doc4kdjsh3s.webcindario.com Open in urlscan Pro
5.57.226.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://clickmetertracking.com/doc-pdf-w33923
Effective URL:
http://doc4kdjsh3s.webcindario.com/
Submission: On February 17 via api (February 17th 2022, 1:01:46 am UTC) from US — Scanned from DE

Summary HTTP 24 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 12 domains to perform 24 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is doc4kdjsh3s.webcindario.com.

This is the only time doc4kdjsh3s.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

PDF-H5fUxJcwIFF0mk9wtzIwyV.zip 308 KB application/zip

SHA256: 7b40512a005e166c9d09a6d94e9d8fdd49d22bb8b760db7350b3de60d2d7fcb8

MIME: Zip archive data, at least v2.0 to extract

Size: 308 KB (315612 bytes, 100% done)

Downloaded from: blob:http://doc4kdjsh3s.webcindario.com/57704547-cbe7-4946-9b0b-519b11a05d7f

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.225.214.143 54.225.214.143	14618 (AMAZON-AES) (AMAZON-AES)
1	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
2	2a06:98c1:312... 2a06:98c1:3120::f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	212.92.55.8 212.92.55.8	24592 (NEXICA-AS) (NEXICA-AS)
8	141.94.109.48 141.94.109.48	16276 (OVH) (OVH)
1	18.217.244.105 18.217.244.105	16509 (AMAZON-02) (AMAZON-02)
1	51.91.154.17 51.91.154.17	16276 (OVH) (OVH)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
1	3.135.53.81 3.135.53.81	16509 (AMAZON-02) (AMAZON-02)
2	34.102.243.38 34.102.243.38	15169 (GOOGLE) (GOOGLE)
4 4	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
24	13

1 54.225.214.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-214-143.compute-1.amazonaws.com

clickmetertracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

doc4kdjsh3s.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a06:98c1:3120::f (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

img.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.92.55.8 (Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unamed.nexica.net

play.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 141.94.109.48 (France)

ASN16276 (OVH, FR)
PTR: ns31438425.ip-141-94-109.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.217.244.105 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-244-105.us-east-2.compute.amazonaws.com

servingcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.91.154.17 (France)

ASN16276 (OVH, FR)
PTR: ns3158246.ip-51-91-154.eu

services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.135.53.81 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-135-53-81.us-east-2.compute.amazonaws.com

jnxm2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.243.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.243.102.34.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.71.131.137 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	sunmedia.tv static.sunmedia.tv — Cisco Umbrella Rank: 29375 services.sunmedia.tv — Cisco Umbrella Rank: 35403 track.sunmedia.tv — Cisco Umbrella Rank: 33712	171 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
4	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 1606 pixel.tapad.com — Cisco Umbrella Rank: 357	2 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1411	8 KB
2	sunmediaads.com img.sunmediaads.com — Cisco Umbrella Rank: 159252 play.sunmediaads.com — Cisco Umbrella Rank: 175118	114 KB
2	miarroba.info hosting.miarroba.info	2 KB
1	jnxm2.com jnxm2.com — Cisco Umbrella Rank: 21662	14 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	6 KB
1	servingcdn.net servingcdn.net — Cisco Umbrella Rank: 122801	32 KB
1	smartclip.net des.smartclip.net — Cisco Umbrella Rank: 28419	514 B
1	webcindario.com doc4kdjsh3s.webcindario.com	313 KB
1	clickmetertracking.com 1 redirects clickmetertracking.com — Cisco Umbrella Rank: 384135	342 B
24	12

	Domain	Requested by
4	match.adsrvr.org	4 redirects
4	track.sunmedia.tv
4	static.sunmedia.tv	doc4kdjsh3s.webcindario.com static.sunmedia.tv
2	pixel.tapad.com	pandg.tapad.com
2	pandg.tapad.com	pghub.io
2	pghub.io	doc4kdjsh3s.webcindario.com
2	hosting.miarroba.info	doc4kdjsh3s.webcindario.com
1	jnxm2.com	servingcdn.net
1	cdnjs.cloudflare.com	servingcdn.net
1	services.sunmedia.tv	static.sunmedia.tv
1	servingcdn.net	img.sunmediaads.com
1	play.sunmediaads.com	img.sunmediaads.com
1	img.sunmediaads.com	doc4kdjsh3s.webcindario.com
1	des.smartclip.net	doc4kdjsh3s.webcindario.com
1	doc4kdjsh3s.webcindario.com
1	clickmetertracking.com	1 redirects
24	16

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-08` - `2022-07-07`	a year	crt.sh
sunmedia.tv R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
servingcdn.net Amazon	`2021-10-19` - `2022-11-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-17`	a year	crt.sh
jnxm2.com Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: http://doc4kdjsh3s.webcindario.com/
Frame ID: A0CA345D607C1D3142F47354E2FBAA38
Requests: 18 HTTP requests in this frame

Frame: http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: CEBE8E877EAB27DB261A26BDB7119AC4
Requests: 1 HTTP requests in this frame

Frame: https://jnxm2.com/rnd?ref=http%3A%2F%2Fdoc4kdjsh3s.webcindario.com
Frame ID: 1E5AAA31AE35C2FBC8BA4B8FC7E13F61
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fdoc4kdjsh3s.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
Frame ID: DFE2CBCC9976677ADDC3F221DF8A2C21
Requests: 2 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fdoc4kdjsh3s.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Business%22%7D
Frame ID: 38C99147F4D24C5C4F97F8AA888FE07C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://clickmetertracking.com/doc-pdf-w33923 HTTP 302
http://doc4kdjsh3s.webcindario.com/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

24
Requests

79 %
HTTPS

13 %
IPv6

12
Domains

16
Subdomains

13
IPs

3
Countries

664 kB
Transfer

1120 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://clickmetertracking.com/doc-pdf-w33923 HTTP 302
http://doc4kdjsh3s.webcindario.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ef4bb16e-aded-4afa-9e9e-a3572e05409a&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90

Request Chain 22

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ef4bb16e-aded-4afa-9e9e-a3572e05409a&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
doc4kdjsh3s.webcindario.com/
Redirect Chain

http://clickmetertracking.com/doc-pdf-w33923
http://doc4kdjsh3s.webcindario.com/

414 KB
313 KB

325ms
208ms

Document
text/html

5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://doc4kdjsh3s.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: f3a2b7fe0b646de54b307d3d0a0d9b4e8a534274585f776e156b40179d594bbb

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 17 Feb 2022 01:01:42 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120
Vary: Accept-Encoding
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip

Redirect headers

Cache-Control: no-cache, no-store
Date: Thu, 17 Feb 2022 01:01:41 GMT
Engine: clickmeter.redirect, version 2.0
Expires: -1
Location: http://doc4kdjsh3s.webcindario.com
X-Rate-Limit-Limit: 20s
X-Rate-Limit-Remaining: 299
X-Rate-Limit-Reset: 2022-02-17T01:02:01.8746110Z
Content-Length: 0
Connection: keep-alive

GET
H2 200 / Show response
hosting.miarroba.info/ 1 KB
1 KB 297ms
214ms Script
application/javascript 2a06:98c1:3120::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=b94c22f22ebb04f84c7b73ab32ea6db16fe81da3&h=2085724&t=1645059702&k=69f358071e1e8e118117b475e5aec656
Requested by: Host: doc4kdjsh3s.webcindario.com
URL: http://doc4kdjsh3s.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 02c0489f219eb958a5509c90f74b1b10fe6ab7defc334ee036a6da1fcb538ab0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:42 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 17 Feb 2022 01:01:42 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6xkXD%2BOqIey9uSikv8FdFR8BRb3Qr8oH9AADngBVt6rZHnnqx17CrOtg%2Bm0Y5PSSXXKS7WfSxuduKqpJ99kRRO2Hif9xiLNE7VevNreyfGJxgFTz7yBbdAn%2FanoZExdJ2QkIgqG%2Bw0fANJYQceVH82i0pA%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
cache-control: no-cache
cf-ray: 6deb1604bd5474b9-LHR
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200 ads Show response
des.smartclip.net/ 20 B
514 B 47ms
17ms Script
application/javascript 35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=b94c22f22ebb04f84c7b73ab32ea6db16fe81da3&sz=400x320&rnd=7924636
Requested by: Host: doc4kdjsh3s.webcindario.com
URL: http://doc4kdjsh3s.webcindario.com/
Protocol: HTTP/1.1
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 01:01:42 GMT
Content-Encoding: gzip
Sc-Supply-Network: 999999
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Via: 1.1 google
Sc-Uuid: 043790ad-769e-0d62-1cc3-53c022796e4f
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Sc-Device-Type: PC
Server: openresty/1.19.9.1

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ 112 KB
113 KB 220ms
17ms Script
text/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: doc4kdjsh3s.webcindario.com
URL: http://doc4kdjsh3s.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:42 GMT
last-modified: Sun, 05 Apr 2020 16:15:53 GMT
etag: "1586103353"
x-hw: 1645059702.dop153.fr8.t,1645059702.cds216.fr8.hn,1645059702.cds208.fr8.c
content-type: text/javascript
cache-control: max-age=79536
accept-ranges: bytes
content-length: 115125

POST
H/1.1 200
OK 607f6b0b381bbc1f64fa027d62891072_cookie.php Show response
hosting.miarroba.info/ Frame CEBE 46 B
886 B 135ms
109ms Document
text/html 2a06:98c1:3120::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by: Host: doc4kdjsh3s.webcindario.com
URL: http://doc4kdjsh3s.webcindario.com/
Protocol: HTTP/1.1
Server: 2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88

Request headers

Upgrade-Insecure-Requests: 1
Origin: http://doc4kdjsh3s.webcindario.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/

Response headers

Date: Thu, 17 Feb 2022 01:01:42 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qEqL0Exhm1RVKcbvrrTUNvDfg8zzTip6En1s0CTHtYwuNwwDu%2FoCbmk6NFAHLZV0GhOicuprBJXnpXvKKlLJwmll4%2BWNF1LYFP8iU9SW5K674K9hc52qkjy2CQ%2Fc5BnpYXol4q6bkNZkD24sszJEjC7YQeM%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 6deb16065bc7071a-LHR
Content-Encoding: gzip
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ 1005 B
2 KB 270ms
48ms Script
text/html 212.92.55.8
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=872286320.11141029565784577
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.55.8 , Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS: unamed.nexica.net
Software: Apache /
Resource Hash: be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 00:37:14 GMT
Server: Apache
Connection: close
Content-Length: 1005
Content-Type: text/html; charset=UTF-8

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 247 KB
83 KB 114ms
25ms Script
application/javascript 141.94.109.48
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: doc4kdjsh3s.webcindario.com
URL: http://doc4kdjsh3s.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31438425.ip-141-94-109.eu
Software: nginx /
Resource Hash: a9d34a997c2066cd3a02c221ebba2276d7deb2bafb07fd4e59ef9da72b3d1195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:43 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 15 Feb 2022 14:43:54 GMT
server: nginx
age: 123413
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 84727
accept-ranges: bytes
x-device: desktop

GET
H2 200 / Show response
servingcdn.net/ 32 KB
32 KB 468ms
227ms Script
application/javascript 18.217.244.105
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.244.105 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-244-105.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 5aae559fb41404159a24118e2659839f743967a7be3eed3a743ce51217f777a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 01:01:43 GMT
server: nginx/1.20.0
x-powered-by: Express
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 32534
expires: -1

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 29ms
29ms Script
application/javascript 141.94.109.48
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=http%253A%252F%252Fdoc4kdjsh3s.webcindario.com%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31438425.ip-141-94-109.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:43 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 997411
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: desktop
accept-ranges: bytes
content-length: 1634

GET
H2 200 geocity.php Show response
services.sunmedia.tv/geotarget/ 456 B
710 B 220ms
28ms XHR
application/json 51.91.154.17
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/geocity.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.91.154.17 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3158246.ip-51-91-154.eu
Software: nginx /
Resource Hash: 66bdd4a13eec954e63ac104261b3c2a6d9495f272b4fae0048a8329229aa594a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:43 GMT
tp-cache: HIT
server: nginx
age: 143997
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://doc4kdjsh3s.webcindario.com
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 456

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 92ms
35ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 174136
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5117
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MDhd8ysjb1kwxnMHcquxK%2FY7BbuWTGW6mwUI5mciIv2liKXNS3wAIDhQ5P7hUiGCFTNqvu%2FtN%2FmfAlXhNnSNxfWcjsnFUa%2ByYBHrUWSf2Aon2xkyvdRz3a%2BHrz%2FU4gy%2FEmlfLHYB43m10zIQiz468crb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6deb160ced65f403-LHR
expires: Tue, 07 Feb 2023 01:01:43 GMT

GET
H2 200 b50000f8-170a-4dc8-a66e-61993d94c500.js Show response
static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/ 245 KB
83 KB 24ms
24ms Script
application/javascript 141.94.109.48
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Requested by: Host: doc4kdjsh3s.webcindario.com
URL: http://doc4kdjsh3s.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31438425.ip-141-94-109.eu
Software: nginx /
Resource Hash: 1a1b392c99e2deda244bf5f96c6d2c0ccd6ac5a3fdcdfd597463cebdf4c879be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:43 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 15 Feb 2022 14:44:01 GMT
server: nginx
age: 123406
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 84388
accept-ranges: bytes
x-device: mobile

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 26ms
26ms Script
application/javascript 141.94.109.48
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=http%253A%252F%252Fdoc4kdjsh3s.webcindario.com%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31438425.ip-141-94-109.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:43 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 997412
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: desktop
accept-ranges: bytes
content-length: 1634

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 55ms
16ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: doc4kdjsh3s.webcindario.com
URL: http://doc4kdjsh3s.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 00:10:34 GMT
content-encoding: gzip
age: 3069
x-guploader-uploadid: ADPycdvSCrpk6q5D_kZXStKgjauuFFBPK5hkULyfROhP_ldR4gdVsrmQpXJhWe-YDj8UXNd7s8rr1MRqqTb8k8ECedg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
last-modified: Mon, 22 Nov 2021 21:22:46 GMT
server: UploadServer
etag: "9f5012774da47c70284c82ae0ce443d7"
vary: Accept-Encoding
x-goog-hash: crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation: 1637616166247508
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3637
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 34ms
24ms Image
image/gif 141.94.109.48
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31438425.ip-141-94-109.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:43 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3589412
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 33ms
23ms Image
image/gif 141.94.109.48
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=err&pb=1&pos=0&loop=1&err=Error%3A%20No%20user%20consent
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31438425.ip-141-94-109.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:43 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3589412
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 rnd Show response
jnxm2.com/ Frame 1E5A 14 KB
14 KB 467ms
217ms Document
text/html 3.135.53.81
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jnxm2.com/rnd?ref=http%3A%2F%2Fdoc4kdjsh3s.webcindario.com
Requested by: Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.135.53.81 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-135-53-81.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: dbb8f13a0869723765ef152183e542e1d7770c9bde3779fe9f5dd177685747e3

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/

Response headers

date: Thu, 17 Feb 2022 01:01:44 GMT
content-type: text/html; charset=utf-8
content-length: 14338
server: nginx/1.20.0
x-powered-by: Express
access-control-allow-origin: *
etag: W/"3802-KmrepPsEg3ijjxcU8IzPvue6MyI"

GET
H2 200 tag Show response
pandg.tapad.com/ Frame DFE2 188 B
694 B 78ms
23ms Document
text/html 34.102.243.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fdoc4kdjsh3s.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

65c44aac558d3e4eafa21e7e879f020f8bb1ccbe1226729fb5a6488bd8feaaac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/

Response headers

date: Thu, 17 Feb 2022 01:01:44 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 16ms
16ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: doc4kdjsh3s.webcindario.com
URL: http://doc4kdjsh3s.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 00:10:34 GMT
content-encoding: gzip
age: 3070
x-guploader-uploadid: ADPycdvSCrpk6q5D_kZXStKgjauuFFBPK5hkULyfROhP_ldR4gdVsrmQpXJhWe-YDj8UXNd7s8rr1MRqqTb8k8ECedg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
last-modified: Mon, 22 Nov 2021 21:22:46 GMT
server: UploadServer
etag: "9f5012774da47c70284c82ae0ce443d7"
vary: Accept-Encoding
x-goog-hash: crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation: 1637616166247508
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3637
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 24ms
24ms Image
image/gif 141.94.109.48
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31438425.ip-141-94-109.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:44 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3589412
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 23ms
23ms Image
image/gif 141.94.109.48
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=err&pb=1&pos=0&loop=1&err=Error%3A%20No%20user%20consent
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.109.48 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31438425.ip-141-94-109.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:44 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 3589412
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 42

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame DFE2
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90&gdpr=&gdpr_consent=${gdpr_consent}
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ef4bb16e-aded-4afa-9e9e-a3572e05409a&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90

95 B
580 B

69ms
24ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ef4bb16e-aded-4afa-9e9e-a3572e05409a&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90

Requested by

Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Fdoc4kdjsh3s.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:44 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Thu, 17 Feb 2022 01:01:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ef4bb16e-aded-4afa-9e9e-a3572e05409a&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 38C9 188 B
431 B 24ms
24ms Document
text/html 34.102.243.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

65c44aac558d3e4eafa21e7e879f020f8bb1ccbe1226729fb5a6488bd8feaaac

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://doc4kdjsh3s.webcindario.com/

Response headers

date: Thu, 17 Feb 2022 01:01:44 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 38C9
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90&gdpr=&gdpr_consent=${gdpr_consent}
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ef4bb16e-aded-4afa-9e9e-a3572e05409a&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90

95 B
419 B

70ms
24ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ef4bb16e-aded-4afa-9e9e-a3572e05409a&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90

Requested by

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 01:01:44 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Thu, 17 Feb 2022 01:01:44 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=ef4bb16e-aded-4afa-9e9e-a3572e05409a&ttd_puid=2777167f-eb3e-4689-88fc-9d3083000c90
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webcindario.com/	1970-01-25 20:31:23	Name: __muid Value: b94c22f22ebb04f84c7b73ab32ea6db16fe81da3
.sunmediaads.com/	1970-01-20 09:43:15	Name: lz_frecy Value: %7B%22HEZRL65RXYI2%22%3A%7B%22times%22%3A1%2C%22time%22%3A1645138800%7D%7D
.sunmediaads.com/	1970-01-20 09:43:15	Name: lz_frecy_crea Value: %7B%22HEZRL65RXYI2%22%3A%7B%221%22%3A%7B%22visto%22%3A1%2C%22time%22%3A1645138800%7D%7D%7D
.tapad.com/	1970-01-20 02:24:03	Name: TapAd_TS Value: 1645059704051
.tapad.com/	1970-01-20 02:24:03	Name: TapAd_DID Value: 2777167f-eb3e-4689-88fc-9d3083000c90
.adsrvr.org/	1970-01-20 09:43:15	Name: TDID Value: ef4bb16e-aded-4afa-9e9e-a3572e05409a
.adsrvr.org/	1970-01-20 09:43:15	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjOkcOQ4-64OhAFGAUgASgCMgsIoomWvfnuuDoQBTgB
.tapad.com/	1970-01-20 02:24:03	Name: TapAd_3WAY_SYNCS Value: 1!1153

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
clickmetertracking.com
des.smartclip.net
doc4kdjsh3s.webcindario.com
hosting.miarroba.info
img.sunmediaads.com
jnxm2.com
match.adsrvr.org
pandg.tapad.com
pghub.io
pixel.tapad.com
play.sunmediaads.com
services.sunmedia.tv
servingcdn.net
static.sunmedia.tv
track.sunmedia.tv
141.94.109.48
18.217.244.105
205.185.216.42
212.92.55.8
2606:4700::6810:135e
2a06:98c1:3120::f
3.135.53.81
34.102.243.38
35.186.194.101
35.227.248.159
35.241.45.217
35.71.131.137
5.57.226.202
51.91.154.17
54.225.214.143
02c0489f219eb958a5509c90f74b1b10fe6ab7defc334ee036a6da1fcb538ab0
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88
1a1b392c99e2deda244bf5f96c6d2c0ccd6ac5a3fdcdfd597463cebdf4c879be
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
5aae559fb41404159a24118e2659839f743967a7be3eed3a743ce51217f777a7
65c44aac558d3e4eafa21e7e879f020f8bb1ccbe1226729fb5a6488bd8feaaac
66bdd4a13eec954e63ac104261b3c2a6d9495f272b4fae0048a8329229aa594a
7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb
7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
a9d34a997c2066cd3a02c221ebba2276d7deb2bafb07fd4e59ef9da72b3d1195
be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
dbb8f13a0869723765ef152183e542e1d7770c9bde3779fe9f5dd177685747e3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3a2b7fe0b646de54b307d3d0a0d9b4e8a534274585f776e156b40179d594bbb

doc4kdjsh3s.webcindario.com Open in urlscan Pro 5.57.226.202 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

79 %HTTPS

13 %IPv6

12 Domains

16 Subdomains

13 IPs

3 Countries

664 kBTransfer

1120 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

8 Cookies

Indicators

doc4kdjsh3s.webcindario.com Open in urlscan Pro
5.57.226.202 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

79 %
HTTPS

13 %
IPv6

12
Domains

16
Subdomains

13
IPs

3
Countries

664 kB
Transfer

1120 kB
Size

8
Cookies

24 HTTP transactions
0 data transactions