fac5ky8du3s2.webcindario.com Open in urlscan Pro
5.57.226.202 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://clickmetertracking.com/doc-pdf-w33923
Effective URL:
http://fac5ky8du3s2.webcindario.com/
Submission Tags: falconsandbox
Submission: On February 17 via api (February 17th 2022, 5:36:15 am UTC) from US — Scanned from DE

Summary HTTP 23 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 4 countries across 12 domains to perform 23 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is fac5ky8du3s2.webcindario.com.

This is the only time fac5ky8du3s2.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

PDF-s2f1ILxrUchhvUXQ9GL.zip 308 KB application/zip

SHA256: 4939aeb92844bba72b733f1329a3c9ba6844ccee66c7c242fb9994586bdf5d91

MIME: Zip archive data, at least v2.0 to extract

Size: 308 KB (315612 bytes, 100% done)

Downloaded from: blob:http://fac5ky8du3s2.webcindario.com/44c0b29c-85af-4c42-ac07-6f2588f967ca

Domain & IP information

	IP Address	AS Autonomous System
1 1	54.225.214.143 54.225.214.143	14618 (AMAZON-AES) (AMAZON-AES)
1	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
1	2a06:98c1:312... 2a06:98c1:3120::f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
1	212.92.55.6 212.92.55.6	24592 (NEXICA-AS) (NEXICA-AS)
8	54.38.37.49 54.38.37.49	16276 (OVH) (OVH)
1	3.15.75.122 3.15.75.122	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	51.89.67.82 51.89.67.82	16276 (OVH) (OVH)
2	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
2	34.102.243.38 34.102.243.38	15169 (GOOGLE) (GOOGLE)
1	3.18.95.30 3.18.95.30	16509 (AMAZON-02) (AMAZON-02)
4 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
23	13

1 54.225.214.143 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-225-214-143.compute-1.amazonaws.com

clickmetertracking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

fac5ky8du3s2.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::f (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

img.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.92.55.6 (Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unamed.nexica.net

play.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.38.37.49 (France)

ASN16276 (OVH, FR)
PTR: ns31418924.ip-54-38-37.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.15.75.122 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-15-75-122.us-east-2.compute.amazonaws.com

servingcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.67.82 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3166667.ip-51-89-67.eu

services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.102.243.38 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 38.243.102.34.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.18.95.30 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-18-95-30.us-east-2.compute.amazonaws.com

jnxm2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	sunmedia.tv static.sunmedia.tv — Cisco Umbrella Rank: 29375 services.sunmedia.tv — Cisco Umbrella Rank: 35403 track.sunmedia.tv — Cisco Umbrella Rank: 33712	171 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 295	2 KB
4	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 1606 pixel.tapad.com — Cisco Umbrella Rank: 357	2 KB
2	pghub.io pghub.io — Cisco Umbrella Rank: 1411	8 KB
2	sunmediaads.com img.sunmediaads.com — Cisco Umbrella Rank: 159252 play.sunmediaads.com — Cisco Umbrella Rank: 175118	114 KB
1	jnxm2.com jnxm2.com — Cisco Umbrella Rank: 21662	23 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 197	6 KB
1	servingcdn.net servingcdn.net — Cisco Umbrella Rank: 122801	32 KB
1	smartclip.net des.smartclip.net — Cisco Umbrella Rank: 28419	514 B
1	miarroba.info hosting.miarroba.info	686 B
1	webcindario.com fac5ky8du3s2.webcindario.com	313 KB
1	clickmetertracking.com 1 redirects clickmetertracking.com — Cisco Umbrella Rank: 384135	343 B
23	12

	Domain	Requested by
4	match.adsrvr.org	4 redirects
4	track.sunmedia.tv
4	static.sunmedia.tv	fac5ky8du3s2.webcindario.com static.sunmedia.tv
2	pixel.tapad.com	pandg.tapad.com
2	pandg.tapad.com	pghub.io
2	pghub.io	fac5ky8du3s2.webcindario.com
1	jnxm2.com	servingcdn.net
1	services.sunmedia.tv	static.sunmedia.tv
1	cdnjs.cloudflare.com	servingcdn.net
1	servingcdn.net	img.sunmediaads.com
1	play.sunmediaads.com	img.sunmediaads.com
1	img.sunmediaads.com	fac5ky8du3s2.webcindario.com
1	des.smartclip.net	fac5ky8du3s2.webcindario.com
1	hosting.miarroba.info	fac5ky8du3s2.webcindario.com
1	fac5ky8du3s2.webcindario.com
1	clickmetertracking.com	1 redirects
23	16

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-08` - `2022-07-07`	a year	crt.sh
sunmedia.tv R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
servingcdn.net Amazon	`2021-10-19` - `2022-11-17`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2022-02-02` - `2023-02-17`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh
jnxm2.com Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh

This page contains 4 frames:

Primary Page: http://fac5ky8du3s2.webcindario.com/
Frame ID: BBAD980DF125CD7042AA6ACDF4A507AB
Requests: 18 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Ffac5ky8du3s2.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
Frame ID: 1E90278D9B6C7DA124406173844232E3
Requests: 2 HTTP requests in this frame

Frame: https://jnxm2.com/sclk?ref=http%3A%2F%2Ffac5ky8du3s2.webcindario.com
Frame ID: 9520664EB7616A36B83A8199CCAA7699
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Ffac5ky8du3s2.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Business%22%7D
Frame ID: B46CBAF2C360C0C0FAE7A049CECC85EE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://clickmetertracking.com/doc-pdf-w33923 HTTP 302
http://fac5ky8du3s2.webcindario.com/ Page URL

Detected technologies

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>

Page Statistics

23
Requests

83 %
HTTPS

13 %
IPv6

12
Domains

16
Subdomains

13
IPs

4
Countries

671 kB
Transfer

1127 kB
Size

8
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://clickmetertracking.com/doc-pdf-w33923 HTTP 302
http://fac5ky8du3s2.webcindario.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=773098f6-2612-4c64-8e6b-06ba713a7d6a&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0

Request Chain 21

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0b6a8076-e218-4637-a31e-daf28e37b973&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0

23 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
fac5ky8du3s2.webcindario.com/
Redirect Chain

http://clickmetertracking.com/doc-pdf-w33923
http://fac5ky8du3s2.webcindario.com/

414 KB
313 KB

206ms
162ms

Document
text/html

5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://fac5ky8du3s2.webcindario.com/
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: ba4f46c878723a8cc8c05b4860f00f4501c2eae0b8dcd799fb87fa4d9aba7eec

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Server: nginx
Date: Thu, 17 Feb 2022 05:36:11 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120
Vary: Accept-Encoding
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip

Redirect headers

Cache-Control: no-cache, no-store
Date: Thu, 17 Feb 2022 05:36:10 GMT
Engine: clickmeter.redirect, version 2.0
Expires: -1
Location: http://fac5ky8du3s2.webcindario.com
X-Rate-Limit-Limit: 20s
X-Rate-Limit-Remaining: 299
X-Rate-Limit-Reset: 2022-02-17T05:36:31.1215680Z
Content-Length: 0
Connection: keep-alive

GET
H2 200 / Show response
hosting.miarroba.info/ 0
686 B 250ms
177ms Script
application/javascript 2a06:98c1:3120::f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=bc5588964952193223369469ff994aff754fdd51&h=2085729&t=1645076171&k=4ef565f3e66a3ee07eb23fdd74cd5b1f
Requested by: Host: fac5ky8du3s2.webcindario.com
URL: http://fac5ky8du3s2.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:11 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Thu, 17 Feb 2022 05:36:11 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8TeG5zjtG0HIMlEU77UW5GyhUSoca9gsd3AJ08Pbv5LcUaBA%2FGLsH2zFQTtm4uNvRPpBEX6phl3OaeWlEBCcJ7yQmxKxH4B%2BUk5MHjhUT8wI9KIlDjwL9qWDisSl4wAFOj4ksTB59y8QSINc0yR0qeNw%2F6s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
cache-control: no-cache
cf-ray: 6deca818cb7a069a-LHR
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200 ads Show response
des.smartclip.net/ 20 B
514 B 37ms
20ms Script
application/javascript 35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=bc5588964952193223369469ff994aff754fdd51&sz=400x320&rnd=30582985
Requested by: Host: fac5ky8du3s2.webcindario.com
URL: http://fac5ky8du3s2.webcindario.com/
Protocol: HTTP/1.1
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 05:36:11 GMT
Content-Encoding: gzip
Sc-Supply-Network: 999999
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Via: 1.1 google
Sc-Uuid: 7ddff80d-cbde-0d62-6357-aceb2f2baf8c
Transfer-Encoding: chunked
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Sc-Device-Type: PC
Server: openresty/1.19.9.1

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ 112 KB
113 KB 57ms
20ms Script
text/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: fac5ky8du3s2.webcindario.com
URL: http://fac5ky8du3s2.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:11 GMT
last-modified: Sun, 05 Apr 2020 16:15:53 GMT
etag: "1586103353"
x-hw: 1645076171.dop123.fr8.t,1645076171.cds280.fr8.hn,1645076171.cds208.fr8.c
content-type: text/javascript
cache-control: max-age=63067
accept-ranges: bytes
content-length: 115125

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ 1005 B
2 KB 155ms
50ms Script
text/html 212.92.55.6
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=1036975540.7941013058701551
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.55.6 , Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS: unamed.nexica.net
Software: Apache /
Resource Hash: be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date: Thu, 17 Feb 2022 05:20:56 GMT
Server: Apache
Connection: close
Content-Length: 1005
Content-Type: text/html; charset=UTF-8

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 247 KB
83 KB 117ms
43ms Script
application/javascript 54.38.37.49
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: fac5ky8du3s2.webcindario.com
URL: http://fac5ky8du3s2.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.37.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31418924.ip-54-38-37.eu
Software: nginx /
Resource Hash: a9d34a997c2066cd3a02c221ebba2276d7deb2bafb07fd4e59ef9da72b3d1195

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 15 Feb 2022 14:43:54 GMT
server: nginx
age: 139880
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 84727
accept-ranges: bytes
x-device: mobile

GET
H2 200 / Show response
servingcdn.net/ 32 KB
32 KB 417ms
122ms Script
application/javascript 3.15.75.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.15.75.122 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-15-75-122.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 5aae559fb41404159a24118e2659839f743967a7be3eed3a743ce51217f777a7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 17 Feb 2022 05:36:12 GMT
server: nginx/1.20.0
x-powered-by: Express
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 32534
expires: -1

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 57ms
57ms Script
application/javascript 54.38.37.49
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=http%253A%252F%252Ffac5ky8du3s2.webcindario.com%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.37.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31418924.ip-54-38-37.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 403649
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 106ms
39ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 270446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5117
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ER60MzdfIV2ekQfgkYzhjQq0GPE86SNrzcJDcvqQSBlBW8oReHBfNqTxItXOFnfja3s3A31QaXzNV2ynhjImNrF2KKI0oOdyDZ2mCco%2FGufJ280KPmldDul7ofSIkjd9y33MPThP6%2FS2S%2BpQti%2FaaRSY"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6deca81f5b06771a-LHR
expires: Tue, 07 Feb 2023 05:36:12 GMT

GET
H2 200 b50000f8-170a-4dc8-a66e-61993d94c500.js Show response
static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/ 245 KB
83 KB 30ms
29ms Script
application/javascript 54.38.37.49
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Requested by: Host: fac5ky8du3s2.webcindario.com
URL: http://fac5ky8du3s2.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.37.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31418924.ip-54-38-37.eu
Software: nginx /
Resource Hash: 1a1b392c99e2deda244bf5f96c6d2c0ccd6ac5a3fdcdfd597463cebdf4c879be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 15 Feb 2022 14:44:01 GMT
server: nginx
age: 139875
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 84388
accept-ranges: bytes
x-device: mobile

GET
H2 200 geocity.php Show response
services.sunmedia.tv/geotarget/ 478 B
732 B 76ms
26ms XHR
application/json 51.89.67.82
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/geocity.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.67.82 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3166667.ip-51-89-67.eu
Software: nginx /
Resource Hash: d6e933130bc998fe50cdeae4d63c1e79098640f85c02f711d336ec1a0216afe7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
tp-cache: HIT
server: nginx
age: 160464
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: http://fac5ky8du3s2.webcindario.com
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 478

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 30ms
29ms Script
application/javascript 54.38.37.49
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=http%253A%252F%252Ffac5ky8du3s2.webcindario.com%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.37.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31418924.ip-54-38-37.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 403649
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 69ms
25ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: fac5ky8du3s2.webcindario.com
URL: http://fac5ky8du3s2.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 04:54:47 GMT
content-encoding: gzip
age: 2485
x-guploader-uploadid: ADPycdvq21AYKddaPal4YwZJWBn_BjMY5sdSHVNFtL1u_eQsy_7SXVMs4RZUrkAiGQSR2z4xzm__1tEc6VL_e847V10ceHhrCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
last-modified: Mon, 22 Nov 2021 21:22:46 GMT
server: UploadServer
etag: "9f5012774da47c70284c82ae0ce443d7"
vary: Accept-Encoding
x-goog-hash: crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation: 1637616166247508
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3637
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 30ms
29ms Image
image/gif 54.38.37.49
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.37.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31418924.ip-54-38-37.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 2995650
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 30ms
29ms Image
image/gif 54.38.37.49
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=err&pb=1&pos=0&loop=1&err=Error%3A%20No%20user%20consent
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.37.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31418924.ip-54-38-37.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 2995650
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 1E90 188 B
694 B 74ms
29ms Document
text/html 34.102.243.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Ffac5ky8du3s2.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

83b2b7c08c110f938272b06d1e307d8a3d67c137bfb7c1fa237d168364e9f5c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2 200 sclk Show response
jnxm2.com/ Frame 9520 23 KB
23 KB 343ms
113ms Document
text/html 3.18.95.30
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jnxm2.com/sclk?ref=http%3A%2F%2Ffac5ky8du3s2.webcindario.com
Requested by: Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.18.95.30 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-18-95-30.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: b400202d1a81d42be1f0ddff05b8d2e2d43e476191c96abe29911c972f17bb8f

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/

Response headers

date: Thu, 17 Feb 2022 05:36:13 GMT
content-type: text/html; charset=utf-8
content-length: 23230
server: nginx/1.20.0
x-powered-by: Express
access-control-allow-origin: *
etag: W/"5abe-lxJa7Duj2mmp7MLmAvusTXFh7o8"

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 1E90
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0&gdpr=&gdpr_consent=${gdpr_consent}
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=773098f6-2612-4c64-8e6b-06ba713a7d6a&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0

95 B
581 B

63ms
26ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=773098f6-2612-4c64-8e6b-06ba713a7d6a&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0

Requested by

Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=http%3A%2F%2Ffac5ky8du3s2.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:13 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Thu, 17 Feb 2022 05:36:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=773098f6-2612-4c64-8e6b-06ba713a7d6a&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 18ms
17ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: fac5ky8du3s2.webcindario.com
URL: http://fac5ky8du3s2.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 04:54:47 GMT
content-encoding: gzip
age: 2485
x-guploader-uploadid: ADPycdvq21AYKddaPal4YwZJWBn_BjMY5sdSHVNFtL1u_eQsy_7SXVMs4RZUrkAiGQSR2z4xzm__1tEc6VL_e847V10ceHhrCQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
last-modified: Mon, 22 Nov 2021 21:22:46 GMT
server: UploadServer
etag: "9f5012774da47c70284c82ae0ce443d7"
vary: Accept-Encoding
x-goog-hash: crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation: 1637616166247508
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3637
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 25ms
25ms Image
image/gif 54.38.37.49
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.37.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31418924.ip-54-38-37.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 2995650
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 25ms
25ms Image
image/gif 54.38.37.49
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=err&pb=1&pos=0&loop=1&err=Error%3A%20No%20user%20consent
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 54.38.37.49 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31418924.ip-54-38-37.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:12 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 2995650
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H2 200 tag Show response
pandg.tapad.com/ Frame B46C 188 B
432 B 26ms
26ms Document
text/html 34.102.243.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.102.243.38 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

38.243.102.34.bc.googleusercontent.com

Software

Resource Hash

83b2b7c08c110f938272b06d1e307d8a3d67c137bfb7c1fa237d168364e9f5c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: http://fac5ky8du3s2.webcindario.com/

Response headers

date: Thu, 17 Feb 2022 05:36:13 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame B46C
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0&gdpr=&gdpr_consent=${gdpr_consent}
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0b6a8076-e218-4637-a31e-daf28e37b973&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0

95 B
420 B

32ms
26ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0b6a8076-e218-4637-a31e-daf28e37b973&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0

Requested by

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date: Thu, 17 Feb 2022 05:36:13 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Thu, 17 Feb 2022 05:36:13 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=0b6a8076-e218-4637-a31e-daf28e37b973&ttd_puid=48229876-3b37-4854-b095-a71d76b4a2a0
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webcindario.com/	1970-01-25 20:31:23	Name: __muid Value: bc5588964952193223369469ff994aff754fdd51
.sunmediaads.com/	1970-01-20 09:43:32	Name: lz_frecy Value: %7B%22HEZRL65RXYI2%22%3A%7B%22times%22%3A1%2C%22time%22%3A1645138800%7D%7D
.sunmediaads.com/	1970-01-20 09:43:32	Name: lz_frecy_crea Value: %7B%22HEZRL65RXYI2%22%3A%7B%221%22%3A%7B%22visto%22%3A1%2C%22time%22%3A1645138800%7D%7D%7D
.tapad.com/	1970-01-20 02:24:20	Name: TapAd_TS Value: 1645076172864
.tapad.com/	1970-01-20 02:24:20	Name: TapAd_DID Value: 48229876-3b37-4854-b095-a71d76b4a2a0
.adsrvr.org/	1970-01-20 09:43:32	Name: TDID Value: 0b6a8076-e218-4637-a31e-daf28e37b973
.adsrvr.org/	1970-01-20 09:43:32	Name: TDCPM Value: CAESFAoFdGFwYWQSCwi-lf2Trvi4OhAFGAUgASgCMgsIhN3OwMT4uDoQBTgB
.tapad.com/	1970-01-20 02:24:20	Name: TapAd_3WAY_SYNCS Value: 1!1157

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
clickmetertracking.com
des.smartclip.net
fac5ky8du3s2.webcindario.com
hosting.miarroba.info
img.sunmediaads.com
jnxm2.com
match.adsrvr.org
pandg.tapad.com
pghub.io
pixel.tapad.com
play.sunmediaads.com
services.sunmedia.tv
servingcdn.net
static.sunmedia.tv
track.sunmedia.tv
15.197.193.217
205.185.216.42
212.92.55.6
2606:4700::6810:125e
2a06:98c1:3120::f
3.15.75.122
3.18.95.30
34.102.243.38
35.186.194.101
35.227.248.159
35.241.45.217
5.57.226.202
51.89.67.82
54.225.214.143
54.38.37.49
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3
1a1b392c99e2deda244bf5f96c6d2c0ccd6ac5a3fdcdfd597463cebdf4c879be
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
5aae559fb41404159a24118e2659839f743967a7be3eed3a743ce51217f777a7
7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb
7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5
83b2b7c08c110f938272b06d1e307d8a3d67c137bfb7c1fa237d168364e9f5c3
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
a9d34a997c2066cd3a02c221ebba2276d7deb2bafb07fd4e59ef9da72b3d1195
b400202d1a81d42be1f0ddff05b8d2e2d43e476191c96abe29911c972f17bb8f
ba4f46c878723a8cc8c05b4860f00f4501c2eae0b8dcd799fb87fa4d9aba7eec
be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
d6e933130bc998fe50cdeae4d63c1e79098640f85c02f711d336ec1a0216afe7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

fac5ky8du3s2.webcindario.com Open in urlscan Pro 5.57.226.202 Public Scan

Summary

urlscan.io Verdict: No classification

Downloads These files were downloaded by the website

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

23 Requests

83 %HTTPS

13 %IPv6

12 Domains

16 Subdomains

13 IPs

4 Countries

671 kBTransfer

1127 kBSize

8 Cookies

0 Outgoing links

Page URL History

Redirected requests

23 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

8 Cookies

Indicators

fac5ky8du3s2.webcindario.com Open in urlscan Pro
5.57.226.202 Public Scan

Screenshot
Live screenshot

Full Image

23
Requests

83 %
HTTPS

13 %
IPv6

12
Domains

16
Subdomains

13
IPs

4
Countries

671 kB
Transfer

1127 kB
Size

8
Cookies

23 HTTP transactions
0 data transactions