play.leadzutw.com Open in urlscan Pro
217.13.124.96 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701
Submission: On April 30 via api (April 30th 2020, 11:35:22 am UTC) from US

Summary HTTP 15 Redirects Behaviour Indicators

Summary

This website contacted 7 IPs in 6 countries across 5 domains to perform 15 HTTP transactions. The main IP is 217.13.124.96, located in Spain and belongs to NEXICA-AS, ES. The main domain is play.leadzutw.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 20th 2019. Valid for: a year.

This is the only time play.leadzutw.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	217.13.124.96 217.13.124.96	24592 (NEXICA-AS) (NEXICA-AS)
1 1	185.103.39.30 185.103.39.30	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
6	51.89.234.149 51.89.234.149	16276 (OVH) (OVH)
1	51.89.64.207 51.89.64.207	16276 (OVH) (OVH)
1	2600:9000:214... 2600:9000:214f:9600:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
1 4	104.74.100.205 104.74.100.205	16625 (AKAMAI-AS) (AKAMAI-AS)
2	159.69.64.14 159.69.64.14	24940 (HETZNER-AS) (HETZNER-AS)
1	2600:9000:214... 2600:9000:214f:9800:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
15	7

1 217.13.124.96 (Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unnamed.nexica.net

play.leadzutw.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.103.39.30 (Madrid, Spain) 1 redirects

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

platform.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.234.149 (United Kingdom)

ASN16276 (OVH, FR)
PTR: ns31195935.ip-51-89-234.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.64.207 (France)

ASN16276 (OVH, FR)
PTR: ns3168032.ip-51-89-64.eu

services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9600:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.74.100.205 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-74-100-205.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.69.64.14 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cm020.richaudience.com

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:9800:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	sunmedia.tv 1 redirects platform.sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv	62 KB
4	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
2	richaudience.com sync.richaudience.com	615 B
2	agkn.com js.agkn.com d.agkn.com	3 KB
1	leadzutw.com play.leadzutw.com	1 KB
15	5

	Domain	Requested by
5	static.sunmedia.tv	play.leadzutw.com static.sunmedia.tv
4	sb.scorecardresearch.com	1 redirects play.leadzutw.com
2	sync.richaudience.com	play.leadzutw.com sync.richaudience.com
1	d.agkn.com	js.agkn.com
1	track.sunmedia.tv
1	js.agkn.com	play.leadzutw.com
1	services.sunmedia.tv	static.sunmedia.tv
1	platform.sunmedia.tv	1 redirects
1	play.leadzutw.com
15	9

This site contains no links.

Subject Issuer	Validity	Valid
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2020-06-18`	a year	crt.sh
*.sunmedia.tv COMODO RSA Domain Validation Secure Server CA	`2018-01-19` - `2021-01-18`	3 years	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh

This page contains 3 frames:

Primary Page: https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701
Frame ID: 5098604E7486BF28ED71A7431E691E52
Requests: 13 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=571157329&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%26pubid%26lgid%3D11058916050.9388834263705701%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Automotive%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 2990E0E0EE470C701C7B263CF037CA4A
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1651556&pubconsent=1&euconsent=1&hasConsent=1
Frame ID: 301D249BF85072090AFBF5E15B3F47A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^/-])|(?:^|\b)HTTPD)/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

15
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

9
Subdomains

7
IPs

6
Countries

69 kB
Transfer

197 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://platform.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78.js HTTP 301
https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js

Request Chain 9

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=925845138&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=5827405 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=925845138&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=5827405

15 HTTP transactions
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request Cookie set zone.php Show response play.leadzutw.com/red/	1 KB 1 KB	186ms 45ms	Document text/html	217.13.124.96 NEXICA-AS
General Check archive.org Show headers Download Go to Full URL https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 217.13.124.96 , Spain, ASN24592 (NEXICA-AS, ES), Reverse DNS unnamed.nexica.net Software Apache / Resource Hash `f6b45ff2d3e2d85edb37754c5fe8550320654b4833d8805a6fdbad114fc87fec` Request headers Host play.leadzutw.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site none Sec-Fetch-Mode navigate Sec-Fetch-User ?1 Sec-Fetch-Dest document Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 30 Apr 2020 11:35:06 GMT Content-Type text/html; charset=UTF-8 Content-Length 1101 Connection close Server Apache Set-Cookie lz_frecy=%7B%22QQAF0RIA4PN8%22%3A%7B%22times%22%3A1%2C%22time%22%3A1588284000%7D%7D; expires=Fri, 30-Apr-2021 11:35:06 GMT; Max-Age=31536000; path=/; domain=.leadzutw.com
GET H2	200	0bd65cfe-9647-43af-ab7d-2911a606dd78.js Show response static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/ Redirect Chain https://platform.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78.js https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js	181 KB 52 KB	83ms 22ms	Script application/javascript	51.89.234.149 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Requested by Host: play.leadzutw.com URL: https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.89.234.149 , United Kingdom, ASN16276 (OVH, FR), Reverse DNS ns31195935.ip-51-89-234.eu Software nginx / Resource Hash `59880889a0f9f2c81d4e01853fcb9e9620681bc3f470a605a34884fecc4ac3d4` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 11:35:07 GMT content-encoding gzip tp-cache HIT last-modified Fri, 24 Apr 2020 11:31:05 GMT server nginx age 518569 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/javascript status 200 cache-control max-age=0, s-maxage=2592001 access-control-allow-credentials true content-length 53173 accept-ranges bytes x-device desktop Redirect headers date Thu, 30 Apr 2020 11:35:07 GMT content-encoding gzip tp-cache HIT server nginx age 1300994 status 301 access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type text/html; charset=UTF-8 location https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js cache-control max-age=0, s-maxage=2592000 access-control-allow-credentials true content-length 244 accept-ranges bytes vary Accept-Encoding x-device desktop
GET H2	200	eu_country.php Show response static.sunmedia.tv/SMVpaidCreatives/geotarget/	19 B 316 B	81ms 28ms	XHR application/json	51.89.234.149 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMVpaidCreatives/geotarget/eu_country.php Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.89.234.149 , United Kingdom, ASN16276 (OVH, FR), Reverse DNS ns31195935.ip-51-89-234.eu Software nginx / Resource Hash `2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 11:35:07 GMT tp-cache HIT server nginx age 1301236 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json status 200 cache-control max-age=0, s-maxage=2592000 access-control-allow-credentials true x-device desktop accept-ranges bytes access-control-allow-origin https://play.leadzutw.com content-length 19
GET H2	200	country.php Show response services.sunmedia.tv/geotarget/	16 B 263 B	70ms 23ms	XHR application/json	51.89.64.207 OVH
General Check archive.org Show headers Download Go to Full URL https://services.sunmedia.tv/geotarget/country.php Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.89.64.207 , France, ASN16276 (OVH, FR), Reverse DNS ns3168032.ip-51-89-64.eu Software nginx / Resource Hash `61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 11:35:07 GMT tp-cache HIT server nginx age 1301171 vary Accept-Encoding content-type application/json status 200 cache-control max-age=0, s-maxage=2592000 access-control-allow-credentials true x-device desktop accept-ranges bytes access-control-allow-origin https://play.leadzutw.com content-length 16
GET H2	200	intext-1-0.json Show response static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/	3 KB 3 KB	79ms 28ms	XHR application/json	51.89.234.149 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/intext-1-0.json Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.89.234.149 , United Kingdom, ASN16276 (OVH, FR), Reverse DNS ns31195935.ip-51-89-234.eu Software nginx / Resource Hash `14a2e0f7eae41c6e442873135cb4033fe823a2af4f0f4bb72fc3ac954ced0b64` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 11:35:07 GMT tp-cache HIT last-modified Thu, 16 Apr 2020 15:59:37 GMT server nginx age 85541 status 200 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=2592000 content-length 2722 accept-ranges bytes x-device desktop
GET H2	200	outstream.json Show response static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/	3 KB 4 KB	80ms 28ms	XHR application/json	51.89.234.149 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.89.234.149 , United Kingdom, ASN16276 (OVH, FR), Reverse DNS ns31195935.ip-51-89-234.eu Software nginx / Resource Hash `4970a2564975f448345b456d0c9d087ece00083684ded6143b0d77c0dc3aa5c9` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 11:35:07 GMT tp-cache HIT last-modified Wed, 18 Dec 2019 20:53:46 GMT server nginx age 85542 status 200 vary Accept-Encoding access-control-allow-methods POST, GET, OPTIONS, PUT, DELETE content-type application/json access-control-allow-origin * cache-control max-age=0, s-maxage=2592000 content-length 3403 accept-ranges bytes x-device desktop
GET H2	200	adblockDetector.min.js Show response static.sunmedia.tv/SMSdk/assets/AdBlockDetection/	3 KB 2 KB	23ms 23ms	Script application/javascript	51.89.234.149 OVH
General Check archive.org Show headers Download Go to Full URL https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.min.js Requested by Host: static.sunmedia.tv URL: https://static.sunmedia.tv/integrations/0bd65cfe-9647-43af-ab7d-2911a606dd78/0bd65cfe-9647-43af-ab7d-2911a606dd78.js Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.89.234.149 , United Kingdom, ASN16276 (OVH, FR), Reverse DNS ns31195935.ip-51-89-234.eu Software nginx / Resource Hash `ce29b347db6fc1e413ce157f52289e7a551fca5532817543961a0dc341b474b8` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 11:35:07 GMT content-encoding gzip tp-cache HIT last-modified Wed, 29 Apr 2020 11:38:37 GMT server nginx age 85545 vary Accept-Encoding content-type application/javascript status 200 cache-control max-age=0, s-maxage=2592000 content-length 1630 accept-ranges bytes x-device desktop
GET H2	200	tag.js Show response js.agkn.com/prod/v0/	3 KB 3 KB	24ms 8ms	Script application/javascript	2600:9000:214f:9600:15:efbc:e300:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://js.agkn.com/prod/v0/tag.js Requested by Host: play.leadzutw.com URL: https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:9600:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash `dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Wed, 29 Apr 2020 20:08:53 GMT via 1.1 a4a46c5a6cdf81ec1d08cf6e63389765.cloudfront.net (CloudFront) last-modified Tue, 22 Oct 2019 20:22:52 GMT server AmazonS3 age 55575 etag "f53f55cbab099be3a970b446a66c496a" x-cache Hit from cloudfront content-type application/javascript status 200 x-amz-cf-pop FRA53-C1 accept-ranges bytes content-length 3167 x-amz-cf-id Kh6f40aejBDteQVye5yGkGpZJyGyV-epOgsk9Isn6zIU9fm18fb37w==
GET H/1.1	200 OK	beacon.js Show response sb.scorecardresearch.com/	1 KB 1 KB	106ms 39ms	Script application/x-javascript	104.74.100.205 AKAMAI-AS
General Check archive.org Show headers Download Go to Full URL https://sb.scorecardresearch.com/beacon.js Requested by Host: play.leadzutw.com URL: https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-74-100-205.deploy.static.akamaitechnologies.com Software / Resource Hash `a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 30 Apr 2020 11:35:07 GMT Content-Encoding gzip Vary Accept-Encoding Content-Type application/x-javascript Cache-Control private, no-transform, max-age=86400 Connection keep-alive Content-Length 884 Expires Fri, 01 May 2020 11:35:07 GMT
GET H/1.1	200 OK	/ Show response sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/	867 B 615 B	1108ms 25ms	Script text/html	159.69.64.14 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ Requested by Host: play.leadzutw.com URL: https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.69.64.14 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cm020.richaudience.com Software nginx/1.14.2 / Resource Hash `89327363a15db75dffb33d6d8a8416e49ec04e2408d4d3ed41bf70a40835e538` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Date Thu, 30 Apr 2020 11:35:08 GMT Content-Encoding gzip Server nginx/1.14.2 Connection close Transfer-Encoding chunked Content-Type text/html; charset=UTF-8
GET H/1.1	200 OK	p2 sb.scorecardresearch.com/ Redirect Chain https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=925845138&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct... https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=925845138&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_c...	43 B 309 B	32ms 32ms	Image image/gif	104.74.100.205 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=925845138&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=null&c4=null&c6=null&ns_ts=5827405 Protocol* HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-74-100-205.deploy.static.akamaitechnologies.com Software / Resource Hash `24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 30 Apr 2020 11:35:07 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Type image/gif Content-Length 43 Expires Mon, 01 Jan 1990 00:00:00 GMT Redirect headers Location https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=925845138&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=null&c4=null&c6=null&ns_ts=5827405 Pragma* no-cache Date Thu, 30 Apr 2020 11:35:07 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ track.sunmedia.tv/	42 B 278 B	38ms 23ms	Image image/gif	51.89.234.149 OVH
General Check archive.org Show headers Download Go to Show image Full URL https://track.sunmedia.tv/?ap=smptf&it=0bd65cfe-9647-43af-ab7d-2911a606dd78&tp=op&pb=1&pos=0&loop=0 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 51.89.234.149 , United Kingdom, ASN16276 (OVH, FR), Reverse DNS ns31195935.ip-51-89-234.eu Software nginx / Resource Hash `ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers date Thu, 30 Apr 2020 11:35:07 GMT tp-cache HIT last-modified Thu, 15 Nov 2018 09:59:07 GMT server nginx age 1301236 vary Accept-Encoding content-type image/gif status 200 cache-control max-age=0, s-maxage=31536000 access-control-allow-credentials true x-device desktop accept-ranges bytes content-length 42
GET H2	200	/ d.agkn.com/iframe/8613/ Frame 2990	0 0	23ms 9ms	Document text/html	2600:9000:214f:9800:19:fc2c:a140:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://d.agkn.com/iframe/8613/?che=571157329&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%26pubid%26lgid%3D11058916050.9388834263705701%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Automotive%22%2C%22brd%22%3A%22-1%22%7D Requested by Host: js.agkn.com URL: https://js.agkn.com/prod/v0/tag.js Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:9000:214f:9800:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software Apache-Coyote/1.1 / Resource Hash Request headers :method GET :authority d.agkn.com :scheme https :path /iframe/8613/?che=571157329&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%26pubid%26lgid%3D11058916050.9388834263705701%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Automotive%22%2C%22brd%22%3A%22-1%22%7D pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site cross-site sec-fetch-mode navigate sec-fetch-dest iframe referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 Response headers status 200 content-type text/html;charset=UTF-8 content-length 481 cache-control no-cache, must-revalidate date Thu, 30 Apr 2020 11:35:07 GMT expires Sat, 01 Jan 2000 00:00:00 GMT p3p CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT" pragma no-cache server Apache-Coyote/1.1 set-cookie ab=0001%3AK%2FUzI6XALpaXNc9VkwLET1xcDhxqz%2FPN;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C\|0AEAmPXRrJj10awAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure x-cache Miss from cloudfront via 1.1 15d3b4db3728feaae1780610a1bac86e.cloudfront.net (CloudFront) x-amz-cf-pop FRA53-C1 x-amz-cf-id kY5ZvYw6F3OzTkQt4FGLLTsuTJ0gLNrxV4yL39TIT1ckRNxhlMcv7g==
GET H/1.1	204 No Content	b sb.scorecardresearch.com/	0 248 B	27ms 26ms	Image text/plain	104.74.100.205 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://sb.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1588246507731&ns_c=UTF-8&cv=3.5&c8=&c7=https%3A%2F%2Fplay.leadzutw.com%2Fred%2Fzone.php%3Fcode%3DQQAF0RIA4PN8%26a%26pubid%26lgid%3D11058916050.9388834263705701&c9= Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 104.74.100.205 , Netherlands, ASN16625 (AKAMAI-AS, US), Reverse DNS a104-74-100-205.deploy.static.akamaitechnologies.com Software / Resource Hash `e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855` Request headers Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Response headers Pragma no-cache Date Thu, 30 Apr 2020 11:35:07 GMT Cache-Control private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate Connection keep-alive Content-Length 0 Expires Mon, 01 Jan 1990 00:00:00 GMT
GET H/1.1	200 OK	/ sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 301D	0 0	3080ms 30ms	Document text/html	159.69.64.14 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=1651556&pubconsent=1&euconsent=1&hasConsent=1 Requested by Host: sync.richaudience.com URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ Protocol HTTP/1.1 Security TLS 1.2, ECDHE_RSA, AES_256_GCM Server 159.69.64.14 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS cm020.richaudience.com Software nginx/1.14.2 / Resource Hash Request headers Host sync.richaudience.com Connection keep-alive Pragma no-cache Cache-Control no-cache Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Accept text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.9 Sec-Fetch-Site cross-site Sec-Fetch-Mode navigate Sec-Fetch-Dest iframe Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 Accept-Encoding gzip, deflate, br Accept-Language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36 Referer https://play.leadzutw.com/red/zone.php?code=QQAF0RIA4PN8&a&pubid&lgid=11058916050.9388834263705701 Response headers Server nginx/1.14.2 Date Thu, 30 Apr 2020 11:35:11 GMT Content-Type text/html; charset=UTF-8 Transfer-Encoding chunked Connection close P3P CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT" Content-Encoding gzip

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.leadzutw.com/	1970-01-19 17:56:22	Name: lz_frecy Value: %7B%22QQAF0RIA4PN8%22%3A%7B%22times%22%3A1%2C%22time%22%3A1588284000%7D%7D

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

d.agkn.com
js.agkn.com
platform.sunmedia.tv
play.leadzutw.com
sb.scorecardresearch.com
services.sunmedia.tv
static.sunmedia.tv
sync.richaudience.com
track.sunmedia.tv
104.74.100.205
159.69.64.14
185.103.39.30
217.13.124.96
2600:9000:214f:9600:15:efbc:e300:93a1
2600:9000:214f:9800:19:fc2c:a140:93a1
51.89.234.149
51.89.64.207
14a2e0f7eae41c6e442873135cb4033fe823a2af4f0f4bb72fc3ac954ced0b64
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2
4970a2564975f448345b456d0c9d087ece00083684ded6143b0d77c0dc3aa5c9
59880889a0f9f2c81d4e01853fcb9e9620681bc3f470a605a34884fecc4ac3d4
61eae0480dcc464beb4cd150bf5b44a5e0654919abd845f74fbadf913876f1af
89327363a15db75dffb33d6d8a8416e49ec04e2408d4d3ed41bf70a40835e538
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
ce29b347db6fc1e413ce157f52289e7a551fca5532817543961a0dc341b474b8
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f6b45ff2d3e2d85edb37754c5fe8550320654b4833d8805a6fdbad114fc87fec

play.leadzutw.com Open in urlscan Pro 217.13.124.96 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

15 Requests

100 %HTTPS

25 %IPv6

5 Domains

9 Subdomains

7 IPs

6 Countries

69 kBTransfer

197 kBSize

1 Cookies

0 Outgoing links

Redirected requests

15 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

29 JavaScript Global Variables

1 Cookies

Indicators

play.leadzutw.com Open in urlscan Pro
217.13.124.96 Public Scan

Screenshot
Live screenshot

Full Image

15
Requests

100 %
HTTPS

25 %
IPv6

5
Domains

9
Subdomains

7
IPs

6
Countries

69 kB
Transfer

197 kB
Size

1
Cookies

15 HTTP transactions
0 data transactions