URL: http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Submission: On December 03 via api from CA

Summary

This website contacted 13 IPs in 6 countries across 12 domains to perform 44 HTTP transactions. The main IP is 212.92.39.35, located in Barcelona, Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzutw.com.
This is the only time play.leadzutw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 212.92.39.35 24592 (NEXICA-AS)
1 7 51.68.35.185 16276 (OVH)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
3 51.91.154.17 16276 (OVH)
16 34.243.240.54 16509 (AMAZON-02)
1 34.255.174.41 16509 (AMAZON-02)
1 37.252.173.22 29990 (ASN-APPNEXUS)
1 185.86.137.17 201081 (SMARTADSE...)
1 2.18.234.233 16625 (AKAMAI-AS)
1 3 18.195.171.24 16509 (AMAZON-02)
3 178.250.0.130 44788 (ASN-CRITE...)
1 178.250.2.152 44788 (ASN-CRITE...)
44 13
Domain Requested by
16 antenna.ayads.co play.leadzutw.com
6 static.sunmedia.tv play.leadzutw.com
static.sunmedia.tv
3 static.criteo.net sac.ayads.co
3 ad.360yield.com 1 redirects play.leadzutw.com
2 track.sunmedia.tv
1 bidder.criteo.com static.criteo.net
1 ads.stickyadstv.com sac.ayads.co
1 www8.smartadserver.com sac.ayads.co
1 ib.adnxs.com sac.ayads.co
1 optchk.ayads.co sac.ayads.co
1 geoworker.ayads.co sac.ayads.co
1 services.sunmedia.tv static.sunmedia.tv
1 sac.ayads.co play.leadzutw.com
1 platform.sunmedia.tv 1 redirects
1 play.leadzutw.com
0 id5-sync.com Failed play.leadzutw.com
0 track.adform.net Failed play.leadzutw.com
0 cm.g.doubleclick.net Failed play.leadzutw.com
0 creative.360yield.com Failed play.leadzutw.com
44 19

This site contains no links.

Subject Issuer Validity Valid
*.sunmedia.tv
COMODO RSA Domain Validation Secure Server CA
2018-01-19 -
2021-01-18
3 years crt.sh
*.ayads.co
DigiCert SHA2 Secure Server CA
2018-06-15 -
2020-06-30
2 years crt.sh
*.criteo.net
DigiCert ECC Secure Server CA
2019-03-26 -
2020-03-30
a year crt.sh
*.criteo.com
DigiCert ECC Secure Server CA
2019-03-28 -
2020-04-01
a year crt.sh

This page contains 3 frames:

Primary Page: http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Frame ID: 71013DCFD284542BD35ED71FDD07B704
Requests: 32 HTTP requests in this frame

Frame: data://truncated
Frame ID: D8A82950D60D85AEE47E256161BD3DD4
Requests: 9 HTTP requests in this frame

Frame: https://static.criteo.net/js/ld/publishertag.js
Frame ID: 51AF3BA6AB1B7279773A9208CF27ABC0
Requests: 4 HTTP requests in this frame

Screenshot


Detected technologies

Overall confidence: 100%
Detected patterns
  • url /\.php(?:$|\?)/i

Overall confidence: 100%
Detected patterns
  • headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|\b)HTTPD)/i

Page Statistics

44
Requests

34 %
HTTPS

8 %
IPv6

12
Domains

19
Subdomains

13
IPs

6
Countries

251 kB
Transfer

781 kB
Size

1
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://platform.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js HTTP 301
  • https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
Request Chain 26
  • http://ad.360yield.com/adj?p=12057166&w=1800&h=1000&tz=-60&click3rd= HTTP 302
  • http://ad.360yield.com/ul_cb/adj?p=12057166&w=1800&h=1000&tz=-60&click3rd=
Request Chain 32
  • http://ib.adnxs.com/getuid?http://ad.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOX5uluOq-qvPCLAAAENCx-AAAAs7AAA HTTP 302
  • http://ad.360yield.com/match?external_user_id=8848007513179042643&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOX5uluOq-qvPCLAAAENCx-AAAAs7AAA

44 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set zone.php
play.leadzutw.com/red/
266 B
602 B
Document
General
Full URL
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Protocol
HTTP/1.1
Server
212.92.39.35 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software
Apache /
Resource Hash
cb493b9642a7a0b19fa80bdf479b6b68ea8826f6a51a16bef0f2c94a7c7260ca

Request headers

Host
play.leadzutw.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding
gzip, deflate
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:26 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
266
Connection
close
Server
Apache
Set-Cookie
lz_frecy=%7B%22I8GZIGH2WWWX%22%3A%7B%22times%22%3A1%2C%22time%22%3A1575414000%7D%7D; expires=Wed, 02-Dec-2020 14:00:26 GMT; Max-Age=31536000; path=/; domain=.leadzutw.com
51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/
Redirect Chain
  • https://platform.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
  • https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
174 KB
47 KB
Script
General
Full URL
https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
Requested by
Host: play.leadzutw.com
URL: http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3128584.ip-51-68-35.eu
Software
nginx /
Resource Hash
b46cad6e548e3cb4ac48217311e0785a56a00f5e924383f798dbb84e77bc1cb8

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 14:00:26 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Mon, 02 Dec 2019 11:01:04 GMT
server
nginx
age
96988
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
status
200
cache-control
max-age=0, s-maxage=2592001
access-control-allow-credentials
true
x-device
desktop
accept-ranges
bytes
content-length
47591

Redirect headers

date
Tue, 03 Dec 2019 14:00:26 GMT
content-encoding
gzip
tp-cache
HIT
server
nginx
age
1139625
location
https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
text/html; charset=UTF-8
status
301
cache-control
max-age=0, s-maxage=2592000
access-control-allow-credentials
true
x-device
desktop
accept-ranges
bytes
vary
Accept-Encoding
content-length
243
27215
sac.ayads.co/sublime/
487 KB
151 KB
Script
General
Full URL
https://sac.ayads.co/sublime/27215
Requested by
Host: play.leadzutw.com
URL: http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
34ef7cdc6b2637af1e94d4f8085e68ad9f14c7ba1ea6d78d87850042ec0b638c

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
public
date
Tue, 03 Dec 2019 14:00:26 GMT
content-encoding
gzip
cf-cache-status
MISS
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
status
200
cache-control
public, max-age=3600
cf-ray
53f6111ebfa7cbcc-VIE
expires
Tue, 03 Dec 2019 14:33:44 GMT
eu_country.php
static.sunmedia.tv/SMVpaidCreatives/geotarget/
19 B
316 B
XHR
General
Full URL
https://static.sunmedia.tv/SMVpaidCreatives/geotarget/eu_country.php
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.91.154.17 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3158246.ip-51-91-154.eu
Software
nginx /
Resource Hash
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com

Response headers

date
Tue, 03 Dec 2019 14:00:26 GMT
tp-cache
HIT
server
nginx
age
1288012
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
status
200
cache-control
max-age=0, s-maxage=2592000
access-control-allow-credentials
true
x-device
desktop
accept-ranges
bytes
access-control-allow-origin
http://play.leadzutw.com
content-length
19
country.php
services.sunmedia.tv/geotarget/
16 B
262 B
XHR
General
Full URL
https://services.sunmedia.tv/geotarget/country.php
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3128584.ip-51-68-35.eu
Software
nginx /
Resource Hash
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com

Response headers

date
Tue, 03 Dec 2019 14:00:26 GMT
tp-cache
HIT
server
nginx
age
1286097
vary
Accept-Encoding
content-type
application/json
status
200
cache-control
max-age=0, s-maxage=2592000
access-control-allow-credentials
true
x-device
desktop
accept-ranges
bytes
access-control-allow-origin
http://play.leadzutw.com
content-length
16
intext-1-0.json
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/
2 KB
2 KB
XHR
General
Full URL
https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/intext-1-0.json
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.91.154.17 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3158246.ip-51-91-154.eu
Software
nginx /
Resource Hash
cf04c8ff532d67438488ca446b5de95074533ade08c90edc9ac9aa5a0c212cb2

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com

Response headers

date
Tue, 03 Dec 2019 14:00:27 GMT
tp-cache
HIT
last-modified
Mon, 02 Dec 2019 18:32:28 GMT
server
nginx
age
70075
status
200
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=2592000
content-length
1935
accept-ranges
bytes
x-device
desktop
outstream.json
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/
22 B
306 B
XHR
General
Full URL
https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.91.154.17 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3158246.ip-51-91-154.eu
Software
nginx /
Resource Hash
a900cf30af5c043697090d375d6babafc4d0a0b85a99e5e4317b1c358946a729

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com

Response headers

date
Tue, 03 Dec 2019 14:00:27 GMT
tp-cache
HIT
last-modified
Fri, 18 Oct 2019 10:57:34 GMT
server
nginx
age
73805
status
200
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=2592000
content-length
22
accept-ranges
bytes
x-device
desktop
adblockDetector.js
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/
13 KB
5 KB
Script
General
Full URL
https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3128584.ip-51-68-35.eu
Software
nginx /
Resource Hash
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 14:00:27 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Mon, 02 Dec 2019 17:27:45 GMT
server
nginx
age
73805
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
accept-ranges
bytes
content-length
4831
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=0&e=l&tse=1575381627095&et=1336&tfz=11&sqid=1&bw=1600&bh=1200
Requested by
Host: play.leadzutw.com
URL: http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:27 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
track.sunmedia.tv/
42 B
278 B
Image
General
Full URL
https://track.sunmedia.tv/?ap=smptf&it=51e2e0f6-fd8c-4fd4-a836-e64c170297ce&tp=op&pb=1&pos=2&loop=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3128584.ip-51-68-35.eu
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 14:00:27 GMT
tp-cache
HIT
last-modified
Thu, 15 Nov 2018 09:59:07 GMT
server
nginx
age
1286112
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, s-maxage=31536000
access-control-allow-credentials
true
content-length
42
accept-ranges
bytes
x-device
desktop
adblockDetector.js
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/
13 KB
5 KB
Script
General
Full URL
https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/51e2e0f6-fd8c-4fd4-a836-e64c170297ce/51e2e0f6-fd8c-4fd4-a836-e64c170297ce.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3128584.ip-51-68-35.eu
Software
nginx /
Resource Hash
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 14:00:27 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Mon, 02 Dec 2019 17:27:45 GMT
server
nginx
age
73805
vary
Accept-Encoding
content-type
application/javascript
status
200
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
accept-ranges
bytes
content-length
4831
/
track.sunmedia.tv/
42 B
278 B
Image
General
Full URL
https://track.sunmedia.tv/?ap=smptf&it=51e2e0f6-fd8c-4fd4-a836-e64c170297ce&tp=op&pb=1&pos=13&loop=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3128584.ip-51-68-35.eu
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 14:00:27 GMT
tp-cache
HIT
last-modified
Thu, 15 Nov 2018 09:59:07 GMT
server
nginx
age
1286112
vary
Accept-Encoding
content-type
image/gif
status
200
cache-control
max-age=0, s-maxage=31536000
access-control-allow-credentials
true
content-length
42
accept-ranges
bytes
x-device
desktop
/
geoworker.ayads.co/
1 B
337 B
XHR
General
Full URL
https://geoworker.ayads.co/
Requested by
Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/27215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6814:a25 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com

Response headers

date
Tue, 03 Dec 2019 14:00:28 GMT
server
cloudflare
sublime-worker
true
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain;charset=UTF-8
status
200
cf-ray
53f61127dcc75a18-VIE
access-control-allow-origin
*
content-length
1
/
optchk.ayads.co/
25 B
288 B
Script
General
Full URL
http://optchk.ayads.co/?callback=sublimeCb1575381627087
Requested by
Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/27215
Protocol
HTTP/1.1
Server
34.255.174.41 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-255-174-41.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
31d0b2ae7f5658227edb36de02ddc29fbd26303331268f524e2cd2ec9db601bd

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 14:00:28 GMT
Server
nginx
Content-Type
application/javascript
Cache-Control
no-store, no-cache, must-revalidate
Connection
keep-alive
Content-Length
25
Expires
Sun, 01 Jan 2014 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/
165 B
1 KB
XHR
General
Full URL
http://ib.adnxs.com/ut/v3/prebid
Requested by
Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/27215
Protocol
HTTP/1.1
Server
37.252.173.22 , Ascension Island, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),
Reverse DNS
536.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.13.4 /
Resource Hash
43ab7fb6f15834fd5f4d280bf2f1be7bfae4fb74a2172e2302265953ef08c4b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 14:00:30 GMT
X-Proxy-Origin
89.38.96.189; 89.38.96.189; 536.bm-nginx-loadbalancer.mgmt.fra1; *.adnxs.com; 37.252.173.39:80
AN-X-Request-Uuid
fd9eee1a-a2c3-4f7c-9ca4-1c6cf946479b
Server
nginx/1.13.4
P3P
policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
http://play.leadzutw.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
165
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&e=p&gd&gdv&tse=1575381628157&et=2398&tfz=1073&sqid=2&bw=1600&bh=1200&ph=1200
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133276&at=skinz&gcp=0&sspname=sspv3-appnexus3&sspplid=14592338&isssp=1&e=sspc&tse=1575381628158&et=2398&tfz=1074&sqid=3
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133276&at=skinz&gcp=0&e=zvid1&tse=1575381628161&et=2402&tfz=1077&sqid=4
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133276&at=skinz&gcp=0&e=ddsv0&tse=1575381628161&et=2402&tfz=1077&sqid=5
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133276&at=skinz&gcp=0&e=datp1&tse=1575381628162&et=2403&tfz=1078&sqid=6
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
ac
www8.smartadserver.com/
0
1 KB
XHR
General
Full URL
http://www8.smartadserver.com/ac?siteid=277791&pgid=1028825&fmtid=42281&visit=M&tmstp=1575381628310&out=json&sh=1200&sw=1600&tgt=json%3Bgm%3D0%3Bscreen%3Dlarge%3Blarge_screen%3DTRUE&gdpr=1
Requested by
Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/27215
Protocol
HTTP/1.1
Server
185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 14:00:28 GMT
X-SMRT-D
3%3b6%3b135
P3P
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin
http://play.leadzutw.com
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Content-Type
application/json
Content-Length
0
Expires
-1
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133276&at=skinz&gcp=0&sspname=sspv3-appnexus3&sspplid=14592338&isssp=1&e=sspko&sspr=1&rt=156&tse=1575381628312&et=2553&tfz=1228&sqid=7
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133708&at=skinz&gcp=0&sspname=sspv3-smartadserver&sspplid=277791%7C1028825%7C42281&isssp=1&e=sspc&tse=1575381628313&et=2553&tfz=1229&sqid=8
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
swfIndex.php
ads.stickyadstv.com/www/delivery/
67 B
558 B
XHR
General
Full URL
http://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=7432577
Requested by
Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/27215
Protocol
HTTP/1.1
Server
2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a2-18-234-233.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com

Response headers

Pragma
no-cache
Date
Tue, 03 Dec 2019 14:00:28 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
http://play.leadzutw.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1575381628460010-151
Expires
Tue, 03 Dec 2019 14:00:28 GMT
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133708&at=skinz&gcp=0&sspname=sspv3-smartadserver&sspplid=277791%7C1028825%7C42281&isssp=1&e=sspko&sspr=1&rt=109&tse=1575381628420&et=2661&tfz=1336&sqid=9
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133274&at=skinz&gcp=0&sspname=sspv3-sticky&sspplid=7432577&isssp=1&e=sspc&tse=1575381628421&et=2661&tfz=1337&sqid=10
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
truncated
/ Frame D8A8
1 B
0
Script
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type
application/javascript;charset=utf-8
adj
ad.360yield.com/ul_cb/ Frame D8A8
Redirect Chain
  • http://ad.360yield.com/adj?p=12057166&w=1800&h=1000&tz=-60&click3rd=
  • http://ad.360yield.com/ul_cb/adj?p=12057166&w=1800&h=1000&tz=-60&click3rd=
3 KB
2 KB
Script
General
Full URL
http://ad.360yield.com/ul_cb/adj?p=12057166&w=1800&h=1000&tz=-60&click3rd=
Requested by
Host: play.leadzutw.com
URL: http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Protocol
HTTP/1.1
Server
18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
98732aa64b384cb3b36e27ae73466d5269ddfc93168c1ca4e9d22639df68f63c

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 03 Dec 2019 14:00:28 GMT
content-encoding
gzip
Connection
keep-alive
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
1577
Content-Type
text/javascript; charset=UTF-8

Redirect headers

location
http://ad.360yield.com/ul_cb/adj?p=12057166&w=1800&h=1000&tz=-60&click3rd=
Date
Tue, 03 Dec 2019 14:00:28 GMT
Connection
keep-alive
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
0
Content-Type
text/plain
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133274&at=skinz&gcp=0&sspname=sspv3-sticky&sspplid=7432577&isssp=1&e=sspko&sspr=1&rt=201&tse=1575381628626&et=2867&tfz=1542&sqid=11
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133244&at=skinz&gcp=0&sspname=sspv3-improve&sspplid=12057166&isssp=1&e=sspc&tse=1575381628627&et=2867&tfz=1543&sqid=12
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
1x1.gif
creative.360yield.com/file/138981/ Frame D8A8
0
0

pixel
cm.g.doubleclick.net/ Frame D8A8
0
0

/
track.adform.net/serving/cookie/match/ Frame D8A8
0
0

match
ad.360yield.com/ Frame D8A8
Redirect Chain
  • http://ib.adnxs.com/getuid?http://ad.360yield.com/match?external_user_id=$UID&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOX5uluOq-qvPCLAAAENCx-AAAAs7AAA
  • http://ad.360yield.com/match?external_user_id=8848007513179042643&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOX5uluOq-qvPCLAAAENCx-AAAAs7AAA
0
0

match
id5-sync.com/ Frame D8A8
0
0

pixel
cm.g.doubleclick.net/ Frame D8A8
0
0

imp_pixel
ad.360yield.com/ Frame D8A8
43 B
505 B
Image
General
Full URL
http://ad.360yield.com/imp_pixel?ic=L5RDexCs1Rxo39Q9HrvTAfAYAZ3qysgX01IWCXtOV1.P4vIYRmAcTgDwI3OCahkzZLpbMhLSldwufK5wx6hI8J.s-zd9NpOOF3TH3.q1i5yy1tUIwgwj2Oek3IylOGrJur4CnmrUBKh9OnzD7u9xPYAuJwdxd1Nl3CwXRZPSYSqyA7ti.NbDMhOuEDWSZZCS6VFH3u571Y.IYUHcrhySkljO--PfGUGU2bc67scUNaFj0YBejPeq-m1.Kkv8C7gtsVFlgsypHp33dVvuJer9D81LtiTECBoe35wcKBlu.SCfBJFvqBHhyKt9EilfdKbQrzjZXzgL2HTdFug7FNcNNErOPbc.AD0.EI1N6B5qBXopb-5W-C4XHvQVtCAtKzi80CHgr45B6XgiEqrWv.1fbMNUZB4N9kfvF1vdl7eumZBpUbkNAaswgSTomdg4-eZ11cBceD2UWQ4NLRoNZtDgyJlAvJGzxiRZwg5y3172frqG2LQkjJgjugzEa5HD9.FhKEVcfmMgSWmx19bjM8LOrtrH3vv-KfRNN9VASGMjZHqU2Pn5nA==
Requested by
Host: play.leadzutw.com
URL: http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Protocol
HTTP/1.1
Server
18.195.171.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-18-195-171-24.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

access-control-allow-origin
*
Date
Tue, 03 Dec 2019 14:00:28 GMT
Connection
keep-alive
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Content-Length
43
Content-Type
image/gif
publishertag.js
static.criteo.net/js/ld/ Frame 51AF
87 KB
27 KB
Script
General
Full URL
https://static.criteo.net/js/ld/publishertag.js
Requested by
Host: sac.ayads.co
URL: https://sac.ayads.co/sublime/27215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
40483fac4e86b90f4d46c4b9ab5b5a25662849de0c9789e571abc23ef1217a6e

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 14:00:28 GMT
content-encoding
gzip
last-modified
Fri, 25 Oct 2019 13:44:17 GMT
server
nginx
access-control-allow-origin
*
etag
W/"5db2fc31-15cda"
content-type
text/javascript
status
200
cache-control
max-age=86400, public
timing-allow-origin
*
expires
Wed, 04 Dec 2019 14:00:28 GMT
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=133244&at=skinz&gcp=0&sspname=sspv3-improve&sspplid=12057166&isssp=1&e=sspko&sspr=1&rt=207&tse=1575381628832&et=3073&tfz=1748&sqid=13
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=114301&at=html5&gcp=0&sspname=sspv3-criteogeneric&sspplid=1272203&isssp=1&e=sspc&tse=1575381628833&et=3073&tfz=1749&sqid=14
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:28 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cdb
bidder.criteo.com/ Frame 51AF
0
146 B
XHR
General
Full URL
https://bidder.criteo.com/cdb?ptv=76&profileId=206&cb=50962737520
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.152 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
Origin
http://play.leadzutw.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

status
204
date
Tue, 03 Dec 2019 14:00:28 GMT
access-control-allow-credentials
true
server
Finatra
access-control-allow-origin
http://play.leadzutw.com
timing-allow-origin
*
vary
Origin
pixel.gif
static.criteo.net/images/ Frame 51AF
43 B
260 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 14:00:29 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
access-control-allow-origin
*
etag
"493ea254-2b"
content-type
image/gif
status
200
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 27 Nov 2020 14:00:29 GMT
pixel.gif
static.criteo.net/images/ Frame 51AF
43 B
260 B
Image
General
Full URL
https://static.criteo.net/images/pixel.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.130 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 03 Dec 2019 14:00:29 GMT
last-modified
Tue, 09 Dec 2008 16:52:36 GMT
server
nginx
access-control-allow-origin
*
etag
"493ea254-2b"
content-type
image/gif
status
200
cache-control
max-age=31104000, public
accept-ranges
bytes
timing-allow-origin
*
content-length
43
expires
Fri, 27 Nov 2020 14:00:29 GMT
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=114301&at=html5&gcp=0&sspname=sspv3-criteogeneric&sspplid=1272203&isssp=1&e=sspko&sspr=1&rt=205&tse=1575381629033&et=3274&tfz=1949&sqid=15
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:29 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
antenna.ayads.co/
43 B
309 B
Image
General
Full URL
http://antenna.ayads.co/?src=wf&t=1575381625759&ver=20191202094412&z=27215&device=d&puid=p775296523036958700&suid=s763093135042470700&gc=0&gm=0&ga=1&gs=2&a=114301&at=html5&gcp=0&e=ipb&tse=1575381629033&et=3274&tfz=1949&sqid=16
Protocol
HTTP/1.1
Server
34.243.240.54 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-34-243-240-54.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
http://play.leadzutw.com/red/zone.php?code=I8GZIGH2WWWX&a=&pubid=&lgid=12723378180.0027571811516862166
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 03 Dec 2019 14:00:29 GMT
Last-Modified
Mon, 28 Sep 1970 06:00:00 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
creative.360yield.com
URL
http://creative.360yield.com/file/138981/1x1.gif
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improvedigital&google_cm&google_sc&gdpr=1&gdpr_consent=BOX5uluOq-qvPCLAAAENCx-AAAAs7AAA
Domain
track.adform.net
URL
http://track.adform.net/serving/cookie/match/?party=5&publisher_user_id=1314b4fd-b44e-4f41-b732-480ed525ede9&publisher_dsp_id=42&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOX5uluOq-qvPCLAAAENCx-AAAAs7AAA&publisher_redirecturl=http://ad.360yield.com/match
Domain
ad.360yield.com
URL
http://ad.360yield.com/match?external_user_id=8848007513179042643&publisher_dsp_id=40&gdpr=1&gdpr_consent=BOX5uluOq-qvPCLAAAENCx-AAAAs7AAA
Domain
id5-sync.com
URL
https://id5-sync.com/match?publisher_user_id=1314b4fd-b44e-4f41-b732-480ed525ede9&publisher_dsp_id=79&publisher_call_type=redirect&gdpr=1&gdpr_consent=BOX5uluOq-qvPCLAAAENCx-AAAAs7AAA&publisher_redirecturl=http://ad.360yield.com/match
Domain
cm.g.doubleclick.net
URL
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=ExS0_bROT0G3MkgO1SXt6Q&google_cm&publisher_dsp_id=340

Verdicts & Comments Add Verdict or Comment

13 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate string| uAgent object| smdevice string| smuAgent number| SMGDPRKey object| SMIntextPlaylist object| sublime object| ayads object| adblockDetector object| SMIntext_1575381627094 object| SMIntext_1575381627095 function| sublimeCb1575381627087

1 Cookies

Domain/Path Name / Value
.leadzutw.com/ Name: lz_frecy
Value: %7B%22I8GZIGH2WWWX%22%3A%7B%22times%22%3A1%2C%22time%22%3A1575414000%7D%7D

3 Console Messages

Source Level URL
Text
console-api log URL: https://sac.ayads.co/sublime/27215(Line 5)
Message:
%cwf%cs%c background: #ED7D04;border-radius: 3px 0 0 3px;color: #fff;padding: 1px 3px; color: #3E3E40;padding: 1px 3px;background: #6bec7c;; background: #dedede;border-radius: 0 3px 3px 0;color: #292929;padding: 1px 3px; Ads exhausted
console-api log URL: https://sac.ayads.co/sublime/27215(Line 5)
Message:
console.trace
console-api log URL: https://sac.ayads.co/sublime/27215(Line 5)
Message:
console.groupEnd

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ads.stickyadstv.com
antenna.ayads.co
bidder.criteo.com
cm.g.doubleclick.net
creative.360yield.com
geoworker.ayads.co
ib.adnxs.com
id5-sync.com
optchk.ayads.co
platform.sunmedia.tv
play.leadzutw.com
sac.ayads.co
services.sunmedia.tv
static.criteo.net
static.sunmedia.tv
track.adform.net
track.sunmedia.tv
www8.smartadserver.com
ad.360yield.com
cm.g.doubleclick.net
creative.360yield.com
id5-sync.com
track.adform.net
178.250.0.130
178.250.2.152
18.195.171.24
185.86.137.17
2.18.234.233
212.92.39.35
2606:4700:10::6814:a25
34.243.240.54
34.255.174.41
37.252.173.22
51.68.35.185
51.91.154.17
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2
31d0b2ae7f5658227edb36de02ddc29fbd26303331268f524e2cd2ec9db601bd
34ef7cdc6b2637af1e94d4f8085e68ad9f14c7ba1ea6d78d87850042ec0b638c
40483fac4e86b90f4d46c4b9ab5b5a25662849de0c9789e571abc23ef1217a6e
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
43ab7fb6f15834fd5f4d280bf2f1be7bfae4fb74a2172e2302265953ef08c4b6
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
98732aa64b384cb3b36e27ae73466d5269ddfc93168c1ca4e9d22639df68f63c
a900cf30af5c043697090d375d6babafc4d0a0b85a99e5e4317b1c358946a729
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b46cad6e548e3cb4ac48217311e0785a56a00f5e924383f798dbb84e77bc1cb8
cb493b9642a7a0b19fa80bdf479b6b68ea8826f6a51a16bef0f2c94a7c7260ca
cf04c8ff532d67438488ca446b5de95074533ade08c90edc9ac9aa5a0c212cb2
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629