bankingsecure.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefc...
Submission: On August 24 via automatic, source openphish (August 24th 2019, 12:41:06 am UTC)

Summary HTTP 422 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 37 IPs in 10 countries across 33 domains to perform 422 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks - StackScale, ES. The main domain is bankingsecure.webcindario.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on June 25th 2019. Valid for: 3 months.

This is the only time bankingsecure.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
27	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks - StackScale)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81a::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2606:4700:20:... 2606:4700:20::6819:ce08	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
27	2a00:1450:400... 2a00:1450:4001:81a::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	176.34.155.195 176.34.155.195	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 6	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:820::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:821::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
94	185.103.39.29 185.103.39.29	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks - StackScale)
2	89.255.250.53 89.255.250.53	60626 (LEASEWEBCDN) (LEASEWEBCDN)
1	188.72.202.185 188.72.202.185	35415 (WEBZILLA) (WEBZILLA)
2	217.13.124.96 217.13.124.96	24592 (NEXICA-AS) (NEXICA-AS)
3	2600:9000:205... 2600:9000:2057:8200:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
6 18	104.111.214.103 104.111.214.103	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
15	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
3	2606:4700:10:... 2606:4700:10::6814:8238	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	3.121.36.175 3.121.36.175	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
25	2a00:1450:400... 2a00:1450:4001:814::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
75	2a00:1450:400... 2a00:1450:4001:81f::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
25	2a00:1450:400... 2a00:1450:4001:81f::2006	15169 (GOOGLE) (GOOGLE - Google LLC)
15	185.28.138.9 185.28.138.9	197541 (VIDEOPLAZ...) (VIDEOPLAZA-AS)
1	78.140.190.84 78.140.190.84	35415 (WEBZILLA) (WEBZILLA)
1	188.42.160.79 188.42.160.79	35415 (WEBZILLA) (WEBZILLA)
8	23.8.6.43 23.8.6.43	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
17	185.86.137.42 185.86.137.42	201081 (SMARTADSE...) (SMARTADSERVER)
4	185.86.137.17 185.86.137.17	201081 (SMARTADSE...) (SMARTADSERVER)
12 23	2.18.234.233 2.18.234.233	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
7	2001:4de0:ac1... 2001:4de0:ac19::1:b:3a	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
4 4	172.217.23.130 172.217.23.130	15169 (GOOGLE) (GOOGLE - Google LLC)
4 4	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY - Fastly)
2	159.253.128.183 159.253.128.183	36351 (SOFTLAYER) (SOFTLAYER - SoftLayer Technologies Inc.)
2 3	54.72.175.179 54.72.175.179	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
2 2	185.33.223.206 185.33.223.206	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
2	185.64.189.111 185.64.189.111	62713 (AS-PUBMATIC) (AS-PUBMATIC - PubMatic)
1	18.196.54.165 18.196.54.165	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
422	37

27 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES)

bankingsecure.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:ce08 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:81a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 176.34.155.195 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-176-34-155-195.eu-west-1.compute.amazonaws.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9b (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:820::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

94 185.103.39.29 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES)

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vast.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creatives.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.255.250.53 (Germany)

ASN60626 (LEASEWEBCDN, NL)

img.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.72.202.185 (Netherlands)

ASN35415 (WEBZILLA, NL)

tharbadir.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.13.124.96 (Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unnamed.nexica.net

play.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2057:8200:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 104.111.214.103 (Netherlands) 6 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a104-111-214-103.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6814:8238 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

spl.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.121.36.175 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-3-121-36-175.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:814::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

75 2a00:1450:4001:81f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:81f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 185.28.138.9 (Sweden)

ASN197541 (VIDEOPLAZA-AS, SE)

es-sunicontent.videoplaza.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
es-sunelespanol.videoplaza.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.140.190.84 (Netherlands)

ASN35415 (WEBZILLA, NL)

inter1ads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.42.160.79 (Amsterdam, Netherlands)

ASN35415 (WEBZILLA, NL)

my.rtmark.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.8.6.43 (Netherlands)

ASN20940 (AKAMAI-ASN1, US)
PTR: a23-8-6-43.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 185.86.137.42 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ww2951.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.86.137.17 (France)

ASN201081 (SMARTADSERVER, FR)

www14.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2.18.234.233 (Ascension Island) 12 redirects

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-233.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2001:4de0:ac19::1:b:3a (Netherlands)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)

cdn.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.217.23.130 (United States) 4 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s18-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.49 (Frankfurt am Main, Germany) 4 redirects

ASN54113 (FASTLY - Fastly, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 159.253.128.183 (Amsterdam, Netherlands)

ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US)
PTR: b7.80.fd9f.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.72.175.179 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-72-175-179.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.206 (Netherlands) 2 redirects

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)
PTR: 301.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.111 (United Kingdom)

ASN62713 (AS-PUBMATIC - PubMatic, Inc., US)

vid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.54.165 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-18-196-54-165.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
94	sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv vast.sunmedia.tv creatives.sunmedia.tv	627 KB
76	googleapis.com fonts.googleapis.com imasdk.googleapis.com	2 MB
33	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	411 KB
30	stickyadstv.com 12 redirects ads.stickyadstv.com cdn.stickyadstv.com	526 KB
29	google.com 1 redirects adservice.google.com www.google.com	5 KB
27	webcindario.com bankingsecure.webcindario.com	210 KB
25	2mdn.net s0.2mdn.net	259 KB
21	smartadserver.com www8.smartadserver.com ww2951.smartadserver.com www14.smartadserver.com	32 KB
18	scorecardresearch.com 6 redirects sb.scorecardresearch.com	10 KB
15	videoplaza.tv es-sunicontent.videoplaza.tv es-sunelespanol.videoplaza.tv	44 KB
15	spotxchange.com search.spotxchange.com	19 KB
9	doubleclick.net 5 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net	2 KB
8	sascdn.com ced.sascdn.com	81 KB
6	agkn.com js.agkn.com d.agkn.com	10 KB
6	google-analytics.com 1 redirects www.google-analytics.com	35 KB
4	everesttech.net 4 redirects sync-tm.everesttech.net	1 KB
4	sunmediaads.com img.sunmediaads.com play.sunmediaads.com	35 KB
4	google.de adservice.google.de www.google.de	560 B
3	adsrvr.org 2 redirects match.adsrvr.org	1 KB
3	zeotap.com spl.zeotap.com	13 KB
3	smartclip.net des.smartclip.net	1 KB
2	pubmatic.com vid.pubmatic.com	1 KB
2	adnxs.com 2 redirects ib.adnxs.com	2 KB
2	simpli.fi um.simpli.fi	974 B
2	googletagservices.com www.googletagservices.com	56 KB
2	miarroba.info hosting.miarroba.info	305 B
2	googletagmanager.com www.googletagmanager.com	38 KB
1	w55c.net pm.w55c.net	550 B
1	turn.com 1 redirects ad.turn.com	503 B
1	rtmark.net my.rtmark.net	684 B
1	inter1ads.com inter1ads.com
1	tharbadir.com tharbadir.com	2 KB
0	Failed function sub() { [native code] }. Failed
422	33

	Domain	Requested by
75	imasdk.googleapis.com	static.sunmedia.tv imasdk.googleapis.com
29	track.sunmedia.tv	bankingsecure.webcindario.com creatives.sunmedia.tv
28	static.sunmedia.tv	bankingsecure.webcindario.com static.sunmedia.tv creatives.sunmedia.tv
27	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
27	bankingsecure.webcindario.com	bankingsecure.webcindario.com pagead2.googlesyndication.com
25	s0.2mdn.net	imasdk.googleapis.com
25	tpc.googlesyndication.com	static.sunmedia.tv
23	ads.stickyadstv.com	12 redirects static.sunmedia.tv cdn.stickyadstv.com
21	creatives.sunmedia.tv	static.sunmedia.tv creatives.sunmedia.tv
18	sb.scorecardresearch.com	6 redirects bankingsecure.webcindario.com
15	search.spotxchange.com	static.sunmedia.tv
14	www8.smartadserver.com	ced.sascdn.com static.sunmedia.tv
13	vast.sunmedia.tv	static.sunmedia.tv
11	es-sunicontent.videoplaza.tv	static.sunmedia.tv bankingsecure.webcindario.com
8	ced.sascdn.com	creatives.sunmedia.tv
8	pagead2.googlesyndication.com	bankingsecure.webcindario.com pagead2.googlesyndication.com
7	cdn.stickyadstv.com	static.sunmedia.tv cdn.stickyadstv.com
6	www.google-analytics.com	1 redirects www.googletagmanager.com www.google-analytics.com bankingsecure.webcindario.com
4	sync-tm.everesttech.net	4 redirects
4	cm.g.doubleclick.net	4 redirects
4	es-sunelespanol.videoplaza.tv	static.sunmedia.tv bankingsecure.webcindario.com
4	www14.smartadserver.com	static.sunmedia.tv
3	match.adsrvr.org	2 redirects bankingsecure.webcindario.com
3	ww2951.smartadserver.com	static.sunmedia.tv
3	d.agkn.com	js.agkn.com
3	spl.zeotap.com	bankingsecure.webcindario.com
3	js.agkn.com	bankingsecure.webcindario.com
3	services.sunmedia.tv	static.sunmedia.tv
3	des.smartclip.net	bankingsecure.webcindario.com
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
2	vid.pubmatic.com	static.sunmedia.tv
2	ib.adnxs.com	2 redirects
2	um.simpli.fi	bankingsecure.webcindario.com
2	play.sunmediaads.com	img.sunmediaads.com
2	img.sunmediaads.com	bankingsecure.webcindario.com
2	www.google.de	bankingsecure.webcindario.com
2	www.google.com	1 redirects bankingsecure.webcindario.com
2	stats.g.doubleclick.net	1 redirects www.google-analytics.com
2	www.googletagservices.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	hosting.miarroba.info	bankingsecure.webcindario.com
2	www.googletagmanager.com	bankingsecure.webcindario.com
1	pm.w55c.net	bankingsecure.webcindario.com
1	ad.turn.com	1 redirects
1	my.rtmark.net	bankingsecure.webcindario.com
1	inter1ads.com	bankingsecure.webcindario.com
1	tharbadir.com	bankingsecure.webcindario.com
1	fonts.googleapis.com	bankingsecure.webcindario.com
0	mbckjcfnjmoiinpgddefodcighgikkgn Failed	bankingsecure.webcindario.com
422	49

This site contains links to these domains. Also see Links.

Domain
u830956076.hostingerapp.com

Subject Issuer	Validity	Valid
webcindario.com Let's Encrypt Authority X3	`2019-06-25` - `2019-09-23`	3 months	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.google-analytics.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
ssl391079.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-07-02` - `2020-01-08`	6 months	crt.sh
*.google.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.smartclip.net Amazon	`2019-03-28` - `2020-04-28`	a year	crt.sh
www.google.de Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
www.google.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.sunmedia.tv COMODO RSA Domain Validation Secure Server CA	`2018-01-19` - `2021-01-18`	3 years	crt.sh
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2020-06-18`	a year	crt.sh
tharbadir.com Let's Encrypt Authority X3	`2019-06-27` - `2019-09-25`	3 months	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
*.scorecardresearch.com COMODO RSA Organization Validation Secure Server CA	`2018-11-28` - `2019-12-26`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
ssl828800.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-04-09` - `2019-10-16`	6 months	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.doubleclick.net Google Internet Authority G3	`2019-07-29` - `2019-10-21`	3 months	crt.sh
*.videoplaza.com Let's Encrypt Authority X3	`2019-07-30` - `2019-10-28`	3 months	crt.sh
inter1ads.com Let's Encrypt Authority X3	`2019-08-06` - `2019-11-04`	3 months	crt.sh
my.rtmark.net Let's Encrypt Authority X3	`2019-07-07` - `2019-10-05`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-03-12` - `2020-06-10`	a year	crt.sh
*.smartadserver.com Thawte RSA CA 2018	`2018-09-07` - `2020-02-17`	a year	crt.sh
ads.stickyadstv.com DigiCert SHA2 Secure Server CA	`2018-06-21` - `2019-09-20`	a year	crt.sh
*.stickyadstv.com DigiCert SHA2 High Assurance Server CA	`2017-01-06` - `2020-01-15`	3 years	crt.sh
*.simpli.fi DigiCert SHA2 Secure Server CA	`2017-05-11` - `2020-05-10`	3 years	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
*.w55c.net Amazon	`2018-10-11` - `2019-11-11`	a year	crt.sh

This page contains 88 frames:

Primary Page: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Frame ID: 30917CE661C51E3533B7AAA67EDEA394
Requests: 189 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js
Frame ID: FE32485307160DC76A607DCCCFC9EC23
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20190821/r20190131/zrt_lookup.html
Frame ID: B065E0AB242BE2B4267630C1C5C1F8A8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1566607230&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1566607230607&bpp=135&bdt=36&fdt=135&idt=135&shv=r20190821&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6677183818549&frm=20&pv=2&ga_vid=476645014.1566607231&ga_sid=1566607231&ga_hid=366485303&ga_fc=0&iag=0&icsg=774123&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199336%2C26835105&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2460630580&ifi=0&uci=0.x394a7ttj83e&fsb=1&dtd=154
Frame ID: 3719BCA53F3EF7ACC0293F0A62F0548A
Requests: 1 HTTP requests in this frame

Frame: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
Frame ID: 3E9C1A2C8DEBA8F3CDA77C0F9EB77259
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js
Frame ID: 1E9332E0F14368720AE2A4068B21925B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3279755401&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1566607230988&bpp=5&bdt=30&fdt=45&idt=46&shv=r20190821&cbv=r20190131&saldr=aa&nras=1&correlator=6677183818549&frm=23&ife=1&pv=1&ga_vid=476645014.1566607231&ga_sid=1566607231&ga_hid=1382479327&ga_fc=0&iag=3&icsg=672&nhd=1&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&isw=0&ish=0&ifk=547347130&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=20&bc=31&osw_key=2460630580&ifi=0&uci=0.hlb7p9fdtbu3&fsb=1&dtd=50
Frame ID: 4687AB3BB76182B525D901F961C0952A
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=2254534&gdpr=&gdpr_consent=&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 3350EB21AA4730196014715383665A36
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=930287449
Frame ID: 99E4B2467C7FD7306E717735CCACC774
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 1D1D229019E4C15C017E34F3513D6089
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=163653640
Frame ID: 18233B23D96B5EED9F8EB2F7806FCE50
Requests: 4 HTTP requests in this frame

Frame: https://inter1ads.com/?l=ewpiTquzogfW0Im&language=en&target_url=%2F%2Ftharbadir.com%2F18%3Fbannerid%3D2245686%26zoneid%3D2043966%26cb%3D1566607233917669777%26campaignid%3D1530566%26rb%3D2LrYJxMgByy_Rp0a9h7Rd-8WlOSyEq-sDh2nvq2-8SNzRHZoCBADi3PTdKwketce5F0fL1BNp0495TKd8_jrO8rp1_CWc_6fzKrYCIYtt56h5KalsIxPtNANhSC5DRSSYFzku0b3MTtPLu0NFSFJCNXRkl0UnoWu13IvsdVe-cJMJNAuojKIxePS_GJb_Hcp-GiLRw%3D%3D%26OXLCA%3D1%26referer%3Dhttps%253A%252F%252Fbankingsecure.webcindario.com%252Fd38e9ba3%252Fstep2.php%253Fcmd%253D_account-details%2526session%253D0ba7690269389f160a67388ba6a4d8d0%2526dispatch%253Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26dest%3Dhttp%253A%252F%252Fbing.com&testid=2294
Frame ID: 19F29B371C01FAAEB46EB766D87AACB8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: AF54D05D0B0DF7EE1912010D2928D359
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=633108670
Frame ID: A218C8E291E68E2BFE03DCB6F7E15BF7
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: FA41DB7C436F74B05500C80FF3A01D34
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Frame ID: 4A0BBED5986E368CD5230E6DE974B575
Requests: 3 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=610011683&gdpr=&gdpr_consent=&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 4B02311158D9D83B6601EAA646E5C6FF
Requests: 1 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 0A1113DDCDDFDABC0C01D5E15BCA346E
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=759454415
Frame ID: 5C8105ACEA37E936C17AF1FF4C7E5396
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 52DAA00D2BB3C58748A189074FC13D97
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Frame ID: 149D6C8988487AF5F1F35E484E9DFB9D
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=32143746
Frame ID: F3F02315BC79082C5F9AF6B4672BEB62
Requests: 4 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 2FF93599DC5DE851EFE2EFF8E9604E8D
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 80C9C11AFAE2CFB0A8901C5C70ECC12E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=331155055
Frame ID: EB4B2AE5D0254682BB58223C0C4DE05B
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 46A1D58F5ECB41D48DF97C3CB3797417
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Frame ID: 2B73D616F178F106F35A4660484B870F
Requests: 3 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 6D901B84B2E580ADE8299C5E5955FE44
Requests: 4 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Frame ID: 12DE9D223E993432C61BFCABE54BA385
Requests: 3 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 42F55AEA47D9619B3168A768B2B8CAA2
Requests: 4 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: D3ADF0CD95B0B384854A7B159BE99759
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp
Frame ID: 603A53DE5CA6032E13B8A09C0356E590
Requests: 4 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Frame ID: 13969649100FBE44D8B6CD5D25736C7A
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 7A8F897340E110068EC72B95A36B5F27
Requests: 1 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F7F6FB8558BAEF1C8D315A94AFC9B253
Requests: 5 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 607031DA361EFA13AB781BBC1013A14A
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp
Frame ID: BAE780D01089C6B508BC031EF6780B4A
Requests: 4 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Frame ID: E5E5C19877B74827B6824552E22C0B3E
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 40F7F2891584021A6080341F6CAD9EB8
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Frame ID: 39EC2C17A2DD8570D5DD5AE4E2CF1882
Requests: 3 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 10F32CD1059E9476D30F14DF0E2C85B7
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: F75D5B10F4AA1C9EBF52395B325C7212
Requests: 5 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 30554DC5B63A0C44460867624AEBEA98
Requests: 4 HTTP requests in this frame

Frame: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Frame ID: 645DBF863AA05DAC65E8A40F063A8801
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=77270059
Frame ID: 1C4AFC18620AD366E3FC634557213B2B
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=621814163
Frame ID: EA5DBAFFB9D1132027FDF77E4E1D1951
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 260342DEA575CB17A3F6CFEB34700FB7
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Frame ID: E223A8F5F94082240958351F297D85F5
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 741EFA0F328E694F093CE0257EF54DC0
Requests: 1 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: C2AB30507B4AB1A5B17AEB555FE3AAD8
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=342069743
Frame ID: 840229E5EDB37D21F95BE3E834215391
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=12834065
Frame ID: 1E62A303A14DD55AC4360AE7D01FAB97
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: E37D700F86B4583FC5F82C9FBDEBC8BB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 7C5D77FA732034BDC18FA12B44AF24D3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp
Frame ID: A288B9A056D7DB71D2A28F87D3D3B0A7
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=1248405215
Frame ID: FE152F1DF781B2DB4B2011F4FFAC19AD
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: C91EB8F57D233B11C95B307B18E09F86
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=850957992
Frame ID: 80D9620DA80F4DDB2B662A9C63F68E5D
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: D610A9E2CC42B7068EA6275F7437C840
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=1113212099
Frame ID: 3313EF47BE0A4F10D80424AC50FF605F
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: DEA4B2A67D468C27AD12B4F349FEF9D2
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Frame ID: 45AA67CBA365667ACA15A46787B46D77
Requests: 3 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: A23BA6296B37FD1B8F699C5FC2C9FF32
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Frame ID: 87FEDAE68FE41DEFBAE585C7E3EBB191
Requests: 3 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 6FA66CEAD02AD0A0121DA897839BF9B4
Requests: 1 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=929846779&gdpr=&gdpr_consent=&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: D2A2C3D10C0FCBFFDE519185D00076A9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=899623109
Frame ID: CD610B6DB477B1AF4C2C4ED26630EAD0
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=606123158
Frame ID: 65ED7A345C1FBEDDB0CBD0ECF2CC4642
Requests: 4 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 2CA32A15E0C7FF3BA437AB0EE5CCC61A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=210179124
Frame ID: EAF4B5E9E388A46832E7A8CED296CE03
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: A066B48C2AF203EBB3BA80434DA5E07D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 2CD9958CFA57D2193A3A0F0D3E886866
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: F9257A00824F1A604EFE5F9084C1C6FF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp
Frame ID: 9EBA912C37B46596AEFC747EFC0A89D9
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=655933612
Frame ID: 04F85E226E6C572FCA11BBEAA40908F6
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=1123935590
Frame ID: 68D15F4420A361B7355C8F05B7A7CFCB
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: CDC21D5B9953391FE005DDEDB297543D
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 44969BB50A643F180C5485DC907F3B72
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: FDAFBC28E9B2F039C03A01E3246DE2D2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=1284763738
Frame ID: 1D7FACA549B78E0B99E6DE6870445DFF
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=356017003
Frame ID: 2E154EBAC6C96AA6AF81E0CF203BE152
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=424527342
Frame ID: A15D9DEC2A384EE1CD8AB35E0D19C087
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: F10FB9EB702AA931B8076E2B48D62CC4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 1A6A89390A3EA0DFD64556CC0CB46A2E
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Frame ID: 4AB9A177D9046A760AA06CD3893EC208
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html
Frame ID: 1082C384A83BF91F424A3F42519721D3
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Frame ID: ECA9F09388E1DEA75B8A17339C2E288E
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Frame ID: 317BA96EAABEDDD230EB5D124CEA19D7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html /googletagmanager\.com\/ns\.html[^>]+><\/iframe>/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

Page Statistics

422
Requests

99 %
HTTPS

40 %
IPv6

33
Domains

49
Subdomains

37
IPs

10
Countries

4946 kB
Transfer

15745 kB
Size

0
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://u830956076.hostingerapp.com/OnlineBanking/information_sp.php
Title: En Español

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=366485303&t=pageview&_s=1&dl=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&ul=en-us&de=UTF-8&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAAABC~&jid=256355312&gjid=204840144&cid=476645014.1566607231&tid=UA-597118-7&_gid=1695890182.1566607231&_r=1&gtm=2wg8e1T2VG59&z=191704061 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=476645014.1566607231&jid=256355312&_gid=1695890182.1566607231&gjid=204840144&_v=j79&z=191704061 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=476645014.1566607231&jid=256355312&_v=j79&z=191704061 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=476645014.1566607231&jid=256355312&_v=j79&z=191704061&slf_rd=1&random=1486012831

Request Chain 80

https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09 HTTP 302
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09

Request Chain 82

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=379583590&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3003166 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=379583590&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3003166

Request Chain 87

https://sb.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1566607231258&ns_c=UTF-8&cv=3.1e&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&c7=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1566607231258&ns_c=UTF-8&cv=3.1e&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&c7=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&c9=

Request Chain 118

https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09 HTTP 302
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09

Request Chain 123

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=582662849&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3339812 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=582662849&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3339812

Request Chain 182

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGDRIsAWeCwTlwsxGee_BM0&google_cver=1 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XWCHiwAAAETlrTvh HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XWCHiwAAAETlrTvh&_test=XWCHiwAAAETlrTvh HTTP 302
https://um.simpli.fi/freewheel

Request Chain 210

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&gdpr=1&gdpr_consent=1 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPNzsJKW4xDTYB2l05KyvGQ&google_cver=1&gdpr=1&gdpr_consent=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=1

Request Chain 239

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_tc= HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDfc571XVtwR9P3ccJsP1F4&google_cver=1 HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=96ce8f74-50a9-4546-8fb4-d6766c69e320 HTTP 302
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XWCHkAAAAJMFdTvh HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XWCHkAAAAJMFdTvh&_test=XWCHkAAAAJMFdTvh HTTP 302
https://ad.turn.com/r/cs?pid=34 HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3457334107710377962 HTTP 302
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID HTTP 302
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%2526userId%253D%24UID HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=7194335949524039959 HTTP 302
https://um.simpli.fi/freewheel

Request Chain 253

https://ads.stickyadstv.com/auto-user-sync HTTP 302
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_

Request Chain 340

https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09 HTTP 302
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09

422 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request step2.php Show response
bankingsecure.webcindario.com/d38e9ba3/ 14 KB
4 KB 151ms
150ms Document
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 01705b3423086dcad42e15b6e7d5dab92779ba44115acfa4cda9a9683457d3ab

Request headers

:method: GET
:authority: bankingsecure.webcindario.com
:scheme: https
:path: /d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
sec-fetch-user: ?1
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1

Response headers

status: 200
server: nginx
date: Sat, 24 Aug 2019 00:40:30 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: __muid=c60b3a5e067c2eba3fb90ad2233ef80be061abfa; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly
x-powered-by: Webcindario Hosting Service
content-encoding: gzip

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 94 KB
34 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d2c7897ab8ee5d602556bb4293dfc2229888c41efa745ccdfb1b67b6904cb767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 34901
x-xss-protection: 0
server: cafe
etag: 13976416357655428224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 200 beacon.js.descarga Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 27 KB
12 KB 65ms
64ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/beacon.js.descarga
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: e982e3a8dd8e8e2ced1b78d36616a02680d458fe193a33801e2c06ce6f573a94

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 2 Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 93 KB
22 KB 61ms
59ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/2
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: d643248773c88a5efbcb0880558aa6d9e1f775291e2e9b5aec460e1279b92520

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 51 KB
19 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51fc7dd6785544a11f722305aecaa83ee6465257154fd2f923f216c2687ecab1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: br
last-modified: Sat, 24 Aug 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19442
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 200 adsbygoogle.js.descarga Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 27 KB
12 KB 61ms
60ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/adsbygoogle.js.descarga
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: e982e3a8dd8e8e2ced1b78d36616a02680d458fe193a33801e2c06ce6f573a94

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 vipaa-v3-jawr.css
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 444 KB
64 KB 65ms
64ms Stylesheet
text/css 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/vipaa-v3-jawr.css
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: ffd4d7234cf2bc278ca4a32f1dd13e2a1a2b7f546dac409da0989c2def3dfddc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
last-modified: Fri, 23 Aug 2019 09:00:11 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: W/"5d5fab1b-6eeb8"
vary: Accept-Encoding
content-type: text/css
status: 200

GET
H2 200 lz_loader.js.descarga Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 59 KB
15 KB 61ms
60ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/lz_loader.js.descarga
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 376f8487ce1c921532163b4dbee376a4c12e4bd913bc4ca675fd643849cf34de

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 adblockDetector.js.descarga Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 13 KB
5 KB 65ms
64ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/adblockDetector.js.descarga
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 tag.js.descarga Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 5 KB
2 KB 50ms
49ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/tag.js.descarga
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 379cda98ebfac8c883629a900a2b9c9b327523cf690ab563c33a944879ed0d12

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 SMPlayer_d.css
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 4 KB
1 KB 65ms
65ms Stylesheet
text/css 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/SMPlayer_d.css
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: ec9fb463b24c671f0652fa3e3fa2e976b45c2d81e49e918056a30f46e506124c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
last-modified: Fri, 23 Aug 2019 09:00:11 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: W/"5d5fab1b-10fd"
vary: Accept-Encoding
content-type: text/css
status: 200

GET
H2 200 bac_reg_logo_tmp_250X69.gif
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 4 KB
4 KB 78ms
78ms Image
image/gif 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/bac_reg_logo_tmp_250X69.gif
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 6faff1c939a50b046b98c124b959cb7cba4782252358581a19cbb06e9896afdc

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
last-modified: Fri, 23 Aug 2019 09:00:11 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5d5fab1b-e0b"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 3595

GET
H2 200 3 Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 4 KB
2 KB 44ms
44ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/3
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 47d881104bfd68a19d9c2d1a3b408130312ee6877d2d0927a031d6e0b8b33f05

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 img.gif
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 43 B
193 B 79ms
78ms Image
image/gif 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/img.gif
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
last-modified: Fri, 23 Aug 2019 09:00:11 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5d5fab1b-2b"
content-type: image/gif
status: 200
accept-ranges: bytes
content-length: 43

GET
H2 200 ads Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 5 KB
2 KB 43ms
43ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/ads
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 5c11ab784bb010baff75e3b31f0483ec691dbac3d46204b06041182fe6796ade

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 saved_resource Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 0
139 B 47ms
46ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
last-modified: Fri, 23 Aug 2019 09:00:11 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "5d5fab1b-0"
content-type: text/html
status: 200
accept-ranges: bytes
content-length: 0

GET
H2 200 zone.php Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 2 KB
1005 B 129ms
127ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/zone.php
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: fee52e445c4cd07f5ff70f49f516efd3730ee75db734a43a345824736c3b0220

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 404 ava.js.descarga
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 0
0 61ms
59ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/ava.js.descarga
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js.descarga Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 156 KB
42 KB 45ms
45ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/8c4105a4-90ec-434c-bf14-82b194e3019f.js.descarga
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: c6965e9f3f7781fe0b28f288e460064d7a79a26233f91cff1bcaaa6f41b81517

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 p
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 43 B
176 B 51ms
50ms Image
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/p
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 p(1)
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 43 B
176 B 51ms
51ms Image
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/p(1)
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 / Show response
hosting.miarroba.info/ 0
201 B 154ms
153ms Script
application/javascript 2606:4700:20::6819:ce08
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=c60b3a5e067c2eba3fb90ad2233ef80be061abfa&h=1876140&t=1566607230&k=4ae4860caf7a8cbb6e6205df52f2ab98
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:ce08 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50b1467829b9cba8-VIE
pragma: no-cache
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: br
last-modified: Sat, 24 Aug 2019 00:40:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200
cache-control: no-cache
content-type: application/javascript; charset=iso-8859-1
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET fonts.css
mbckjcfnjmoiinpgddefodcighgikkgn/common/ui/fonts/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/ 221 KB
82 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4ef291a9591f8f556adb0c1e4334aa33fd099a382b156e26c3a571d43c2fdb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 83384
x-xss-protection: 0
server: cafe
etag: 1844804650636337822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/ Frame FE32 221 KB
82 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4ef291a9591f8f556adb0c1e4334aa33fd099a382b156e26c3a571d43c2fdb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 83384
x-xss-protection: 0
server: cafe
etag: 1844804650636337822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 200 css
fonts.googleapis.com/ 767 B
435 B 17ms
15ms Stylesheet
text/css 2a00:1450:4001:806::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sat, 24 Aug 2019 00:40:30 GMT
server: ESF
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 404 fsd-secure-esp-sprite.png
bankingsecure.webcindario.com/pa/components/modules-app/VIPAA/header-vipaa-module/1.0/graphic/ 5 KB
5 KB 78ms
78ms Image
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/pa/components/modules-app/VIPAA/header-vipaa-module/1.0/graphic/fsd-secure-esp-sprite.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 31e10cc09bea97dba5e4c0fc2326da6ecf757e9b7c16c3c1a3950afcb04154ec

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/vipaa-v3-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 404 fsd-arrows.png
bankingsecure.webcindario.com/pa/components/modules-app/VIPAA/quick-help-vipaa-module/1.0/graphic/ 5 KB
5 KB 78ms
78ms Image
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/pa/components/modules-app/VIPAA/quick-help-vipaa-module/1.0/graphic/fsd-arrows.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 31e10cc09bea97dba5e4c0fc2326da6ecf757e9b7c16c3c1a3950afcb04154ec

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/vipaa-v3-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 404 gfootb-static-sprite.png
bankingsecure.webcindario.com/pa/components/modules/global-footer-module/2.5/graphic/ 5 KB
5 KB 78ms
77ms Image
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/pa/components/modules/global-footer-module/2.5/graphic/gfootb-static-sprite.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 31e10cc09bea97dba5e4c0fc2326da6ecf757e9b7c16c3c1a3950afcb04154ec

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/vipaa-v3-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 404 gfoot-home-icon.png
bankingsecure.webcindario.com/pa/components/modules/global-footer-module/2.5/graphic/ 5 KB
5 KB 50ms
50ms Image
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/pa/components/modules/global-footer-module/2.5/graphic/gfoot-home-icon.png
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 31e10cc09bea97dba5e4c0fc2326da6ecf757e9b7c16c3c1a3950afcb04154ec

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/vipaa-v3-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20190821/r20190131/ Frame B065 0
0 6ms
5ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20190821/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20190821/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Thu, 22 Aug 2019 03:37:00 GMT
expires: Thu, 05 Sep 2019 03:37:00 GMT
content-type: text/html; charset=UTF-8
etag: 4817175036427020965
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 7274
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 162210
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 3719 0
0 24ms
24ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1566607230&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1566607230607&bpp=135&bdt=36&fdt=135&idt=135&shv=r20190821&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6677183818549&frm=20&pv=2&ga_vid=476645014.1566607231&ga_sid=1566607231&ga_hid=366485303&ga_fc=0&iag=0&icsg=774123&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199336%2C26835105&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2460630580&ifi=0&uci=0.x394a7ttj83e&fsb=1&dtd=154

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1566607230&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1566607230607&bpp=135&bdt=36&fdt=135&idt=135&shv=r20190821&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=6677183818549&frm=20&pv=2&ga_vid=476645014.1566607231&ga_sid=1566607231&ga_hid=366485303&ga_fc=0&iag=0&icsg=774123&dssz=21&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=20199336%2C26835105&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=31&osw_key=2460630580&ifi=0&uci=0.x394a7ttj83e&fsb=1&dtd=154
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Aug 2019 00:40:30 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sat, 24-Aug-2019 00:55:30 GMT; path=/; domain=.doubleclick.net
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 75 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f876042041fbf3fd3ca277c5bc8d70ae5a82769a34e186a2b7cb3b7357c52c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1566558908912117"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28364
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
123 B 14ms
14ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=191&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20Only%20one%20%27enable_page_level_ads%27%20allowed%20per%20page.%0Aat%20ek%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3A17%3A28300)%0Aat%20dk%20(adsbygoogle.js%3A17%3A28003)%0Aat%20ik%20(adsbygoogle.js%3A17%3A30832)%0Aat%20b%20(adsbygoogle.js%3A17%3A30950)%0Aat%20adsbygoogle.js%3A1%3A24466%0Aat%20Ke%20(adsbygoogle.js%3A1%3A24215)%0Aat%20adsbygoogle.js%3A1%3A24439%0Aat%20adsbygoogle.js%3A1%3A5603%0Aat%20MutationObserver.observe.childList%20(adsbygoogle.js%3A17%3A31209)&shv=r20190821&eid=20199336&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 00:40:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200 ads Show response
des.smartclip.net/ 20 B
503 B 29ms
29ms Script
application/javascript 176.34.155.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=2ca47407fb99f4b4d2d73f14fc9287ca47ebbe2a&sz=400x320&rnd=86740163
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.155.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-155-195.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:30 GMT
Content-Encoding: gzip
Sc-Supply-Network: 999999
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Sc-Uuid: 957ec9f1-b2dc-456b-808b-aadb05a1fbd7
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Sc-Device-Type: PC
Server: nginx/1.13.12

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4472
date: Fri, 23 Aug 2019 23:25:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sat, 24 Aug 2019 01:25:58 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
133 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j79&a=366485303&t=pageview&_s=1&dl=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&ul=en-us&de=UTF-8&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAIABCAAAAC~&jid=1545137598&gjid=1106701347&cid=476645014.1566607231&tid=UA-597118-1&_gid=1695890182.1566607231&_r=1&gtm=2wg8e1T2VG59&z=846629882

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 00:40:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
status: 200
content-type: text/plain
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=366485303&t=pageview&_s=1&dl=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba76902...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=476645014.1566607231&jid=256355312&_gid=1695890182.1566607231&gjid=204840144&_v=j79&z=191704061
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=476645014.1566607231&jid=256355312&_v=j79&z=191704061
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=476645014.1566607231&jid=256355312&_v=j79&z=191704061&slf_rd=1&random=1486012831

42 B
109 B

19ms
18ms

Image
image/gif

2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=476645014.1566607231&jid=256355312&_v=j79&z=191704061&slf_rd=1&random=1486012831

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 00:40:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 24 Aug 2019 00:40:30 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=476645014.1566607231&jid=256355312&_v=j79&z=191704061&slf_rd=1&random=1486012831
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
136 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-597118-1&cid=476645014.1566607231&jid=1545137598&gjid=1106701347&_gid=1695890182.1566607231&_u=YAjAAIABCAAAAC~&z=368894480

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 24 Aug 2019 00:40:30 GMT
status: 200
content-type: text/plain
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
109 B 18ms
17ms Image
image/gif 2a00:1450:4001:820::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j79&tid=UA-597118-1&cid=476645014.1566607231&jid=1545137598&_u=YAjAAIABCAAAAC~&z=5156009

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:820::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 00:40:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
109 B 18ms
18ms Image
image/gif 2a00:1450:4001:821::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j79&tid=UA-597118-1&cid=476645014.1566607231&jid=1545137598&_u=YAjAAIABCAAAAC~&z=5156009

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:821::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 00:40:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 154 KB
41 KB 38ms
38ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 387512ec9dd64e71d115f878142623f3605b12e1554d6b9483b2d3b98d287469

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
tp-cache: HIT
age: 226552
status: 200
x-device: desktop
content-length: 42037
last-modified: Wed, 21 Aug 2019 09:44:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
tp-l2-cache: HIT
accept-ranges: bytes

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ 58 KB
17 KB 207ms
207ms Script
text/javascript 89.255.250.53
LEASEWEBCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.255.250.53 , Germany, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software: leasewebcdn/5.4.2 /
Resource Hash: 03569bb9a48922288c3bab6565ba0ca4c084b030c9fcf1bd928e86161f73381d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
cdn-cache-hit: 0
last-modified: Thu, 04 Jul 2019 12:29:10 GMT
server: leasewebcdn/5.4.2
etag: W/"2271974755"
content-type: text/javascript
status: 200
expires: Sat, 24 Aug 2019 00:40:30 GMT
cache-control: max-age=0
cdn-cache: MISS
cdn-node: FRA1-SO03001

GET
H2 404 ava.js.descarga
bankingsecure.webcindario.com/d38e9ba3/step2_files/ 0
0 50ms
50ms Script
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/ava.js.descarga
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 404
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H/1.1 200
OK 3 Show response
tharbadir.com/ 4 KB
2 KB 3073ms
16ms Script
application/javascript 188.72.202.185
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://tharbadir.com/3?z=2043966&ng=1&ix=0&pt=0&np=1&nw=1&nb=1&sw=1600&sh=1200&pl=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&wy=0&wx=0&ww=1600&wh=1200&wiw=1600&wih=1200&wfc=4&sah=1200&drf=&hil=2
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 188.72.202.185 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx /
Resource Hash: 844d547fe3ea721b2564e1e99408d0a548350b57155841242692502122afa38d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:33 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: application/javascript
Access-Control-Allow-Origin
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 saved_resource.html Show response
bankingsecure.webcindario.com/d38e9ba3/step2_files/ Frame 3E9C 4 KB
2 KB 42ms
42ms Document
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 0a92cef3edc8f5c5f0dc758cb8d677f626a1c58ce1f4fc0d8a90345283f5b8e6

Request headers

:method: GET
:authority: bankingsecure.webcindario.com
:scheme: https
:path: /d38e9ba3/step2_files/saved_resource.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
cookie: __muid=c60b3a5e067c2eba3fb90ad2233ef80be061abfa; _ga=GA1.3.476645014.1566607231; _gid=GA1.3.1695890182.1566607231; _gat_UA-597118-7=1; _gat_UA-597118-1=1; GED_PLAYLIST_ACTIVITY=W3sidSI6IlBGbDAiLCJ0c2wiOjE1NjY2MDcyMzEsIm52IjoxLCJ1cHQiOjE1NjY2MDcyMjksImx0IjoxNTY2NjA3MjI5fV0.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
server: nginx
date: Sat, 24 Aug 2019 00:40:30 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: Webcindario Hosting Service
content-encoding: gzip

GET
H/1.1 200 ads Show response
des.smartclip.net/ 20 B
503 B 29ms
29ms Script
application/javascript 176.34.155.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=c60b3a5e067c2eba3fb90ad2233ef80be061abfa&sz=400x320&rnd=95235146
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.155.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-155-195.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:30 GMT
Content-Encoding: gzip
Sc-Supply-Network: 999999
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Sc-Uuid: dfcee705-deff-4f74-84e9-bd284c48bc43
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Sc-Device-Type: PC
Server: nginx/1.13.12

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 3E9C 94 KB
34 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d2c7897ab8ee5d602556bb4293dfc2229888c41efa745ccdfb1b67b6904cb767

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 34901
x-xss-protection: 0
server: cafe
etag: 13976416357655428224
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 200 g.pixel
bankingsecure.webcindario.com/d38e9ba3/step2_files/ Frame 3E9C 43 B
176 B 40ms
39ms Image
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/g.pixel
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 g(1).pixel
bankingsecure.webcindario.com/d38e9ba3/step2_files/ Frame 3E9C 43 B
176 B 41ms
40ms Image
text/html 5.57.226.202
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/g(1).pixel
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 / Show response
hosting.miarroba.info/ Frame 3E9C 0
104 B 87ms
86ms Script
application/javascript 2606:4700:20::6819:ce08
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=c60b3a5e067c2eba3fb90ad2233ef80be061abfa&h=1876140&t=1566607230&k=4ae4860caf7a8cbb6e6205df52f2ab98
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::6819:ce08 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

cf-ray: 50b146798b03cba8-VIE
pragma: no-cache
date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: br
last-modified: Sat, 24 Aug 2019 00:40:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200
cache-control: no-cache
content-type: application/javascript; charset=iso-8859-1
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 3E9C 51 KB
19 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

51fc7dd6785544a11f722305aecaa83ee6465257154fd2f923f216c2687ecab1

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: br
last-modified: Sat, 24 Aug 2019 00:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 19442
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H/1.1 200 ads Show response
des.smartclip.net/ Frame 3E9C 20 B
503 B 29ms
29ms Script
application/javascript 176.34.155.195
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=c60b3a5e067c2eba3fb90ad2233ef80be061abfa&sz=400x320&rnd=30757428
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 176.34.155.195 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-176-34-155-195.eu-west-1.compute.amazonaws.com
Software: nginx/1.13.12 /
Resource Hash: 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:30 GMT
Content-Encoding: gzip
Sc-Supply-Network: 999999
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Sc-Uuid: 2bf9cdda-050f-4c84-83d5-9e08ef282fbc
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Sc-Device-Type: PC
Server: nginx/1.13.12

GET
H2 200 eu_country.php Show response
static.sunmedia.tv/SMVpaidCreatives/geotarget/ 19 B
375 B 39ms
39ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMVpaidCreatives/geotarget/eu_country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
tp-cache: HIT
age: 1273051
status: 200
x-device: desktop
content-length: 39
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
tp-l2-cache: MISS
accept-ranges: bytes

GET
H2 200 country.php Show response
services.sunmedia.tv/geotarget/ 16 B
269 B 39ms
38ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
server: nginx
age: 1273042
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: https://bankingsecure.webcindario.com
content-length: 16

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/ 2 KB
1 KB 39ms
39ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 23a9bb526cc0bdd42144e73172c96a06fb5bc16c4713409dee7071f1cc6ba3d8

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
tp-cache: HIT
age: 25525
status: 200
x-device: desktop
content-length: 708
last-modified: Fri, 23 Aug 2019 17:35:00 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
tp-l2-cache: MISS
accept-ranges: bytes

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/ 4 KB
2 KB 38ms
38ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: d5e1b7de0619fbd77e4d9f53c6a1821716e7c7b589fc6a687afb855b75bf6a7f

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
tp-cache: HIT
age: 830141
status: 200
x-device: desktop
content-length: 1337
last-modified: Tue, 23 Jul 2019 11:52:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
tp-l2-cache: MISS
accept-ranges: bytes

GET
H2 200 adblockDetector.js Show response
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/ 13 KB
5 KB 40ms
40ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:40 GMT
server: nginx
age: 830141
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 4831
tp-l2-cache: MISS
accept-ranges: bytes
x-device: desktop

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3E9C 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3E9C 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/ Frame 3E9C 221 KB
82 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4ef291a9591f8f556adb0c1e4334aa33fd099a382b156e26c3a571d43c2fdb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 83384
x-xss-protection: 0
server: cafe
etag: 1844804650636337822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 200 show_ads_impl.js Show response
pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/ Frame 1E93 221 KB
82 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4ef291a9591f8f556adb0c1e4334aa33fd099a382b156e26c3a571d43c2fdb2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 83384
x-xss-protection: 0
server: cafe
etag: 1844804650636337822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Aug 2019 00:40:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3E9C 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 4472
date: Fri, 23 Aug 2019 23:25:58 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Sat, 24 Aug 2019 01:25:58 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 3E9C 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1382479327&t=pageview&_s=1&dl=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2_files%2Fsaved_resource.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAAABC~&jid=&gjid=&cid=476645014.1566607231&tid=UA-597118-7&_gid=1695890182.1566607231&gtm=2wg8e1T2VG59&z=1450238693

Requested by

Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 04:59:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70836
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 3E9C 35 B
98 B 6ms
6ms Image
image/gif 2a00:1450:4001:80b::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=1382479327&t=pageview&_s=1&dl=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2_files%2Fsaved_resource.html&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAAABC~&jid=&gjid=&cid=476645014.1566607231&tid=UA-597118-1&_gid=1695890182.1566607231&gtm=2wg8e1T2VG59&z=632463587

Requested by

Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 23 Aug 2019 04:59:55 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70836
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 4687 0
0 28ms
27ms Document
text/html 2a00:1450:4001:80b::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3279755401&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1566607230988&bpp=5&bdt=30&fdt=45&idt=46&shv=r20190821&cbv=r20190131&saldr=aa&nras=1&correlator=6677183818549&frm=23&ife=1&pv=1&ga_vid=476645014.1566607231&ga_sid=1566607231&ga_hid=1382479327&ga_fc=0&iag=3&icsg=672&nhd=1&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&isw=0&ish=0&ifk=547347130&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=20&bc=31&osw_key=2460630580&ifi=0&uci=0.hlb7p9fdtbu3&fsb=1&dtd=50

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3279755401&plat=1%3A32776%2C2%3A32776%2C8%3A32776%2C9%3A32776%2C16%3A8388608%2C30%3A1081344&guci=1.2.0.0.2.2.0.0&format=0x0&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1566607230988&bpp=5&bdt=30&fdt=45&idt=46&shv=r20190821&cbv=r20190131&saldr=aa&nras=1&correlator=6677183818549&frm=23&ife=1&pv=1&ga_vid=476645014.1566607231&ga_sid=1566607231&ga_hid=1382479327&ga_fc=0&iag=3&icsg=672&nhd=1&dssz=10&mdo=0&mso=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=0&ady=0&biw=1600&bih=1200&isw=0&ish=0&ifk=547347130&scr_x=0&scr_y=0&oid=3&rx=0&eae=2&fc=1936&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=20&bc=31&osw_key=2460630580&ifi=0&uci=0.hlb7p9fdtbu3&fsb=1&dtd=50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 24 Aug 2019 00:40:31 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: IDE=AHWqTUm7iB2nXDvEa4k-hHH1qgrvzT0qRBnACG4svqAyaeHUEWRHVjhtQaM1PZ2C; expires=Thu, 17-Sep-2020 00:40:31 GMT; path=/; domain=.doubleclick.net; HttpOnly test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3E9C 75 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20190821/r20190131/show_ads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

f876042041fbf3fd3ca277c5bc8d70ae5a82769a34e186a2b7cb3b7357c52c77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1566558908912117"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 28364
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:31 GMT

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ Frame 3E9C 58 KB
17 KB 179ms
179ms Script
text/javascript 89.255.250.53
LEASEWEBCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.255.250.53 , Germany, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software: leasewebcdn/5.4.2 /
Resource Hash: 03569bb9a48922288c3bab6565ba0ca4c084b030c9fcf1bd928e86161f73381d

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
cdn-cache-hit: 0
last-modified: Thu, 04 Jul 2019 08:59:19 GMT
server: leasewebcdn/5.4.2
etag: W/"2222589723"
content-type: text/javascript
status: 200
expires: Sat, 24 Aug 2019 00:40:30 GMT
cache-control: max-age=0
cdn-cache: MISS
cdn-node: FRA1-SO03001

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ Frame 3E9C 385 B
724 B 5504ms
38ms Script
text/html 217.13.124.96
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=10916518370.7285939090837239
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.0, ECDHE_RSA, AES_256_CBC
Server: 217.13.124.96 , Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS: unnamed.nexica.net
Software: Apache /
Resource Hash: 44406acea48ad25a48195e7580b2dd83ba6713e1b0423dfdac97fc2b7f2b96a6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/saved_resource.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:37 GMT
Server: Apache
Connection: close
Content-Length: 385
Content-Type: text/html; charset=UTF-8

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 6ms
6ms Script
application/javascript 2600:9000:2057:8200:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:8200:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 15:48:20 GMT
via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2019 15:46:11 GMT
server: AmazonS3
age: 31947
etag: "a5442c681a576408c25edbf365995343"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: v4EDIkAuAICDezHDkYPoE_TJU9rI5TMMep6324IXpOuJ463UWpqhzw==

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 8ms
7ms Script
application/x-javascript 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 902
Expires: Sun, 25 Aug 2019 00:40:31 GMT

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ 3 KB
3 KB 39ms
38ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830141
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 fullscreen-on.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 44ms
44ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/fullscreen-on.png
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:22 GMT
server: nginx
age: 830141
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1351
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 skip.png
static.sunmedia.tv/SMSdk/ico/ 3 KB
3 KB 44ms
43ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/skip.png
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:22 GMT
server: nginx
age: 830141
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2761
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 adlabel.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 44ms
44ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/adlabel.png
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:21 GMT
server: nginx
age: 830141
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1359
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 play.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 48ms
47ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/play.png
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:22 GMT
server: nginx
age: 830141
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1525
tp-l2-cache: MISS
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 327ms
327ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=315014380&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:31 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000343
X-SpotX-Timing-SpotMarket: 0.298010
X-SpotX-Timing-Page-Mux: 0.000208
X-SpotX-Timing-Page-Require: 0.000357
X-fe: 079
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000037
Content-Length: 77
X-SpotX-Timing-Page: 0.309603
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000302
Last-Modified: Sat, 24 Aug 2019 00:40:31 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.117116
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.010335
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.180894
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09

43 B
309 B

7ms
6ms

Image
image/gif

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:31 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:31 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
spl.zeotap.com/ 4 KB
4 KB 69ms
69ms Image
text/html 2606:4700:10::6814:8238
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=625&env=mWeb&eventType=pageview%22
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8238 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html
access-control-allow-origin: *
cf-ray: 50b1467b6991cbc0-VIE
access-control-allow-headers: *

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=379583590&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct...
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=379583590&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_c...

43 B
309 B

7ms
7ms

Image
image/gif

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=379583590&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3003166
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:31 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=379583590&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3003166
Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:31 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 45ms
45ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=no-pos&loop=0
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865052
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 38ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=req&pb=1&pos=no-pos&loop=0
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865052
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 38ms
37ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=ef&pb=1&pos=no-pos&loop=0
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865052
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame 3350 0
0 3078ms
8ms Document
text/html 3.121.36.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=2254534&gdpr=&gdpr_consent=&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.36.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-121-36-175.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Sat, 24 Aug 2019 00:40:33 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AHf1ouSmxummBtvnt%2F0kc5QZIe7uTrxWw;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAk80QCJPNEAgAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length: 481
Connection: keep-alive

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1566607231258&ns_c=UTF-8&cv=3.1e&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&c7=https%3A%2F%2F...
https://sb.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1566607231258&ns_c=UTF-8&cv=3.1e&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&c7=https%3A%2F%2...

0
248 B

7ms
7ms

Image
text/plain

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1566607231258&ns_c=UTF-8&cv=3.1e&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&c7=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&c9=
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:31 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1566607231258&ns_c=UTF-8&cv=3.1e&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&c7=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&c9=
Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:31 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
733 B 15ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=930287449&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7549028ea0c6e0a068b31babfab18cd280445509246946ac7bfa3c0f2ad48232

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 661
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 99E4 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=930287449

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:31 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 99E4 257 KB
86 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/live/ads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D/143394101/ca-video-pub-8221793852898543-tag/3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp&correlator=930287449

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:31 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 1D1D 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48223
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 99E4 26 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 99E4 109 B
171 B 18ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 v2 Show response
es-sunicontent.videoplaza.tv/proxy/distributor/ 74 KB
5 KB 34ms
33ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/WebcindarioDesktop&tt=p&rt=vast_2.0&rn=376646942&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=17&vwt=30
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: a5e2c4fdd359e2ed2cb7d96a7091984bcdd2f6cec4ad149c3a5da0d888943b6f

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:32 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 935 B
669 B 15ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=163653640&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0a923b4956947985314cd6947dfc629e7c40a2cd3c9fd8634a4118734e3d0679

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 597
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1823 41 KB
15 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:32 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1823 257 KB
87 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:33 GMT

GET
H/1.1 200
OK Cookie set /
inter1ads.com/ Frame 19F2 0
0 42ms
42ms Document
text/html 78.140.190.84
WEBZILLA

General

Check archive.org

Show headers Download Go to

Full URL: https://inter1ads.com/?l=ewpiTquzogfW0Im&language=en&target_url=%2F%2Ftharbadir.com%2F18%3Fbannerid%3D2245686%26zoneid%3D2043966%26cb%3D1566607233917669777%26campaignid%3D1530566%26rb%3D2LrYJxMgByy_Rp0a9h7Rd-8WlOSyEq-sDh2nvq2-8SNzRHZoCBADi3PTdKwketce5F0fL1BNp0495TKd8_jrO8rp1_CWc_6fzKrYCIYtt56h5KalsIxPtNANhSC5DRSSYFzku0b3MTtPLu0NFSFJCNXRkl0UnoWu13IvsdVe-cJMJNAuojKIxePS_GJb_Hcp-GiLRw%3D%3D%26OXLCA%3D1%26referer%3Dhttps%253A%252F%252Fbankingsecure.webcindario.com%252Fd38e9ba3%252Fstep2.php%253Fcmd%253D_account-details%2526session%253D0ba7690269389f160a67388ba6a4d8d0%2526dispatch%253Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26dest%3Dhttp%253A%252F%252Fbing.com&testid=2294
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2_files/2
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 78.140.190.84 , Netherlands, ASN35415 (WEBZILLA, NL),
Reverse DNS
Software: nginx / PHP/7.2.9
Resource Hash

Request headers

Host: inter1ads.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

Server: nginx
Date: Sat, 24 Aug 2019 00:40:33 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/7.2.9
Set-Cookie: reverse=B6vZd9yyZVHIELUNQgfsPMLB4KqYvkHGG2TFrHGpObw; expires=Sat, 24-Aug-2019 01:40:33 GMT; Max-Age=3600; path=/
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, OPTIONS, HEAD
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Access-Control-Expose-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
Content-Encoding: gzip

GET
H/1.1 200
OK img.gif
my.rtmark.net/ 43 B
684 B 38ms
13ms Image
image/gif 188.42.160.79
WEBZILLA

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://my.rtmark.net/img.gif?f=merge&userId=cae55aa8481d464896c0e4f0c1703bac

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, RSA, AES_128_CBC

Server

188.42.160.79 Amsterdam, Netherlands, ASN35415 (WEBZILLA, NL),

Reverse DNS

Software

nginx /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=1
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:33 GMT
X-Content-Type-Options: nosniff
Server: nginx
Strict-Transport-Security: max-age=1
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
Content-Type: image/gif
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *, *
Access-Control-Allow-Headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
Content-Length: 43

GET
DATA 200
OK truncated
/ 346 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cd18bffd336b7dd7761dc8e7a9fb539e09bbb6e4f87b5c4ef61d60f37ccf8d5a

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame AF54 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48225
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1823 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:34 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1823 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 290ms
289ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=542221471&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:34 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000240
X-SpotX-Timing-SpotMarket: 0.268360
X-SpotX-Timing-Page-Mux: 0.000397
X-SpotX-Timing-Page-Require: 0.000392
X-fe: 077
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 77
X-SpotX-Timing-Page: 0.272036
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000327
Last-Modified: Sat, 24 Aug 2019 00:40:34 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.086406
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002283
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.181954
X-SpotX-Timing-Page-URI: 0.000012
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 803 B
583 B 14ms
13ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=633108670&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fsunmedia_genrot_IMA_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

981d0fb185c1d6e84bc50b2f79f4f5fd3b72c6a0da44785e7b23917822d877f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 512
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A218 41 KB
15 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=633108670

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:34 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A218 257 KB
87 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=633108670

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:34 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame FA41 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48226
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A218 26 KB
10 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:35 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A218 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 41ms
40ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:36 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame 4A0B 183 KB
32 KB 44ms
40ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:36 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 01 Aug 2019 09:12:38 GMT
server: nginx
age: 1956473
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32352
accept-ranges: bytes
x-device: desktop

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 154 KB
41 KB 39ms
38ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 387512ec9dd64e71d115f878142623f3605b12e1554d6b9483b2d3b98d287469

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:36 GMT
content-encoding: gzip
tp-cache: HIT
age: 226557
status: 200
x-device: desktop
content-length: 42037
last-modified: Wed, 21 Aug 2019 09:44:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
tp-l2-cache: HIT
accept-ranges: bytes

GET
H2 200 country.php Show response
services.sunmedia.tv/geotarget/ 16 B
269 B 38ms
38ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:36 GMT
tp-cache: HIT
server: nginx
age: 1273048
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: https://bankingsecure.webcindario.com
content-length: 16

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/ 2 KB
1 KB 38ms
38ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 23a9bb526cc0bdd42144e73172c96a06fb5bc16c4713409dee7071f1cc6ba3d8

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:36 GMT
content-encoding: gzip
tp-cache: HIT
age: 25531
status: 200
x-device: desktop
content-length: 708
last-modified: Fri, 23 Aug 2019 17:35:00 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
tp-l2-cache: MISS
accept-ranges: bytes

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/ 4 KB
2 KB 38ms
38ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: d5e1b7de0619fbd77e4d9f53c6a1821716e7c7b589fc6a687afb855b75bf6a7f

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:36 GMT
content-encoding: gzip
tp-cache: HIT
age: 830147
status: 200
x-device: desktop
content-length: 1337
last-modified: Tue, 23 Jul 2019 11:52:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
tp-l2-cache: MISS
accept-ranges: bytes

GET
H2 200 adblockDetector.js Show response
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/ 13 KB
5 KB 40ms
40ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:36 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:40 GMT
server: nginx
age: 830147
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 4831
tp-l2-cache: MISS
accept-ranges: bytes
x-device: desktop

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09

43 B
309 B

9ms
8ms

Image
image/gif

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 7ms
6ms Script
application/javascript 2600:9000:2057:8200:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:8200:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 15:48:20 GMT
via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2019 15:46:11 GMT
server: AmazonS3
age: 31953
etag: "a5442c681a576408c25edbf365995343"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: PUtGxHj9SCoWVSLQo4oMGcOyDj6vldC5ZohT0fo5crhmhUbe3mQaUA==

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 8ms
7ms Script
application/x-javascript 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:37 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 902
Expires: Sun, 25 Aug 2019 00:40:37 GMT

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 200ms
198ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=236015554&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:37 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000231
X-SpotX-Timing-SpotMarket: 0.177766
X-SpotX-Timing-Page-Mux: 0.000184
X-SpotX-Timing-Page-Require: 0.000325
X-fe: 098
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000025
Content-Length: 77
X-SpotX-Timing-Page: 0.181080
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000294
Last-Modified: Sat, 24 Aug 2019 00:40:37 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.084134
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002246
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.093632
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
spl.zeotap.com/ 4 KB
4 KB 197ms
194ms Image
text/html 2606:4700:10::6814:8238
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=625&env=mWeb&eventType=pageview%22
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8238 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html
access-control-allow-origin: *
cf-ray: 50b146a02ccccbc0-VIE
access-control-allow-headers: *

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=582662849&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct...
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=582662849&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_c...

43 B
309 B

8ms
7ms

Image
image/gif

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=582662849&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3339812
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=582662849&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3339812
Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 40ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=no-pos&loop=0
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865057
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 41ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=req&pb=1&pos=no-pos&loop=0
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865057
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 41ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=ef&pb=1&pos=no-pos&loop=0
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865057
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame 4B02 0
0 9ms
8ms Document
text/html 3.121.36.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=610011683&gdpr=&gdpr_consent=&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.36.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-121-36-175.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Sat, 24 Aug 2019 00:40:36 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AQLs17GbO68aBtvnt%2F0kc5YCG9uBxM4ao;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAk80QFJPNEBQAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length: 481
Connection: keep-alive

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
248 B 10ms
9ms Image
text/plain 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1566607237146&ns_c=UTF-8&cv=3.1e&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&c7=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&c9=
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:37 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 0A11 3 KB
3 KB 39ms
38ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830147
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_low.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 0A11 895 B
737 B 41ms
40ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 00117fe5f15b6166d5979931289ff4c36ff22733e4a2457ed7701459510a5adb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Fri, 05 Apr 2019 12:43:38 GMT
server: nginx
age: 1273058
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 424
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 4A0B 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=SMAdFactory
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865058
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ Frame 4A0B 42 B
279 B 39ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=adl
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865058
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 0A11 24 KB
10 KB 33ms
20ms Script
application/javascript 23.8.6.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.43 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-6-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:37 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=156
Content-Length: 10151
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
734 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=759454415&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7bd88cb301ceab248d238039c77f7a916a14f1ffea2111acd2b989ee5fc99d6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 662
x-xss-protection: 0

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 0A11 22 B
2 KB 1097ms
37ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039318&fmtid=70691&async=1&visit=m&tmstp=434504177&tag=sas_70691&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:37 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b8%3b57
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5C81 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:37 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5C81 257 KB
87 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:37 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 52DA 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48229
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5C81 26 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:38 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5C81 109 B
171 B 16ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 40ms
39ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/855c843c-c46c-46a8-994a-d0500eeecff5
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 3bc36e47734b2daffc0215d0ee32f4f1cbdd0d3d6269f1eb8b755fde2c24c800

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:38 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5.js Show response
creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/ Frame 149D 183 KB
32 KB 40ms
40ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a81653374421ca6484a893e2fd7ca6a42647425c0d7f1fc6d54c4c48f2add9a2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:38 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 18 Jun 2019 12:08:36 GMT
server: nginx
age: 1273059
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32281
accept-ranges: bytes
x-device: desktop

GET
H2 200 v2 Show response
es-sunicontent.videoplaza.tv/proxy/distributor/ 74 KB
5 KB 36ms
32ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/WebcindarioDesktop&tt=p&rt=vast_2.0&rn=873095692&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=17&vwt=30
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: b6269ba069607937878a844979bc43717d522383526e6ccc199dee358ada1cdf

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:38 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 187ms
186ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=942215742&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:38 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000296
X-SpotX-Timing-SpotMarket: 0.166847
X-SpotX-Timing-Page-Mux: 0.000180
X-SpotX-Timing-Page-Require: 0.000297
X-fe: 088
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000025
Content-Length: 77
X-SpotX-Timing-Page: 0.170349
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000236
Last-Modified: Sat, 24 Aug 2019 00:40:38 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.078747
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002425
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.088100
X-SpotX-Timing-Page-URI: 0.000042
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 934 B
668 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=32143746&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ca597eb2b78227b4a13ce03c50edf98f8bb2d5d441fbdb0797b109ae945e5901

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 596
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F3F0 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:38 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F3F0 257 KB
87 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:38 GMT

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 2FF9 3 KB
3 KB 38ms
38ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:39 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830149
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_ava.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 2FF9 895 B
736 B 39ms
39ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a4c0d24adb25697451a4dfa83295e3208beb7debd06d615a67614319ae4e9fac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:39 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 18 Mar 2019 17:18:45 GMT
server: nginx
age: 1273060
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 423
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 149D 42 B
278 B 39ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=SMAdFactory
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:39 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865060
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ Frame 149D 42 B
278 B 39ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=adl
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:39 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865060
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 2FF9 24 KB
10 KB 7ms
6ms Script
application/javascript 23.8.6.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.43 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-6-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:39 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=154
Content-Length: 10151
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 2FF9 22 B
2 KB 40ms
40ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=9973238677&tag=sas_70691&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:39 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b13%3b97
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK ac Show response
ww2951.smartadserver.com/ 129 B
1 KB 72ms
23ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww2951.smartadserver.com/ac?siteid=310175&pgid=1121103&fmtid=61639&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-369815636&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 129 B
1 KB 26ms
25ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=754977265&vph=17&vpw=30&pgDomain=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&vpaidt=js&vpaidv=1,2&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK ac Show response
www14.smartadserver.com/ 129 B
1 KB 95ms
23ms XHR
text/xml 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/ac?siteid=295430&pgid=1083836&fmtid=76623&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=2126102265&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 80C9 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48230
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F3F0 26 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:39 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F3F0 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 129 B
1 KB 29ms
26ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=292343755&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H2 200 v2 Show response
es-sunelespanol.videoplaza.tv/proxy/distributor/ 73 KB
5 KB 31ms
31ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rn=867299051&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=17&vwt=30
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: 31c9e431123db9eb6fa90be42154b3b30d20cb99e66e5ef0fc2dcbf3e161fdda

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:39 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2
es-sunicontent.videoplaza.tv/proxy/tracker/ 0
220 B 28ms
27ms Image
text/plain 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEO5RGLANIKPsEC1UdEhCNWXwCkE6EWZyYW5rZnVydCBhbSBtYWluQgMjIyM&pf=fl_11&pid=c68052d2-c607-11e9-86b5-0a58ac162b8c&s=MobusiIH/WebcindarioDesktop&tid=c7aff9df-c607-11e9-a829-0a58ac163949&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:39 GMT
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 7772433 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 3053ms
17ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7772433?&_fw_gdpr_consent=1&_fw_gdpr=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 147c9b6d66bbf445ca9c733370787385da5a17dc481db8aeba5f0cf8935644a1

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:43 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1031
x-sticky-vk: 1566607242958007-157
Expires: Sat, 24 Aug 2019 00:40:43 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 803 B
580 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=331155055&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fsunmedia_genrot_IMA_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e7f7ea71d568f98fd218b2ba1bd35bb450fb081b55dda066132c5b7333e84b59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 512
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EB4B 41 KB
15 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:40 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EB4B 257 KB
87 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:40 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 46A1 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48232
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame EB4B 26 KB
10 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:41 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EB4B 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 41ms
39ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/855c843c-c46c-46a8-994a-d0500eeecff5
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 3bc36e47734b2daffc0215d0ee32f4f1cbdd0d3d6269f1eb8b755fde2c24c800

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:41 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5.js Show response
creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/ Frame 2B73 183 KB
32 KB 41ms
40ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a81653374421ca6484a893e2fd7ca6a42647425c0d7f1fc6d54c4c48f2add9a2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:41 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 18 Jun 2019 12:08:36 GMT
server: nginx
age: 1273061
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32281
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 2B73 42 B
279 B 39ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=SMAdFactory
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:42 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865063
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 6D90 3 KB
3 KB 40ms
39ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:42 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830152
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_ava.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 6D90 895 B
736 B 39ms
38ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a4c0d24adb25697451a4dfa83295e3208beb7debd06d615a67614319ae4e9fac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:42 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 18 Mar 2019 17:18:45 GMT
server: nginx
age: 1273063
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 423
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 2B73 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=adl
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:42 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865063
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 6D90 24 KB
10 KB 7ms
6ms Script
application/javascript 23.8.6.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.43 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-6-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:42 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=151
Content-Length: 10151
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 6D90 22 B
2 KB 42ms
42ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=9526377869&tag=sas_70691&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:42 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b8%3b107
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 39ms
39ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:42 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame 12DE 183 KB
32 KB 40ms
39ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:42 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 01 Aug 2019 09:12:38 GMT
server: nginx
age: 1956480
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32352
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 42F5 320 KB
109 KB 29ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 5b2e3d6c6f98a9fa24034a03fcfae43bc3cd98f14223b307bcf097213e78bc73

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 May 2019 07:33:39 GMT
ETag: "1559115219"
X-HW: 1566607243.dop036.fr8.t,1566607243.cds142.fr8.shn,1566607243.cds142.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 110714

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame 42F5 25 KB
25 KB 27ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1566607243086
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:43 GMT
Last-Modified: Wed, 29 May 2019 07:33:39 GMT
ETag: "1559115219"
X-HW: 1566607243.dop133.fr8.t,1566607243.cds020.fr8.shn,1566607243.cds020.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2

200

freewheel
um.simpli.fi/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEGDRIsAWeCwTlwsxGee_BM0&google_cver=1
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XWCHiwAAAETlrTvh
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XWCHiwAAAETlrTvh&_test=XWCHiwAAAETlrTvh
https://um.simpli.fi/freewheel?

43 B
487 B

12781ms
13ms

Image
image/gif

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 23 Aug 2019 00:40:56 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:43 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://um.simpli.fi/freewheel?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1566607243553088-148
Expires: Sat, 24 Aug 2019 00:40:43 GMT

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame D3AD 3 KB
3 KB 39ms
38ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:43 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830153
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_low.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame D3AD 895 B
737 B 39ms
38ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 00117fe5f15b6166d5979931289ff4c36ff22733e4a2457ed7701459510a5adb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:43 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Fri, 05 Apr 2019 12:43:38 GMT
server: nginx
age: 1273064
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 424
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 12DE 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=SMAdFactory
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:43 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865064
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ Frame 12DE 42 B
279 B 40ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=adl
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:43 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865064
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame D3AD 24 KB
10 KB 7ms
7ms Script
application/javascript 23.8.6.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.43 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-6-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:43 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=150
Content-Length: 10151
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame D3AD 22 B
2 KB 37ms
36ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039318&fmtid=70691&async=1&visit=m&tmstp=2813440047&tag=sas_70691&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:43 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b21%3b56
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 129 B
1 KB 26ms
26ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-1777431014&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK ac Show response
ww2951.smartadserver.com/ 129 B
1 KB 22ms
22ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww2951.smartadserver.com/ac?siteid=310175&pgid=1121103&fmtid=61639&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1769636697&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 129 B
1 KB 28ms
27ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-1126762373&vph=17&vpw=30&pgDomain=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&vpaidt=js&vpaidv=1,2&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK ac Show response
www14.smartadserver.com/ 129 B
1 KB 21ms
21ms XHR
text/xml 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/ac?siteid=295430&pgid=1083836&fmtid=76623&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=40376017&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:42 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H2 200 v2 Show response
es-sunelespanol.videoplaza.tv/proxy/distributor/ 73 KB
5 KB 31ms
31ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rn=208860302&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=17&vwt=30
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: c9726692ff3f4208be2fad81b8046319b1f4be603b258f1e76542f692ded021b

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:43 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2
es-sunicontent.videoplaza.tv/proxy/tracker/ 0
220 B 28ms
27ms Image
text/plain 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEO5RGLANIKPsEC1UdEhCNWXwCkE6EWZyYW5rZnVydCBhbSBtYWluQgMjIyM&pf=fl_11&pid=cb19ff76-c607-11e9-8bf2-0a58ac164d88&s=MobusiIH/WebcindarioDesktop&tid=cb19d865-c607-11e9-8bf2-0a58ac164d88&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:43 GMT
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK ac Show response
ww2951.smartadserver.com/ 129 B
1 KB 68ms
67ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://ww2951.smartadserver.com/ac?siteid=310175&pgid=1121103&fmtid=61639&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=92743391&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:43 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 731 B
543 B 15ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-964794318&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fmarcacom_marca-com_video_instream-ima%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26ciu_szs%3D300x250%2C320x250%26unviewed_position_start%3D1%26cust_params%3Dinterests%3Dcoche%2Cauto%2Cmotor%2Cdolar%2Cdivisas%2Cbancos%2Carancel%2Cpoliza%2Chospedaje%2Caeropuerto%2Cagencias%2Cviajes%2Ccocina%2Cbate%2Cpenal%2Cbaloncesto%2Cnocaut%2Cbicicleta%2Cropa%2Camor%2Ctendencias%2Cuniversidad%2Ctrabajo%2Coportunidades%2Cbares%2Cantros%2Ccafeterias%2Crestaurantes%2Cviajes%2Ceducacion%2Cgimnasio%2Cautos

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

12a7fa6321c87394b0759f8ba06687921d716d0d6650edae7ed844818d4f1204

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 471
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 603A 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
age: 24
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 603A 257 KB
87 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:44 GMT

GET /
ads.stickyadstv.com/additional-scripts/ Frame 42F5 0
0

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 42F5 67 B
0 19ms
19ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7772433&_fw_gdpr_consent=1&_fw_gdpr=1&vav=1fd9a7ba28758094d27b231791090e39&vaviv=379116d7250d7bfd3fcdc6982f3a5687&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.10.22.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:44 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1566607243824089-7
Expires: Sat, 24 Aug 2019 00:40:44 GMT

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 443ms
443ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=955379162&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:44 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000723
X-SpotX-Timing-SpotMarket: 0.419860
X-SpotX-Timing-Page-Mux: 0.000189
X-SpotX-Timing-Page-Require: 0.000318
X-fe: 105
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000041
Content-Length: 77
X-SpotX-Timing-Page: 0.424399
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000251
Last-Modified: Sat, 24 Aug 2019 00:40:44 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.242404
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.003010
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.177456
X-SpotX-Timing-Page-URI: 0.000008
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 40ms
39ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:44 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame 1396 183 KB
32 KB 41ms
40ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:44 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 01 Aug 2019 09:12:38 GMT
server: nginx
age: 1956482
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32352
accept-ranges: bytes
x-device: desktop

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 7A8F 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48236
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 603A 26 KB
10 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 603A 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK 7771281 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 54ms
52ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7771281?&_fw_gdpr_consent=1&_fw_gdpr=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 09f63fe4c127d01c5f249265d06abf0f4d719f4774253c0a862b447ab9cfdd91

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:45 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1031
x-sticky-vk: 1566607245192039-7
Expires: Sat, 24 Aug 2019 00:40:45 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame F7F6 320 KB
109 KB 8ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 5b2e3d6c6f98a9fa24034a03fcfae43bc3cd98f14223b307bcf097213e78bc73

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:45 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 May 2019 07:33:39 GMT
ETag: "1559115219"
X-HW: 1566607243.dop036.fr8.t,1566607245.cds142.fr8.shn,1566607245.cds142.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 110714

GET auto-user-sync
ads.stickyadstv.com/ Frame F7F6 0
0

GET
H2

200

generic
match.adsrvr.org/track/cmf/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&gdpr=1&gdpr_consent=1
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEPNzsJKW4xDTYB2l05KyvGQ&google_cver=1&gdpr=1&gdpr_consent=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=1

70 B
264 B

87ms
29ms

Image
image/gif

54.72.175.179
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=1
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.175.179 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-72-175-179.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 00:40:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
status: 200
cache-control: private,no-cache, must-revalidate
content-type: image/gif
content-length: 70

Redirect headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:45 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=1&gdpr_consent=1
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1566607245372007-3
Expires: Sat, 24 Aug 2019 00:40:45 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame F7F6 25 KB
25 KB 6ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1566607245364
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:45 GMT
Last-Modified: Wed, 29 May 2019 07:33:39 GMT
ETag: "1559115219"
X-HW: 1566607243.dop133.fr8.t,1566607245.cds020.fr8.shn,1566607245.cds020.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 6070 3 KB
3 KB 38ms
38ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:45 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830156
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_low.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 6070 895 B
737 B 38ms
38ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 00117fe5f15b6166d5979931289ff4c36ff22733e4a2457ed7701459510a5adb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:45 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Fri, 05 Apr 2019 12:43:38 GMT
server: nginx
age: 1273066
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 424
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 1396 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=SMAdFactory
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:45 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865066
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ Frame 1396 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=adl
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:45 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865066
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 6070 24 KB
10 KB 8ms
7ms Script
application/javascript 23.8.6.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.43 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-6-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:45 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=148
Content-Length: 10151
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 6070 22 B
2 KB 36ms
36ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039318&fmtid=70691&async=1&visit=m&tmstp=3749458342&tag=sas_70691&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:45 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b21%3b97
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 782 B
568 B 14ms
13ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-598381882&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fsunmedia_genrot_IMA_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

091d24fe781f3838b6615fbec243cb32540f4a00920bafb33aca4852de29e709

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 496
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BAE7 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
age: 25
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BAE7 257 KB
87 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:45 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame F7F6 59 B
579 B 34ms
18ms XHR
text/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7771281&loc=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept: application/xml, text/xml
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:46 GMT
Server: nginx
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 59
x-sticky-vk: 1566607245669097-118
Expires: Sat, 24 Aug 2019 00:40:46 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame F7F6 67 B
0 20ms
19ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7771281&_fw_gdpr_consent=1&_fw_gdpr=1&vav=db218bf2b9f8f821f71e6ff84e5e7809&vaviv=28e72686fbafc7d3f5f0f4be68cba9e0&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.10.22.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:46 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1566607246112051-3
Expires: Sat, 24 Aug 2019 00:40:46 GMT

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 40ms
39ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:46 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame E5E5 183 KB
32 KB 42ms
41ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:46 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 01 Aug 2019 09:12:38 GMT
server: nginx
age: 1956484
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32352
accept-ranges: bytes
x-device: desktop

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 40F7 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48237
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BAE7 26 KB
10 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:46 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame BAE7 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 40ms
39ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/855c843c-c46c-46a8-994a-d0500eeecff5
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 3bc36e47734b2daffc0215d0ee32f4f1cbdd0d3d6269f1eb8b755fde2c24c800

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:47 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5.js Show response
creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/ Frame 39EC 183 KB
32 KB 41ms
41ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a81653374421ca6484a893e2fd7ca6a42647425c0d7f1fc6d54c4c48f2add9a2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:47 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 18 Jun 2019 12:08:36 GMT
server: nginx
age: 1273067
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32281
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame E5E5 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=SMAdFactory
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:47 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865068
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 10F3 3 KB
3 KB 41ms
40ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:47 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830157
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_low.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 10F3 895 B
737 B 39ms
39ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 00117fe5f15b6166d5979931289ff4c36ff22733e4a2457ed7701459510a5adb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:47 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Fri, 05 Apr 2019 12:43:38 GMT
server: nginx
age: 1273068
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 424
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame E5E5 42 B
279 B 39ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=adl
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:47 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865068
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 10F3 24 KB
10 KB 8ms
7ms Script
application/javascript 23.8.6.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_low.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.43 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-6-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:47 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=146
Content-Length: 10151
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 10F3 22 B
2 KB 45ms
44ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039318&fmtid=70691&async=1&visit=m&tmstp=6511495513&tag=sas_70691&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:47 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b8%3b93
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK 7772433 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 19ms
18ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7772433?&_fw_gdpr_consent=1&_fw_gdpr=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 304c4d58bc96f9044db5242d13fb805398147a3d56b06004fbe93705c3b1dd50

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:47 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1031
x-sticky-vk: 1566607247439042-118
Expires: Sat, 24 Aug 2019 00:40:47 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame F75D 320 KB
109 KB 8ms
7ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 5b2e3d6c6f98a9fa24034a03fcfae43bc3cd98f14223b307bcf097213e78bc73

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:47 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 May 2019 07:33:39 GMT
ETag: "1559115219"
X-HW: 1566607243.dop036.fr8.t,1566607247.cds142.fr8.shn,1566607247.cds142.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 110714

GET auto-user-sync
ads.stickyadstv.com/ Frame F75D 0
0

GET
H2

200

freewheel
um.simpli.fi/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc=&google_tc=
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEDfc571XVtwR9P3ccJsP1F4&google_cver=1
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=stickyads&ttd_tpi=1
https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=96ce8f74-50a9-4546-8fb4-d6766c69e320
https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/wGbQAlJJ?redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&_test=XWCHkAAAAJMFdTvh
https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=XWCHkAAAAJMFdTvh&_test=XWCHkAAAAJMFdTvh
https://ad.turn.com/r/cs?pid=34
https://ads.stickyadstv.com/user-registering?dataProviderId=147&userId=3457334107710377962
https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209%26userId%3D$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fads.stickyadstv.com%252Fuser-registering%253FdataProviderId%253D209%2526userId%253D%24UID
https://ads.stickyadstv.com/user-registering?dataProviderId=209&userId=7194335949524039959
https://um.simpli.fi/freewheel?

43 B
487 B

1049ms
14ms

Image
image/gif

159.253.128.183
SoftLayer Technol...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel?

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

159.253.128.183 Amsterdam, Netherlands, ASN36351 (SOFTLAYER - SoftLayer Technologies Inc., US),

Reverse DNS

b7.80.fd9f.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
status: 200
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Fri, 23 Aug 2019 00:40:56 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:55 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://um.simpli.fi/freewheel?
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1566607255447059-23
Expires: Sat, 24 Aug 2019 00:40:55 GMT

GET
H/1.1 200
OK bandwidth-test-25ko Show response
cdn.stickyadstv.com/mustang/ Frame F75D 25 KB
25 KB 6ms
6ms XHR
application/octet-stream 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/bandwidth-test-25ko?cachebuster=1566607247798
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:47 GMT
Last-Modified: Wed, 29 May 2019 07:33:39 GMT
ETag: "1559115219"
X-HW: 1566607243.dop133.fr8.t,1566607247.cds020.fr8.shn,1566607247.cds020.fr8.c
Content-Type: application/octet-stream
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 25600

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 3055 3 KB
3 KB 38ms
38ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:48 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830158
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_ava.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 3055 895 B
736 B 39ms
39ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a4c0d24adb25697451a4dfa83295e3208beb7debd06d615a67614319ae4e9fac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:48 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 18 Mar 2019 17:18:45 GMT
server: nginx
age: 1273068
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 423
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 39EC 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=SMAdFactory
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:48 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865069
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ Frame 39EC 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=adl
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:48 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865069
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 3055 24 KB
10 KB 7ms
7ms Script
application/javascript 23.8.6.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.43 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-6-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:48 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=145
Content-Length: 10151
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 3055 22 B
2 KB 34ms
34ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=8024736262&tag=sas_70691&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:47 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b13%3b114
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK ac Show response
www14.smartadserver.com/ 129 B
1 KB 23ms
21ms XHR
text/xml 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/ac?siteid=295430&pgid=1083836&fmtid=76623&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1304790726&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 129 B
1 KB 28ms
27ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=1562549484&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:48 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK AdServerServlet Show response
vid.pubmatic.com/AdServer/ 27 B
652 B 61ms
14ms XHR
application/xml 185.64.189.111
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156136&siteId=602316&adId=2278586&vadFmt=2&vminl=1&vmaxl=120&vtype=1&vpos=1&vh=360&vw=640&placement=1&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=1&kadpageurl=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:48 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

GET
H/1.1 200
OK 7771281 Show response
ads.stickyadstv.com/vast/vpaid-adapter/ 1 KB
2 KB 19ms
18ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/vast/vpaid-adapter/7771281?&_fw_gdpr_consent=1&_fw_gdpr=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: edded7d94720b0231b831dd969c1057d091fa0b2b2dc059e331f00f394e13979

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:48 GMT
Server: nginx
Content-Type: application/xml;charset=ISO-8859-1
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1031
x-sticky-vk: 1566607248322028-3
Expires: Sat, 24 Aug 2019 00:40:48 GMT

GET
H/1.1 200
OK vpaid-adapter.min.js Show response
cdn.stickyadstv.com/mustang/ Frame 645D 320 KB
109 KB 6ms
6ms Script
application/x-javascript 2001:4de0:ac19::1:b:3a
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:3a , Netherlands, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS
Software: /
Resource Hash: 5b2e3d6c6f98a9fa24034a03fcfae43bc3cd98f14223b307bcf097213e78bc73

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:48 GMT
Content-Encoding: gzip
Last-Modified: Wed, 29 May 2019 07:33:39 GMT
ETag: "1559115219"
X-HW: 1566607243.dop036.fr8.t,1566607248.cds142.fr8.shn,1566607248.cds142.fr8.c
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=86400
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 110714

GET auto-user-sync
ads.stickyadstv.com/ Frame 645D 0
0

GET
H/1.1

204
No Content

ping_match.gif
pm.w55c.net/
Redirect Chain

https://ads.stickyadstv.com/auto-user-sync
https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_

0
550 B

37ms
8ms

Image
text/plain

18.196.54.165
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.54.165 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-18-196-54-165.eu-central-1.compute.amazonaws.com
Software: PingMatch/v2.0.30-341-g6a18726#rel-ec2-master i-064c1bbd5b070fa1c@eu-central-1b@dxedge-app_eu-central-1_prod_asg /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:48 GMT
Cache-Control: no-cache, must-revalidate
Server: PingMatch/v2.0.30-341-g6a18726#rel-ec2-master i-064c1bbd5b070fa1c@eu-central-1b@dxedge-app_eu-central-1_prod_asg
Connection: keep-alive
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:48 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://pm.w55c.net/ping_match.gif?st=FREEWHEEL&rurl=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D593&userId=_wfivefivec_
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1566607248589082-7
Expires: Sat, 24 Aug 2019 00:40:48 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame F75D 59 B
576 B 20ms
20ms XHR
text/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7772433&loc=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept: application/xml, text/xml
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:48 GMT
Server: nginx
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 59
x-sticky-vk: 1566607248651037-27
Expires: Sat, 24 Aug 2019 00:40:48 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame F75D 67 B
0 30ms
18ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7772433&_fw_gdpr_consent=1&_fw_gdpr=1&vav=b07ca2ea3de7380aad5d23c353c7522d&vaviv=b06303b8838a5058473aa549c505d06a&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.10.22.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:48 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1566607248589073-7
Expires: Sat, 24 Aug 2019 00:40:48 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 802 B
580 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=77270059&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fsunmedia_genrot_IMA_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ed5f1698d9046627d09376d97dcf0f6359a4e6b3ccf1278b2a5c773ef06e47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 512
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1C4A 41 KB
15 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:48 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1C4A 257 KB
87 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:49 GMT

GET
H/1.1 200
OK / Show response
ads.stickyadstv.com/additional-scripts/ Frame 645D 59 B
576 B 19ms
17ms XHR
text/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7771281&loc=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059

Request headers

Accept: application/xml, text/xml
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:49 GMT
Server: nginx
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 59
x-sticky-vk: 1566607249329056-7
Expires: Sat, 24 Aug 2019 00:40:49 GMT

GET
H/1.1 200
OK swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame 645D 67 B
0 21ms
19ms XHR
application/xml 2.18.234.233
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.stickyadstv.com/www/delivery/swfIndex.php?zoneId=7771281&_fw_gdpr_consent=1&_fw_gdpr=1&vav=d62d8c4aec852a7f0e2be4c4be00b77a&vaviv=131307bfbc34494e3fc48019d7368147&reqType=AdsSetup&protocolVersion=2.0&mustangVersion=1.10.22.0&focus=true&percentViewable=0&componentId=vpaid-adapter&loc=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&playerSize=400x225&supportsFlash=false&supportsJavascript=true
Requested by: Host: cdn.stickyadstv.com
URL: https://cdn.stickyadstv.com/mustang/vpaid-adapter.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.233 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-233.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash

Request headers

Accept: application/xml, text/xml
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:49 GMT
Server: nginx
Content-Type: application/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 67
x-sticky-vk: 1566607248975056-3
Expires: Sat, 24 Aug 2019 00:40:49 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 752 B
560 B 14ms
13ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=621814163&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fmarcacom_marca-com_video_instream-ima%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26ciu_szs%3D300x250%2C320x250%26unviewed_position_start%3D1%26cust_params%3Dinterests%3Dcoche%2Cauto%2Cmotor%2Cdolar%2Cdivisas%2Cbancos%2Carancel%2Cpoliza%2Chospedaje%2Caeropuerto%2Cagencias%2Cviajes%2Ccocina%2Cbate%2Cpenal%2Cbaloncesto%2Cnocaut%2Cbicicleta%2Cropa%2Camor%2Ctendencias%2Cuniversidad%2Ctrabajo%2Coportunidades%2Cbares%2Cantros%2Ccafeterias%2Crestaurantes%2Cviajes%2Ceducacion%2Cgimnasio%2Cautos

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d5fb622a082f5231f1323f28eccd062e64e3b6f8aab668f56dbbe923f92e402d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 488
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EA5D 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=621814163

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:49 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EA5D 257 KB
86 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=621814163

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:49 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 2603 0
0 8ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48241
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1C4A 26 KB
10 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1C4A 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK AdServerServlet Show response
vid.pubmatic.com/AdServer/ 27 B
652 B 14ms
14ms XHR
application/xml 185.64.189.111
PubMatic

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.pubmatic.com/AdServer/AdServerServlet?adtype=13&pubId=156136&siteId=602316&adId=2278586&vadFmt=2&vminl=1&vmaxl=120&vtype=1&vpos=1&vh=360&vw=640&placement=1&vfmt=1+3+4+5+6+7+9+10+11+12&sec=1&gdpr=1&gdpr_consent=1&kadpageurl=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.111 , United Kingdom, ASN62713 (AS-PUBMATIC - PubMatic, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:50 GMT
Content-Encoding: gzip
Server: nginx
Transfer-Encoding: chunked
Connection: keep-alive
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
X-Vdbg: 1:0/165:-1
Content-Type: application/xml; charset=utf-8

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 39ms
39ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/855c843c-c46c-46a8-994a-d0500eeecff5
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 3bc36e47734b2daffc0215d0ee32f4f1cbdd0d3d6269f1eb8b755fde2c24c800

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:50 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5.js Show response
creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/ Frame E223 183 KB
32 KB 41ms
41ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a81653374421ca6484a893e2fd7ca6a42647425c0d7f1fc6d54c4c48f2add9a2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:50 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 18 Jun 2019 12:08:36 GMT
server: nginx
age: 1273070
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32281
accept-ranges: bytes
x-device: desktop

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 741E 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48241
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame EA5D 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EA5D 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 1253ms
1253ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=59826122&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:50 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000235
X-SpotX-Timing-SpotMarket: 0.177809
X-SpotX-Timing-Page-Mux: 0.000184
X-SpotX-Timing-Page-Require: 0.000266
X-fe: 137
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000021
Content-Length: 77
X-SpotX-Timing-Page: 0.180973
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000221
Last-Modified: Sat, 24 Aug 2019 00:40:50 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.083493
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002219
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.094316
X-SpotX-Timing-Page-URI: 0.000018
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2
es-sunelespanol.videoplaza.tv/proxy/tracker/ 0
220 B 28ms
27ms Image
text/plain 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es-sunelespanol.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=9152bd34-d668-4e54-936a-d392c6078abe&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEO5RGLANIKPsEC1UdEhCNWXwCkE6EWZyYW5rZnVydCBhbSBtYWluQgMjIyM&pf=fl_11&pid=cbe8246c-c607-11e9-b6d4-0a58ac16740a&s=RONIH/Desktop&tid=cbe7fd5b-c607-11e9-b6d4-0a58ac16740a&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:50 GMT
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2
es-sunicontent.videoplaza.tv/proxy/tracker/ 0
220 B 28ms
28ms Image
text/plain 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEO5RGLANIKPsEC1UdEhCNWXwCkE6EWZyYW5rZnVydCBhbSBtYWluQgMjIyM&pf=fl_11&pid=c68052d2-c607-11e9-86b5-0a58ac162b8c&s=MobusiIH/WebcindarioDesktop&tid=c7aff9df-c607-11e9-a829-0a58ac163949&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:50 GMT
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame C2AB 3 KB
3 KB 39ms
38ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:51 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830161
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_ava.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame C2AB 895 B
736 B 39ms
39ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a4c0d24adb25697451a4dfa83295e3208beb7debd06d615a67614319ae4e9fac

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:51 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 18 Mar 2019 17:18:45 GMT
server: nginx
age: 1273072
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 423
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame E223 42 B
278 B 41ms
40ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=SMAdFactory
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:51 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865072
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ Frame E223 42 B
278 B 40ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=adl
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:51 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865072
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame C2AB 24 KB
10 KB 7ms
7ms Script
application/javascript 23.8.6.43
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.8.6.43 , Netherlands, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a23-8-6-43.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:51 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=142
Content-Length: 10151
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame C2AB 22 B
2 KB 41ms
40ms Script
application/javascript 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=7303408590&tag=sas_70691&sh=1200&sw=1600&pgDomain=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:50 GMT
Content-Encoding: gzip
X-SMRT-D: 3%3b8%3b121
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK ac Show response
www14.smartadserver.com/ 129 B
2 KB 22ms
21ms XHR
text/xml 185.86.137.17
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www14.smartadserver.com/ac?siteid=295430&pgid=1083836&fmtid=76623&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=-1210946788&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.17 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:51 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ 129 B
1 KB 35ms
35ms XHR
text/xml 185.86.137.42
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://www8.smartadserver.com/ac?siteid=134551&pgid=748410&fmtid=43086&ab=1&tgt=&oc=1&out=vast2&ps=1&pb=0&visit=S&vcn=s&tmstp=4723322&gdpr=1&gdpr_consent=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.137.42 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:50 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: text/xml; charset=utf-8
Content-Length: 228
Expires: -1

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 782ms
274ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=646971776&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:52 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000235
X-SpotX-Timing-SpotMarket: 0.254629
X-SpotX-Timing-Page-Mux: 0.000184
X-SpotX-Timing-Page-Require: 0.000284
X-fe: 109
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 77
X-SpotX-Timing-Page: 0.257589
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000218
Last-Modified: Sat, 24 Aug 2019 00:40:52 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.080811
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002001
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.173818
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2
es-sunelespanol.videoplaza.tv/proxy/tracker/ 0
220 B 28ms
27ms Image
text/plain 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es-sunelespanol.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=9152bd34-d668-4e54-936a-d392c6078abe&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEO5RGLANIKPsEC1UdEhCNWXwCkE6EWZyYW5rZnVydCBhbSBtYWluQgMjIyM&pf=fl_11&pid=ce454e74-c607-11e9-a829-0a58ac163949&s=RONIH/Desktop&tid=ce452763-c607-11e9-a829-0a58ac163949&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:51 GMT
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2
es-sunicontent.videoplaza.tv/proxy/tracker/ 0
220 B 28ms
28ms Image
text/plain 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://es-sunicontent.videoplaza.tv/proxy/tracker/v2?aid=0&cf=short_form&dcid=03f060e8-4a4b-4c8d-b6fe-49bb464e4e0d&e=0&gdpr=1&gdpr_consent=1&loc=CJQCEO5RGLANIKPsEC1UdEhCNWXwCkE6EWZyYW5rZnVydCBhbSBtYWluQgMjIyM&pf=fl_11&pid=cb19ff76-c607-11e9-8bf2-0a58ac164d88&s=MobusiIH/WebcindarioDesktop&tid=cb19d865-c607-11e9-8bf2-0a58ac164d88&tt=p&ua=%5Bua%5D&uc=%5Buc%5D
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Sat, 24 Aug 2019 00:40:51 GMT
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
730 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=342069743&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

5e0c5552f57d8b348749356ec3fee3cc37de44bd5747fb9fe67387346fdc6f81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 662
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8402 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:52 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8402 257 KB
87 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:52 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
729 B 15ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=12834065&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

7306bd494df1ad554c227ad8b1470f2954101207f786f98f46b1e9043e683643

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 661
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1E62 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:52 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1E62 257 KB
86 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:52 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame E37D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48244
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 8402 26 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8402 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 8402 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8402 0
58 B 14ms
14ms Image
image/gif 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%257C640x480%26vpos%3Dpreroll%26iu%3D%252F143394101%252Fca-video-pub-8221793852898543-tag%252F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps%253A%252F%252Fbankingsecure.webcindario.com%252Fd38e9ba3%252Fstep2.php%253Fcmd%253D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%26channel%3Dvastadp%252Bvpaidadp_html5&customPlayback=t&customClick=f&restrict=f&lid=8&sdkv=h.3.327.0&id=ima_html5&c=11353523319337&domain

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 24 Aug 2019 00:40:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 204
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 v2 Show response
es-sunicontent.videoplaza.tv/proxy/distributor/ 74 KB
5 KB 32ms
31ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/WebcindarioDesktop&tt=p&rt=vast_2.0&rn=727098218&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=17&vwt=30
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: 3224f89d2c10df07fbf0caf06a4f4c2b3f37c1b2cac2fb476aeb20f7721a09e8

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 287ms
286ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=1981817279&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:53 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000251
X-SpotX-Timing-SpotMarket: 0.262174
X-SpotX-Timing-Page-Mux: 0.000208
X-SpotX-Timing-Page-Require: 0.000363
X-fe: 132
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000025
Content-Length: 77
X-SpotX-Timing-Page: 0.266178
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000269
Last-Modified: Sat, 24 Aug 2019 00:40:53 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.085206
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002876
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.176968
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 7C5D 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48244
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1E62 26 KB
10 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:53 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1E62 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 v2 Show response
es-sunicontent.videoplaza.tv/proxy/distributor/ 74 KB
5 KB 36ms
36ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/WebcindarioDesktop&tt=p&rt=vast_2.0&rn=314243429&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=17&vwt=30
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: 35dcb9a264d96789c78a8c02480f15b9c876e8b20cd4eb40d391a27cb0454a80

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 914 B
650 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-462923966&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c5f50a4183846aede8794ac2853aa960b58d9081e75983be5befe7e205c2503b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 582
x-xss-protection: 0

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 280ms
280ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=433911187&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:53 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000325
X-SpotX-Timing-SpotMarket: 0.258331
X-SpotX-Timing-Page-Mux: 0.000198
X-SpotX-Timing-Page-Require: 0.000372
X-fe: 125
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000028
Content-Length: 77
X-SpotX-Timing-Page: 0.262319
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000275
Last-Modified: Sat, 24 Aug 2019 00:40:53 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.084716
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002779
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.173615
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A288 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
age: 34
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:19 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A288 257 KB
87 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:53 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 936 B
665 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1248405215&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

94dcb4855ca7c7b307499b1adc9363b4ad1a09154ce3a3ac3ff7f44d29d99b88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 597
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FE15 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:53 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame FE15 257 KB
86 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:53 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame C91E 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48245
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A288 26 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A288 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 803 B
585 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=850957992&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fsunmedia_genrot_IMA_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4eebedb85d32b8794351415b739dba620c236f669e17845e812b10323236652a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 513
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 80D9 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:54 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 80D9 257 KB
87 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:54 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame D610 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48245
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame FE15 26 KB
10 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:54 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame FE15 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 753 B
561 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1113212099&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fmarcacom_marca-com_video_instream-ima%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26ciu_szs%3D300x250%2C320x250%26unviewed_position_start%3D1%26cust_params%3Dinterests%3Dcoche%2Cauto%2Cmotor%2Cdolar%2Cdivisas%2Cbancos%2Carancel%2Cpoliza%2Chospedaje%2Caeropuerto%2Cagencias%2Cviajes%2Ccocina%2Cbate%2Cpenal%2Cbaloncesto%2Cnocaut%2Cbicicleta%2Cropa%2Camor%2Ctendencias%2Cuniversidad%2Ctrabajo%2Coportunidades%2Cbares%2Cantros%2Ccafeterias%2Crestaurantes%2Cviajes%2Ceducacion%2Cgimnasio%2Cautos

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e7397b10c33eccffb3b28f9557387cad97ecb023300c351a7f5922ad4ec83419

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 489
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3313 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=1113212099

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:55 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 3313 257 KB
87 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=1113212099

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:55 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame DEA4 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48246
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 80D9 26 KB
10 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:55 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 80D9 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 38ms
38ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame 45AA 183 KB
32 KB 41ms
41ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 01 Aug 2019 09:12:38 GMT
server: nginx
age: 1956493
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32352
accept-ranges: bytes
x-device: desktop

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame A23B 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48247
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 3313 26 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:56 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3313 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 40ms
38ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/855c843c-c46c-46a8-994a-d0500eeecff5
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 3bc36e47734b2daffc0215d0ee32f4f1cbdd0d3d6269f1eb8b755fde2c24c800

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5.js Show response
creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/ Frame 87FE 183 KB
32 KB 41ms
41ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a81653374421ca6484a893e2fd7ca6a42647425c0d7f1fc6d54c4c48f2add9a2

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 18 Jun 2019 12:08:36 GMT
server: nginx
age: 1273076
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32281
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ 385 B
724 B 38ms
38ms Script
text/html 217.13.124.96
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=10916516800.9470512485278328
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.0, ECDHE_RSA, AES_256_CBC
Server: 217.13.124.96 , Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS: unnamed.nexica.net
Software: Apache /
Resource Hash: 44406acea48ad25a48195e7580b2dd83ba6713e1b0423dfdac97fc2b7f2b96a6

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:57 GMT
Server: Apache
Connection: close
Content-Length: 385
Content-Type: text/html; charset=UTF-8

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 387512ec9dd64e71d115f878142623f3605b12e1554d6b9483b2d3b98d287469

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
tp-cache: HIT
age: 226578
status: 200
x-device: desktop
content-length: 42037
last-modified: Wed, 21 Aug 2019 09:44:33 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
tp-l2-cache: HIT
accept-ranges: bytes

GET zone.php
play.sunmediaads.com/red/ 0
0

GET
H2 200 country.php Show response
services.sunmedia.tv/geotarget/ 16 B
269 B 40ms
40ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
tp-cache: HIT
server: nginx
age: 1273068
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: https://bankingsecure.webcindario.com
content-length: 16

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/ 2 KB
1 KB 40ms
39ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 23a9bb526cc0bdd42144e73172c96a06fb5bc16c4713409dee7071f1cc6ba3d8

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
tp-cache: HIT
age: 25551
status: 200
x-device: desktop
content-length: 708
last-modified: Fri, 23 Aug 2019 17:35:00 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
tp-l2-cache: MISS
accept-ranges: bytes

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/ 4 KB
2 KB 40ms
39ms XHR
application/json 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/8254f813-df2e-4a55-b37f-75555aee94e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: d5e1b7de0619fbd77e4d9f53c6a1821716e7c7b589fc6a687afb855b75bf6a7f

Request headers

Sec-Fetch-Mode: cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
tp-cache: HIT
age: 830167
status: 200
x-device: desktop
content-length: 1337
last-modified: Tue, 23 Jul 2019 11:52:47 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
tp-l2-cache: MISS
accept-ranges: bytes

GET
H2 200 adblockDetector.js Show response
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/ 13 KB
5 KB 39ms
38ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:56 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:40 GMT
server: nginx
age: 830167
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 4831
tp-l2-cache: MISS
accept-ranges: bytes
x-device: desktop

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?C1=1&C2=21892462&C3=&C4=&C5=09
https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09

43 B
309 B

7ms
7ms

Image
image/gif

104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/p2?C1=1&C2=21892462&C3=&C4=&C5=09
Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 6ms
6ms Script
application/javascript 2600:9000:2057:8200:15:efbc:e300:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:8200:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Fri, 23 Aug 2019 15:48:20 GMT
via: 1.1 c26b8e74df43cd99786e716221463d0c.cloudfront.net (CloudFront)
last-modified: Thu, 11 Jul 2019 15:46:11 GMT
server: AmazonS3
age: 31973
etag: "a5442c681a576408c25edbf365995343"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: e9xdCy8g2hybMjBOFtpzRMsv2CxPf-IwG5CuXnt2qWp8DxZXElPnqQ==

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 7ms
7ms Script
application/x-javascript 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: bankingsecure.webcindario.com
URL: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Sat, 24 Aug 2019 00:40:57 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 902
Expires: Sun, 25 Aug 2019 00:40:57 GMT

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 292ms
292ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=580516476&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:57 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000264
X-SpotX-Timing-SpotMarket: 0.272725
X-SpotX-Timing-Page-Mux: 0.000168
X-SpotX-Timing-Page-Require: 0.000253
X-fe: 074
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000028
Content-Length: 77
X-SpotX-Timing-Page: 0.275640
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000213
Last-Modified: Sat, 24 Aug 2019 00:40:57 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.091769
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.001979
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.180956
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 209ms
209ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=358431084&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:57 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000248
X-SpotX-Timing-SpotMarket: 0.189896
X-SpotX-Timing-Page-Mux: 0.000287
X-SpotX-Timing-Page-Require: 0.000275
X-fe: 047
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000025
Content-Length: 77
X-SpotX-Timing-Page: 0.193025
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000221
Last-Modified: Sat, 24 Aug 2019 00:40:57 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.086964
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002062
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.102932
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 403ms
196ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=579883975&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:57 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000243
X-SpotX-Timing-SpotMarket: 0.176739
X-SpotX-Timing-Page-Mux: 0.000278
X-SpotX-Timing-Page-Require: 0.000369
X-fe: 124
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 77
X-SpotX-Timing-Page: 0.180025
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000272
Last-Modified: Sat, 24 Aug 2019 00:40:57 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.082613
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002083
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.094126
X-SpotX-Timing-Page-URI: 0.000018
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
spl.zeotap.com/ 4 KB
4 KB 197ms
196ms Image
text/html 2606:4700:10::6814:8238
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://spl.zeotap.com/?zdid=625&env=mWeb&eventType=pageview%22
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:8238 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
status: 200
content-type: text/html
access-control-allow-origin: *
cf-ray: 50b1471d1df8cbc0-VIE
access-control-allow-headers: *

GET
H/1.1 200
OK p
sb.scorecardresearch.com/ 43 B
309 B 8ms
7ms Image
image/gif 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=665852056&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=1688021
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 38ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=no-pos&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865077
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=req&pb=1&pos=no-pos&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865077
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
279 B 39ms
38ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=ef&pb=1&pos=no-pos&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865077
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 6FA6 3 KB
3 KB 40ms
40ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830167
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 45AA 42 B
279 B 40ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=SMAdFactory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865077
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ Frame 45AA 42 B
279 B 40ms
39ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911&tp=adl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865077
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame D2A2 0
0 9ms
9ms Document
text/html 3.121.36.175
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d.agkn.com/iframe/8613/?che=929846779&gdpr=&gdpr_consent=&url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.121.36.175 Frankfurt am Main, Germany, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-3-121-36-175.eu-central-1.compute.amazonaws.com
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

Cache-Control: no-cache, must-revalidate
Content-Type: text/html;charset=UTF-8
Date: Sat, 24 Aug 2019 00:40:57 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3ATWH311j8sNSBtvnt%2F0kc5SNoPCzl5hs7;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAk80QZJPNEGQAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
Content-Length: 481
Connection: keep-alive

GET
H/1.1 204
No Content b
sb.scorecardresearch.com/ 0
248 B 7ms
7ms Image
text/plain 104.111.214.103
Akamai Technologies

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1566607257142&ns_c=UTF-8&cv=3.1e&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Your%20Information&c7=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&c9=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.111.214.103 , Netherlands, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a104-111-214-103.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 24 Aug 2019 00:40:57 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
730 B 15ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=899623109&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e47def490a57c0aa4b7ca91c63ea4330d147fc5878daaed5dd1747628b899b6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 662
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CD61 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:57 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
730 B 15ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=606123158&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

f29ad70bd94b8364ec26bee5238a173699d187df766344af95b09ab23ff78690

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 662
x-xss-protection: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CD61 257 KB
87 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:57 GMT

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 65ED 41 KB
15 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:57 GMT

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 2CA3 3 KB
3 KB 40ms
39ms Image
image/png 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Wed, 14 Aug 2019 10:03:26 GMT
server: nginx
age: 830167
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
tp-l2-cache: HIT
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 87FE 42 B
279 B 41ms
40ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=SMAdFactory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865078
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ Frame 87FE 42 B
279 B 41ms
40ms Image
image/gif 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=adl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3865078
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 65ED 257 KB
86 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:57 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
729 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=210179124&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

d8a3bfd3f7d03f5077c6c9e82580b754f2ba2f862f31b53f0b6e41e6b5c36ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 661
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EAF4 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:57 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame EAF4 257 KB
86 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:57 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame A066 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48249
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame CD61 26 KB
10 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame CD61 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 2CD9 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48249
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 65ED 26 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 65ED 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 v2 Show response
es-sunicontent.videoplaza.tv/proxy/distributor/ 74 KB
5 KB 32ms
32ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/WebcindarioDesktop&tt=p&rt=vast_2.0&rn=241600343&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=225&vwt=400
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: d9b0f9990344a1ca090f4c8b2698f9b41aa2ba3ff28ba0b3bb9d516eed7c8da8

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 v2 Show response
es-sunicontent.videoplaza.tv/proxy/distributor/ 74 KB
5 KB 34ms
34ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/WebcindarioDesktop&tt=p&rt=vast_2.0&rn=57072523&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=225&vwt=400
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: e4d6726da297264a87869925e809b733b047caa3a4fb8bca8e0c779586bc3d17

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame F925 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48249
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame EAF4 26 KB
10 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:58 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame EAF4 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 197ms
196ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=-979208311&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:58 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000232
X-SpotX-Timing-SpotMarket: 0.177186
X-SpotX-Timing-Page-Mux: 0.000209
X-SpotX-Timing-Page-Require: 0.000352
X-fe: 115
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
Content-Length: 77
X-SpotX-Timing-Page: 0.180777
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000282
Last-Modified: Sat, 24 Aug 2019 00:40:58 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.081705
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002484
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.095481
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 914 B
650 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-96332892&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

c5f50a4183846aede8794ac2853aa960b58d9081e75983be5befe7e205c2503b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 582
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9EBA 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
age: 39
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:19 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9EBA 257 KB
87 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:58 GMT

GET
H2 200 v2 Show response
es-sunicontent.videoplaza.tv/proxy/distributor/ 74 KB
5 KB 35ms
34ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunicontent.videoplaza.tv/proxy/distributor/v2?s=MobusiIH/WebcindarioDesktop&tt=p&rt=vast_2.0&rn=979874108&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e&vht=17&vwt=30
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: 9cbd414c64847d9b613efd1a8b8a52e4aa9d990f1ed99fcef872dec12e9a9feb

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
status: 200
vary: Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 193ms
193ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=-405282986&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:40:58 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000240
X-SpotX-Timing-SpotMarket: 0.172920
X-SpotX-Timing-Page-Mux: 0.000172
X-SpotX-Timing-Page-Require: 0.000275
X-fe: 110
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000021
Content-Length: 77
X-SpotX-Timing-Page: 0.176380
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000219
Last-Modified: Sat, 24 Aug 2019 00:40:58 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.083024
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002524
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.089896
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 935 B
670 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=655933612&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

e85019c2ff5ef0958576dd3465c47d4f409210748b60c6d4cfc4e54aa85896ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 598
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 04F8 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:58 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 04F8 257 KB
86 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:58 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 936 B
666 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1123935590&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Flive%2Fads%3Fsz%3D400x300%7C640x480%26vpos%3Dpreroll%26iu%3D%2F143394101%2Fca-video-pub-8221793852898543-tag%2F3353350710%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D1%26type%3Djs%26unviewed_position_start%3D1%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

8ba84d67ed4dd6911426a9b25ff39c9b54758de23a180435bb45bd88bc68fbf4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 598
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 68D1 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:55:59 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 68D1 257 KB
87 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:59 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame CDC2 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48250
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 9EBA 26 KB
10 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9EBA 109 B
171 B 17ms
16ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 196ms
195ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e&cb=-1480349264&player_width=640&player_height=385&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

Date: Sat, 24 Aug 2019 00:41:00 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000235
X-SpotX-Timing-SpotMarket: 0.175061
X-SpotX-Timing-Page-Mux: 0.000184
X-SpotX-Timing-Page-Require: 0.000258
X-fe: 124
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000020
Content-Length: 77
X-SpotX-Timing-Page: 0.177827
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000203
Last-Modified: Sat, 24 Aug 2019 00:41:00 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.084240
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bankingsecure.webcindario.com
X-SpotX-Timing-Page-Misc: 0.001857
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.090821
X-SpotX-Timing-Page-URI: 0.000008
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 4496 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48250
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 04F8 26 KB
10 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:40:59 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 04F8 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:40:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 753 B
557 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1284763738&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fmarcacom_marca-com_video_instream-ima%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26ciu_szs%3D300x250%2C320x250%26unviewed_position_start%3D1%26cust_params%3Dinterests%3Dcoche%2Cauto%2Cmotor%2Cdolar%2Cdivisas%2Cbancos%2Carancel%2Cpoliza%2Chospedaje%2Caeropuerto%2Cagencias%2Cviajes%2Ccocina%2Cbate%2Cpenal%2Cbaloncesto%2Cnocaut%2Cbicicleta%2Cropa%2Camor%2Ctendencias%2Cuniversidad%2Ctrabajo%2Coportunidades%2Cbares%2Cantros%2Ccafeterias%2Crestaurantes%2Cviajes%2Ceducacion%2Cgimnasio%2Cautos

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

726b0e283faf73a2425e0bac47a881e416c1540c13fc78b5ea711ebea0a2e2cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 489
x-xss-protection: 0

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame FDAF 0
0 6ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48251
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 68D1 26 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:41:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 68D1 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1D7F 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=1284763738

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:56:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 803 B
580 B 14ms
13ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=356017003&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fsunmedia_genrot_IMA_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

41707d55eac4b7ec0e0794ab566f9f2575ea6d7b31e4f7db0e7858a3d42d317e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 512
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2E15 41 KB
15 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:56:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 1D7F 257 KB
87 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D300x250%7C320x180%7C320x240%7C640x360%7C640x480%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php%3Fcmd%3D_account-details%26channel%3Dvastadp&correlator=1284763738

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:41:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 2E15 257 KB
86 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:41:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 803 B
580 B 14ms
14ms XHR
text/xml 2a00:1450:4001:814::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=424527342&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D300x250%7C320x180%7C320x240%7C400x300%7C540x360%7C640x360%7C640x480%7C720x576%7C768x576%7C1280x720%26description_url%3Dhttps://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e%26vpos%3Dpreroll%26iu%3D%2F260217354%2Fsunmedia_genrot_IMA_video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

da5476085870cd1aee4763ef7348ee29aa3957053885e2bea701e2c82e55aea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 512
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A15D 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Aug 2019 17:52:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 15281
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:56:00 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A15D 257 KB
86 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 88416
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:41:00 GMT

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame F10F 0
0 7ms
7ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48252
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 1D7F 26 KB
10 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:41:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1D7F 109 B
171 B 15ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 1A6A 0
0 6ms
5ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48252
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 2E15 26 KB
10 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:41:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 2E15 109 B
171 B 14ms
14ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 41ms
41ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame 4AB9 183 KB
32 KB 39ms
38ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 01 Aug 2019 09:12:38 GMT
server: nginx
age: 1956498
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32352
accept-ranges: bytes
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 82ms
81ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 bridge3.327.0_en.html
imasdk.googleapis.com/js/core/ Frame 1082 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81f::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.327.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.327.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: nested-navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: nested-navigate
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
content-length: 192153
date: Fri, 23 Aug 2019 11:16:49 GMT
expires: Sat, 22 Aug 2020 11:16:49 GMT
last-modified: Thu, 22 Aug 2019 17:50:57 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 48252
alt-svc: quic=":443"; ma=2592000; v="46,43,39"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A15D 26 KB
10 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81f::2006
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 10523
x-xss-protection: 0
expires: Sat, 24 Aug 2019 00:41:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A15D 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:81a::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bankingsecure.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 104
x-xss-protection: 0

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame ECA9 183 KB
32 KB 44ms
44ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 01 Aug 2019 09:12:38 GMT
server: nginx
age: 1956499
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32352
accept-ranges: bytes
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911 Show response
vast.sunmedia.tv/creatives/ 1 KB
704 B 45ms
45ms XHR
text/xml 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee

Request headers

Accept: */*
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: https://bankingsecure.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js Show response
creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/ Frame 317B 183 KB
32 KB 40ms
40ms Script
application/javascript 185.103.39.29
StackScale

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911/video/c0e3c66a-4d89-4fd3-8ef5-bdf36eba3911.js?xclk=
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.103.39.29 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks - StackScale, ES),
Reverse DNS
Software: nginx /
Resource Hash: 70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://bankingsecure.webcindario.com/d38e9ba3/step2.php?cmd=_account-details&session=0ba7690269389f160a67388ba6a4d8d0&dispatch=a5aefcca8ba6d2878f77497d693f1ad9472e719e
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Sat, 24 Aug 2019 00:41:01 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Thu, 01 Aug 2019 09:12:38 GMT
server: nginx
age: 1956499
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
content-length: 32352
accept-ranges: bytes
x-device: desktop

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mbckjcfnjmoiinpgddefodcighgikkgn
URL: chrome-extension://mbckjcfnjmoiinpgddefodcighgikkgn/common/ui/fonts/fonts.css

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/additional-scripts/?zoneId=7772433&loc=https%3A%2F%2Fbankingsecure.webcindario.com%2Fd38e9ba3%2Fstep2.php%3Fcmd%3D_account-details%26session%3D0ba7690269389f160a67388ba6a4d8d0%26dispatch%3Da5aefcca8ba6d2878f77497d693f1ad9472e719e

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync

Domain: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/auto-user-sync

Domain: play.sunmediaads.com
URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=10916516810.05846119639305081

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4(Line 1) Message: [43m%s[0m
console-api	log	URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4(Line 1) Message: [43m%s[0m

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
ads.stickyadstv.com
adservice.google.com
adservice.google.de
bankingsecure.webcindario.com
cdn.stickyadstv.com
ced.sascdn.com
cm.g.doubleclick.net
creatives.sunmedia.tv
d.agkn.com
des.smartclip.net
es-sunelespanol.videoplaza.tv
es-sunicontent.videoplaza.tv
fonts.googleapis.com
googleads.g.doubleclick.net
hosting.miarroba.info
ib.adnxs.com
imasdk.googleapis.com
img.sunmediaads.com
inter1ads.com
js.agkn.com
match.adsrvr.org
mbckjcfnjmoiinpgddefodcighgikkgn
my.rtmark.net
pagead2.googlesyndication.com
play.sunmediaads.com
pm.w55c.net
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
services.sunmedia.tv
spl.zeotap.com
static.sunmedia.tv
stats.g.doubleclick.net
sync-tm.everesttech.net
tharbadir.com
tpc.googlesyndication.com
track.sunmedia.tv
um.simpli.fi
vast.sunmedia.tv
vid.pubmatic.com
ww2951.smartadserver.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www14.smartadserver.com
www8.smartadserver.com
ads.stickyadstv.com
mbckjcfnjmoiinpgddefodcighgikkgn
play.sunmediaads.com
104.111.214.103
151.101.114.49
159.253.128.183
172.217.23.130
176.34.155.195
18.196.54.165
185.103.39.29
185.28.138.9
185.33.223.206
185.64.189.111
185.86.137.17
185.86.137.42
185.94.180.124
188.42.160.79
188.72.202.185
2.18.234.233
2001:4de0:ac19::1:b:3a
217.13.124.96
23.8.6.43
2600:9000:2057:8200:15:efbc:e300:93a1
2606:4700:10::6814:8238
2606:4700:20::6819:ce08
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:814::2001
2a00:1450:4001:81a::2002
2a00:1450:4001:81a::2008
2a00:1450:4001:81f::2006
2a00:1450:4001:81f::200a
2a00:1450:4001:820::2004
2a00:1450:4001:821::2003
2a00:1450:400c:c00::9b
3.121.36.175
46.228.164.11
5.57.226.202
54.72.175.179
78.140.190.84
89.255.250.53
00117fe5f15b6166d5979931289ff4c36ff22733e4a2457ed7701459510a5adb
01705b3423086dcad42e15b6e7d5dab92779ba44115acfa4cda9a9683457d3ab
03569bb9a48922288c3bab6565ba0ca4c084b030c9fcf1bd928e86161f73381d
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
091d24fe781f3838b6615fbec243cb32540f4a00920bafb33aca4852de29e709
09f63fe4c127d01c5f249265d06abf0f4d719f4774253c0a862b447ab9cfdd91
0a923b4956947985314cd6947dfc629e7c40a2cd3c9fd8634a4118734e3d0679
0a92cef3edc8f5c5f0dc758cb8d677f626a1c58ce1f4fc0d8a90345283f5b8e6
0c6bcd65a3aeeb3b29f12abaf14e4a224a7c04b33baaa6407490f910c14cd201
12a7fa6321c87394b0759f8ba06687921d716d0d6650edae7ed844818d4f1204
147c9b6d66bbf445ca9c733370787385da5a17dc481db8aeba5f0cf8935644a1
23a9bb526cc0bdd42144e73172c96a06fb5bc16c4713409dee7071f1cc6ba3d8
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2
304c4d58bc96f9044db5242d13fb805398147a3d56b06004fbe93705c3b1dd50
31c9e431123db9eb6fa90be42154b3b30d20cb99e66e5ef0fc2dcbf3e161fdda
31e10cc09bea97dba5e4c0fc2326da6ecf757e9b7c16c3c1a3950afcb04154ec
3224f89d2c10df07fbf0caf06a4f4c2b3f37c1b2cac2fb476aeb20f7721a09e8
35dcb9a264d96789c78a8c02480f15b9c876e8b20cd4eb40d391a27cb0454a80
376f8487ce1c921532163b4dbee376a4c12e4bd913bc4ca675fd643849cf34de
379cda98ebfac8c883629a900a2b9c9b327523cf690ab563c33a944879ed0d12
3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3
387512ec9dd64e71d115f878142623f3605b12e1554d6b9483b2d3b98d287469
3bc36e47734b2daffc0215d0ee32f4f1cbdd0d3d6269f1eb8b755fde2c24c800
41707d55eac4b7ec0e0794ab566f9f2575ea6d7b31e4f7db0e7858a3d42d317e
44406acea48ad25a48195e7580b2dd83ba6713e1b0423dfdac97fc2b7f2b96a6
47d881104bfd68a19d9c2d1a3b408130312ee6877d2d0927a031d6e0b8b33f05
47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60
4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eebedb85d32b8794351415b739dba620c236f669e17845e812b10323236652a
4ef291a9591f8f556adb0c1e4334aa33fd099a382b156e26c3a571d43c2fdb2f
51fc7dd6785544a11f722305aecaa83ee6465257154fd2f923f216c2687ecab1
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b2e3d6c6f98a9fa24034a03fcfae43bc3cd98f14223b307bcf097213e78bc73
5c11ab784bb010baff75e3b31f0483ec691dbac3d46204b06041182fe6796ade
5df8ea94dc9ef7cdcd48f8648572abef34c55764f67af6f5c4f1f4c9423e0059
5e0c5552f57d8b348749356ec3fee3cc37de44bd5747fb9fe67387346fdc6f81
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
69e886c25d85cdb6a2ba2d17462b1181ec5bbf0de350e38fcbcffd3b163abda6
6faff1c939a50b046b98c124b959cb7cba4782252358581a19cbb06e9896afdc
70c7603c84e2dd986692564ea92d11c8724daf4bedd3f722ce8960340c00edb3
726b0e283faf73a2425e0bac47a881e416c1540c13fc78b5ea711ebea0a2e2cf
7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb
7306bd494df1ad554c227ad8b1470f2954101207f786f98f46b1e9043e683643
7549028ea0c6e0a068b31babfab18cd280445509246946ac7bfa3c0f2ad48232
76c393f564f53c19e795307e622edc8657a603f7a816c2646385697286d11313
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb
7bd88cb301ceab248d238039c77f7a916a14f1ffea2111acd2b989ee5fc99d6f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
844d547fe3ea721b2564e1e99408d0a548350b57155841242692502122afa38d
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87880099e05f19790a658d8a5932fb94262e90da07ed89e28ead41199552f2ee
8ba84d67ed4dd6911426a9b25ff39c9b54758de23a180435bb45bd88bc68fbf4
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94dcb4855ca7c7b307499b1adc9363b4ad1a09154ce3a3ac3ff7f44d29d99b88
981d0fb185c1d6e84bc50b2f79f4f5fd3b72c6a0da44785e7b23917822d877f4
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9cbd414c64847d9b613efd1a8b8a52e4aa9d990f1ed99fcef872dec12e9a9feb
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
9f995b1c42942ededcce16bba381a19d3b30e0e75a36e0ea956f6a54e040dffe
a04a64eb55c4a16ed352d149385a8ac8d8c2d3291f0e5b59b0f48375443b5f24
a4c0d24adb25697451a4dfa83295e3208beb7debd06d615a67614319ae4e9fac
a5e2c4fdd359e2ed2cb7d96a7091984bcdd2f6cec4ad149c3a5da0d888943b6f
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a81653374421ca6484a893e2fd7ca6a42647425c0d7f1fc6d54c4c48f2add9a2
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
b6269ba069607937878a844979bc43717d522383526e6ccc199dee358ada1cdf
bd30ffd9618eaa423abb4c900f4af01cac18be85d75265ba08d87d5230bf85b8
bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412
c5f50a4183846aede8794ac2853aa960b58d9081e75983be5befe7e205c2503b
c6965e9f3f7781fe0b28f288e460064d7a79a26233f91cff1bcaaa6f41b81517
c76ec02cec718e75ad53163a2bb869fbe880fc056e93b3a27b63512bdd1158e8
c9726692ff3f4208be2fad81b8046319b1f4be603b258f1e76542f692ded021b
ca597eb2b78227b4a13ce03c50edf98f8bb2d5d441fbdb0797b109ae945e5901
cb9dec9c0f2ca5c19676106deb2290d08e535106ae5825a4031c621bc5163940
cd18bffd336b7dd7761dc8e7a9fb539e09bbb6e4f87b5c4ef61d60f37ccf8d5a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d1ed5f1698d9046627d09376d97dcf0f6359a4e6b3ccf1278b2a5c773ef06e47
d2c7897ab8ee5d602556bb4293dfc2229888c41efa745ccdfb1b67b6904cb767
d5e1b7de0619fbd77e4d9f53c6a1821716e7c7b589fc6a687afb855b75bf6a7f
d5fb622a082f5231f1323f28eccd062e64e3b6f8aab668f56dbbe923f92e402d
d643248773c88a5efbcb0880558aa6d9e1f775291e2e9b5aec460e1279b92520
d8a3bfd3f7d03f5077c6c9e82580b754f2ba2f862f31b53f0b6e41e6b5c36ed1
d9b0f9990344a1ca090f4c8b2698f9b41aa2ba3ff28ba0b3bb9d516eed7c8da8
da5476085870cd1aee4763ef7348ee29aa3957053885e2bea701e2c82e55aea9
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47def490a57c0aa4b7ca91c63ea4330d147fc5878daaed5dd1747628b899b6d
e4d6726da297264a87869925e809b733b047caa3a4fb8bca8e0c779586bc3d17
e7397b10c33eccffb3b28f9557387cad97ecb023300c351a7f5922ad4ec83419
e7f7ea71d568f98fd218b2ba1bd35bb450fb081b55dda066132c5b7333e84b59
e85019c2ff5ef0958576dd3465c47d4f409210748b60c6d4cfc4e54aa85896ff
e982e3a8dd8e8e2ced1b78d36616a02680d458fe193a33801e2c06ce6f573a94
ec9fb463b24c671f0652fa3e3fa2e976b45c2d81e49e918056a30f46e506124c
edded7d94720b0231b831dd969c1057d091fa0b2b2dc059e331f00f394e13979
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f29ad70bd94b8364ec26bee5238a173699d187df766344af95b09ab23ff78690
f876042041fbf3fd3ca277c5bc8d70ae5a82769a34e186a2b7cb3b7357c52c77
fee52e445c4cd07f5ff70f49f516efd3730ee75db734a43a345824736c3b0220
ffd4d7234cf2bc278ca4a32f1dd13e2a1a2b7f546dac409da0989c2def3dfddc

bankingsecure.webcindario.com Open in urlscan Pro 5.57.226.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

422 Requests

99 %HTTPS

40 %IPv6

33 Domains

49 Subdomains

37 IPs

10 Countries

4946 kBTransfer

15745 kBSize

0 Cookies

1 Outgoing links

Redirected requests

422 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bankingsecure.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

422
Requests

99 %
HTTPS

40 %
IPv6

33
Domains

49
Subdomains

37
IPs

10
Countries

4946 kB
Transfer

15745 kB
Size

0
Cookies

422 HTTP transactions
4 data transactions