	51.68.35.185 51.68.35.185	16276 (OVH) (OVH)
1	51.68.180.203 51.68.180.203	16276 (OVH) (OVH)
2	159.69.59.228 159.69.59.228	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:215... 2600:9000:2156:2000:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 3	2.16.186.51 2.16.186.51	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 2	2.19.43.224 2.19.43.224	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.195.227.0 18.195.227.0	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
15	9

1 212.92.39.33 (Barcelona, Spain)

ASN24592 (NEXICA-AS, ES)

play.leadzutw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.103.39.29 (Madrid, Spain) 1 redirects

ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES)

platform.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 51.68.35.185 (France)

ASN16276 (OVH, FR)
PTR: ns3128584.ip-51-68-35.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.68.180.203 (Germany)

ASN16276 (OVH, FR)
PTR: ns3125521.ip-51-68-180.eu

services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.59.228 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cm016.richaudience.com

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:2000:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.186.51 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-51.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.19.43.224 (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-19-43-224.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.195.227.0 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-195-227-0.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	sunmedia.tv 1 redirects platform.sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv	54 KB
5	scorecardresearch.com 2 redirects b.scorecardresearch.com sb.scorecardresearch.com	3 KB
2	agkn.com js.agkn.com d.agkn.com	3 KB
2	richaudience.com sync.richaudience.com	615 B
1	leadzutw.com play.leadzutw.com	499 B
15	5

	Domain	Requested by
5	static.sunmedia.tv	play.leadzutw.com static.sunmedia.tv
3	b.scorecardresearch.com	1 redirects play.leadzutw.com
2	sb.scorecardresearch.com	1 redirects
2	sync.richaudience.com	play.leadzutw.com sync.richaudience.com
1	d.agkn.com	js.agkn.com
1	track.sunmedia.tv
1	js.agkn.com	play.leadzutw.com
1	services.sunmedia.tv	static.sunmedia.tv
1	platform.sunmedia.tv	1 redirects
1	play.leadzutw.com
15	10

This site contains no links.

Subject Issuer	Validity	Valid
*.sunmedia.tv COMODO RSA Domain Validation Secure Server CA	`2018-01-19` - `2021-01-18`	3 years	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh

This page contains 3 frames:

Primary Page: http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865
Frame ID: B6AC67249EEB487D71454F61EFF07D8F
Requests: 13 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=225161675&gdpr=&gdpr_consent=&url=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D%26lgid%3D6372977520.3074153816471865&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D%26lgid%3D6372977520.3074153816471865%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Automotive%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 7539003CE146E49DBC1C7D2376BD87F3
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6230635&pubconsent=1&euconsent=1&hasConsent=1
Frame ID: 4DEB3B175D7BD701B6CB045C98B24F2A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

15
Requests

73 %
HTTPS

11 %
IPv6

5
Domains

10
Subdomains

9
IPs

5
Countries

60 kB
Transfer

193 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://platform.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78.js HTTP 301
https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js

Request Chain 9

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=151937164&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3229368 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=151937164&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3229368

Request Chain 12

http://b.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1570452339305&ns_c=UTF-8&cv=3.1e&c8=&c7=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D%26lgid%3D6372977520.3074153816471865&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1570452339305&ns_c=UTF-8&cv=3.1e&c8=&c7=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D%26lgid%3D6372977520.3074153816471865&c9=

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set zone.php Show response play.leadzutw.com/red/	163 B 499 B	101ms 84ms	Document text/html	212.92.39.33 NEXICA-AS
General Check archive.org Show headers Download Go to Full URL http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Protocol HTTP/1.1 Server 212.92.39.33 Barcelona, Spain, ASN24592 (NEXICA-AS, ES), Reverse DNS Software Apache / Resource Hash `c921149343a1db9c884fb102df32ee09612607755431d22aa1da164f93a2dbb2` Request headers Host play.leadzutw.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 07 Oct 2019 12:40:18 GMT Content-Type text/html; charset=UTF-8 Content-Length 163 Connection close Server Apache Set-Cookie lz_frecy=%7B%22QQAF0RIA4PN8%22%3A%7B%22times%22%3A1%2C%22time%22%3A1570485600%7D%7D; expires=Tue, 06-Oct-2020 12:45:39 GMT; Max-Age=31536000; path=/; domain=.leadzutw.com
GET H2	200	0bd65cfe-9647-43af-ab7d-2911a606dd78.js Show response static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/ Redirect Chain https://platform.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78.js https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js	169 KB 45 KB	46ms 45ms	Script application/javascript	185.103.39.29 StackScale
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Requested by Host: play.leadzutw.com URL: http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Resource Hash `389caeaef04da85b77d6fa7eab27c4bab70549af62aed73f3d2b098058ba5f7a` Request headers Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 12:45:38 GMT content-encoding gzip tp-cache HIT age 1218188 status 200 x-device desktop content-length 45970 last-modified Mon, 23 Sep 2019 10:20:42 GMT server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript cache-control max-age=0, s-maxage=2592001 access-control-allow-credentials true tp-l2-cache HIT accept-ranges bytes Redirect headers date Mon, 07 Oct 2019 12:45:38 GMT content-encoding gzip tp-cache HIT age 413081 status 301 x-device desktop content-length 244 server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/html; charset=UTF-8 location https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js cache-control max-age=0, s-maxage=2592000 access-control-allow-credentials true tp-l2-cache MISS accept-ranges bytes
GET H2	200	eu_country.php Show response static.sunmedia.tv/SMVpaidCreatives/geotarget/	19 B 369 B	74ms 24ms	XHR application/json	51.68.35.185 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMVpaidCreatives/geotarget/eu_country.php Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.68.35.185 , France, ASN16276 (OVH, FR), Reverse DNS ns3128584.ip-51-68-35.eu Software nginx / Resource Hash `2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2` Request headers Sec-Fetch-Mode cors Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 12:45:39 GMT content-encoding gzip tp-cache HIT age 1479395 status 200 x-device desktop content-length 39 server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin http://play.leadzutw.com cache-control max-age=0, s-maxage=2592000 access-control-allow-credentials true tp-l2-cache MISS accept-ranges bytes
GET H2	200	country.php Show response services.sunmedia.tv/geotarget/	16 B 262 B	82ms 27ms	XHR application/json	51.68.180.203 OVH
General Check archive.org Show headers Download Go to Full URL https://services.sunmedia.tv/geotarget/country.php Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.68.180.203 , Germany, ASN16276 (OVH, FR), Reverse DNS ns3125521.ip-51-68-180.eu Software nginx / Resource Hash `61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af` Request headers Sec-Fetch-Mode cors Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 12:45:39 GMT tp-cache HIT server nginx age 1541828 vary Accept-Encoding content-type application/json status 200 cache-control max-age=0, s-maxage=2592000 access-control-allow-credentials true x-device desktop accept-ranges bytes access-control-allow-origin http://play.leadzutw.com content-length 16
GET H2	200	intext-1-0.json Show response static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/	2 KB 1017 B	74ms 24ms	XHR application/json	51.68.35.185 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/intext-1-0.json Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.68.35.185 , France, ASN16276 (OVH, FR), Reverse DNS ns3128584.ip-51-68-35.eu Software nginx / Resource Hash `8d216e7a57e631fe549b5204199879217d1451f5f1213d75b226ca0980952637` Request headers Sec-Fetch-Mode cors Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 12:45:39 GMT content-encoding gzip tp-cache HIT age 863521 status 200 x-device desktop content-length 699 last-modified Fri, 27 Sep 2019 01:03:44 GMT server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=2592000 tp-l2-cache MISS accept-ranges bytes
GET H2	200	outstream.json Show response static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/	3 KB 1 KB	74ms 25ms	XHR application/json	51.68.35.185 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/outstream.json Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.68.35.185 , France, ASN16276 (OVH, FR), Reverse DNS ns3128584.ip-51-68-35.eu Software nginx / Resource Hash `c7ef7c6a54790c868c5d7e400a17a922f3d646fe8a47d98db133070da6a5fe34` Request headers Sec-Fetch-Mode cors Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 12:45:39 GMT content-encoding gzip tp-cache HIT age 509893 status 200 x-device desktop content-length 1171 last-modified Tue, 01 Oct 2019 15:07:17 GMT server nginx vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=2592000 tp-l2-cache MISS accept-ranges bytes
GET H2	200	adblockDetector.js Show response static.sunmedia.tv/SMSdk/assets/AdBlockDetection/	13 KB 5 KB	44ms 44ms	Script application/javascript	185.103.39.29 StackScale
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Resource Hash `4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60` Request headers Sec-Fetch-Mode no-cors Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 12:45:39 GMT content-encoding gzip tp-cache HIT last-modified Tue, 24 Sep 2019 12:10:05 GMT server nginx age 1125262 vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=0, s-maxage=2592000 content-length 4831 tp-l2-cache HIT accept-ranges bytes x-device desktop
GET H/1.1	200 OK	/ Show response sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/	867 B 615 B	106ms 33ms	Script text/html	159.69.59.228 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ Requested by Host: play.leadzutw.com URL: http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 159.69.59.228 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cm016.richaudience.com Software nginx/1.10.3 / Resource Hash `b93a56776fd7b22e2e828f7adf8b88e3ba677c0c9ddce99fc3a0ffa3dbd094e6` Request headers Sec-Fetch-Mode no-cors Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 07 Oct 2019 12:45:39 GMT Content-Encoding gzip Server nginx/1.10.3 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H2	200	tag.js Show response js.agkn.com/prod/v0/	3 KB 3 KB	29ms 7ms	Script application/javascript	2600:9000:2156:2000:15:efbc:e300:93a1 Amazon.com
General Check archive.org Show headers Download Go to Full URL https://js.agkn.com/prod/v0/tag.js Requested by Host: play.leadzutw.com URL: http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:2156:2000:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS Software AmazonS3 / Resource Hash `bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8` Request headers Sec-Fetch-Mode no-cors Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Sun, 06 Oct 2019 19:25:11 GMT via 1.1 436c247027acc191b22ece964efbaeca.cloudfront.net (CloudFront) last-modified Thu, 11 Jul 2019 15:46:11 GMT server AmazonS3 age 80277 etag "a5442c681a576408c25edbf365995343" x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA50-C1 accept-ranges bytes content-length 3167 x-amz-cf-id YLMhGLcLsvRINbG2_Ac8_OpkTGV5MfKuVbqOzNGLjjlrRrjWEWGEoA==
GET H/1.1	200 OK	beacon.js Show response b.scorecardresearch.com/	1 KB 1 KB	51ms 33ms	Script application/x-javascript	2.16.186.51 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL http://b.scorecardresearch.com/beacon.js Requested by Host: play.leadzutw.com URL: http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Protocol HTTP/1.1 Server 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-51.deploy.static.akamaitechnologies.com Software / Resource Hash `76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313` Request headers Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Mon, 07 Oct 2019 12:45:39 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 902 Expires Tue, 08 Oct 2019 12:45:39 GMT
GET H/1.1	200 OK	p2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=151937164&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct... https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=151937164&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_c...	43 B 309 B	29ms 29ms	Image image/gif	2.19.43.224 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=151937164&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=null&c4=null&c6=null&ns_ts=3229368 Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 2.19.43.224 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-19-43-224.deploy.static.akamaitechnologies.com Software / Resource Hash `24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db` Request headers Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 07 Oct 2019 12:45:39 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=151937164&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=null&c4=null&c6=null&ns_ts=3229368 Pragma* no-cache Date Mon, 07 Oct 2019 12:45:39 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ track.sunmedia.tv/	42 B 278 B	55ms 54ms	Image image/gif	185.103.39.29 StackScale
General Check archive.org Show headers Download Go to Show image Full URL https://track.sunmedia.tv/?ap=smptf&it=0bd65cfe-9647-43af-ab7d-2911a606dd78&tp=op&pb=1&pos=0&loop=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES), Reverse DNS Software nginx / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Sec-Fetch-Mode no-cors Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Mon, 07 Oct 2019 12:45:39 GMT tp-cache HIT last-modified Thu, 15 Nov 2018 09:59:07 GMT server nginx age 3005701 vary Accept-Encoding content-type image/gif status 200 cache-control max-age=0, s-maxage=31536000 access-control-allow-credentials true x-device desktop accept-ranges bytes content-length 42
GET H/1.1	200 OK	Cookie set / d.agkn.com/iframe/8613/ Frame 7539	0 0	63ms 45ms	Document text/html	18.195.227.0 Amazon.com
General Check archive.org Show headers Download Go to Full URL http://d.agkn.com/iframe/8613/?che=225161675&gdpr=&gdpr_consent=&url=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D%26lgid%3D6372977520.3074153816471865&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D%26lgid%3D6372977520.3074153816471865%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Automotive%22%2C%22brd%22%3A%22-1%22%7D Requested by Host: js.agkn.com URL: https://js.agkn.com/prod/v0/tag.js Protocol HTTP/1.1 Server 18.195.227.0 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US), Reverse DNS ec2-18-195-227-0.eu-central-1.compute.amazonaws.com Software Apache-Coyote/1.1 / Resource Hash Request headers Host d.agkn.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Accept-Encoding gzip, deflate Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Response headers Cache-Control no-cache, must-revalidate Content-Type text/html;charset=UTF-8 Date Mon, 07 Oct 2019 12:45:38 GMT Expires Sat, 01 Jan 2000 00:00:00 GMT P3P CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" Pragma no-cache Server Apache-Coyote/1.1 Set-Cookie ab=0001%3AH9zDZylGaiSZKu8eKMWMr9JotZbAEMPa;Max-Age=31536000;domain=agkn.com;path=/ u=C\|0AEAlLe_zJS3v8wAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/ Content-Length 479 Connection keep-alive
GET H/1.1	204 No Content	b2 b.scorecardresearch.com/ Redirect Chain http://b.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1570452339305&ns_c=UTF-8&cv=3.1e&c8=&c7=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D... http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1570452339305&ns_c=UTF-8&cv=3.1e&c8=&c7=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3...	0 248 B	26ms 26ms	Image text/plain	2.16.186.51 AKAMAI-ASN1
General Check archive.org Show headers Download Go to Show image Full URL http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1570452339305&ns_c=UTF-8&cv=3.1e&c8=&c7=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D%26lgid%3D6372977520.3074153816471865&c9= Protocol HTTP/1.1 Server 2.16.186.51 , Ascension Island, ASN20940 (AKAMAI-ASN1, US), Reverse DNS a2-16-186-51.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Mon, 07 Oct 2019 12:45:39 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1570452339305&ns_c=UTF-8&cv=3.1e&c8=&c7=http%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%3D%26pubid%3D%26lgid%3D6372977520.3074153816471865&c9= Pragma no-cache Date Mon, 07 Oct 2019 12:45:39 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 4DEB	0 0	218ms 139ms	Document text/html	159.69.59.228 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=6230635&pubconsent=1&euconsent=1&hasConsent=1 Requested by Host: sync.richaudience.com URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ Protocol HTTP/1.1 Security TLS 1.3, , AES_256_GCM Server 159.69.59.228 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cm016.richaudience.com Software nginx/1.10.3 / Resource Hash Request headers Host sync.richaudience.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3 Sec-Fetch-Site cross-site Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Accept-Encoding gzip, deflate, br Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Sec-Fetch-Mode nested-navigate Referer http://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a=&pubid=&lgid=6372977520.3074153816471865 Response headers Server nginx/1.10.3 Date Mon, 07 Oct 2019 12:45:39 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Encoding gzip

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.leadzutw.com/	1970-01-19 12:59:48	Name: lz_frecy Value: %7B%22QQAF0RIA4PN8%22%3A%7B%22times%22%3A1%2C%22time%22%3A1570485600%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b.scorecardresearch.com
d.agkn.com
js.agkn.com
platform.sunmedia.tv
play.leadzutw.com
sb.scorecardresearch.com
services.sunmedia.tv
static.sunmedia.tv
sync.richaudience.com
track.sunmedia.tv
159.69.59.228
18.195.227.0
185.103.39.29
2.16.186.51
2.19.43.224
212.92.39.33
2600:9000:2156:2000:15:efbc:e300:93a1
51.68.180.203
51.68.35.185
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2
389caeaef04da85b77d6fa7eab27c4bab70549af62aed73f3d2b098058ba5f7a
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
8d216e7a57e631fe549b5204199879217d1451f5f1213d75b226ca0980952637
b93a56776fd7b22e2e828f7adf8b88e3ba677c0c9ddce99fc3a0ffa3dbd094e6
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
c7ef7c6a54790c868c5d7e400a17a922f3d646fe8a47d98db133070da6a5fe34
c921149343a1db9c884fb102df32ee09612607755431d22aa1da164f93a2dbb2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

play.leadzutw.com Open in urlscan Pro 212.92.39.33 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

73 %HTTPS

11 %IPv6

5 Domains

10 Subdomains

9 IPs

5 Countries

60 kBTransfer

193 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

1 Cookies

Indicators

play.leadzutw.com Open in urlscan Pro
212.92.39.33 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

73 %
HTTPS

11 %
IPv6

5
Domains

10
Subdomains

9
IPs

5
Countries

60 kB
Transfer

193 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions