idvbuo.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e6461726...
Submission: On January 26 via automatic, source openphish (January 26th 2020, 12:34:16 pm UTC)

Summary HTTP 185 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 41 IPs in 10 countries across 33 domains to perform 185 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is idvbuo.webcindario.com.

This is the only time idvbuo.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Bank of America (Banking)

Domain & IP information

	IP Address	AS Autonomous System
15	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
19	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700:20:... 2606:4700:20::681a:cc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:814::2008	15169 (GOOGLE) (GOOGLE)
3 7	2a00:1450:400... 2a00:1450:4001:815::200e	15169 (GOOGLE) (GOOGLE)
2	54.72.49.47 54.72.49.47	16509 (AMAZON-02) (AMAZON-02)
2	89.255.250.53 89.255.250.53	60626 (LEASEWEBCDN) (LEASEWEBCDN)
3 3	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
3 3	2a00:1450:400... 2a00:1450:4001:824::2004	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:824::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:81e::2002	15169 (GOOGLE) (GOOGLE)
9	152.199.23.241 152.199.23.241	15133 (EDGECAST) (EDGECAST)
3	130.61.96.156 130.61.96.156	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	34.252.123.130 34.252.123.130	16509 (AMAZON-02) (AMAZON-02)
1	52.30.78.155 52.30.78.155	16509 (AMAZON-02) (AMAZON-02)
3	23.0.38.131 23.0.38.131	16625 (AKAMAI-AS) (AKAMAI-AS)
2	212.92.39.34 212.92.39.34	24592 (NEXICA-AS) (NEXICA-AS)
50	51.68.35.185 51.68.35.185	16276 (OVH) (OVH)
1	2600:9000:214... 2600:9000:214f:d600:15:efbc:e300:93a1	16509 (AMAZON-02) (AMAZON-02)
2 5	2.16.186.80 2.16.186.80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	159.69.72.190 159.69.72.190	24940 (HETZNER-AS) (HETZNER-AS)
2	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
2 4	23.5.97.37 23.5.97.37	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2600:9000:205... 2600:9000:2057:2200:19:fc2c:a140:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:814::200a	15169 (GOOGLE) (GOOGLE)
2	68.232.35.16 68.232.35.16	15133 (EDGECAST) (EDGECAST)
4	34.95.120.147 34.95.120.147	15169 (GOOGLE) (GOOGLE)
2	185.33.223.215 185.33.223.215	29990 (ASN-APPNEX) (ASN-APPNEX)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2600:9000:205... 2600:9000:2057:e000:a:d79f:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:20:... 2606:4700:20::681a:d72	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	23.210.249.92 23.210.249.92	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.210.249.83 23.210.249.83	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.28.138.9 185.28.138.9	197541 (VIDEOPLAZ...) (VIDEOPLAZA-AS)
4	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:824::2006	15169 (GOOGLE) (GOOGLE)
2	2.16.186.105 2.16.186.105	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	185.86.137.113 185.86.137.113	201081 (SMARTADSE...) (SMARTADSERVER)
185	41

15 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

idvbuo.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:cc8 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:814::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:815::200e (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.72.49.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-49-47.eu-west-1.compute.amazonaws.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.255.250.53 (Germany)

ASN60626 (LEASEWEBCDN, NL)

img.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400c:c0c::9c (Brussels, Belgium) 3 redirects

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2004 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:824::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 152.199.23.241 (United States)

ASN15133 (EDGECAST, US)

tags.tiqcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 130.61.96.156 (Frankfurt am Main, Germany)

ASN31898 (ORACLE-BMC-31898, US)

cdn.smartclip-services.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.123.130 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-123-130.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.78.155 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

bofa.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.0.38.131 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-0-38-131.deploy.static.akamaitechnologies.com

public.cobrowse.oraclecloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 212.92.39.34 (Barcelona, Spain)

ASN24592 (NEXICA-AS, ES)

play.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 51.68.35.185 (France)

ASN16276 (OVH, FR)
PTR: ns3128584.ip-51-68-35.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vast.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
creatives.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:d600:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)

js.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.16.186.80 (Ascension Island) 2 redirects

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-80.deploy.static.akamaitechnologies.com

b.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 159.69.72.190 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cm022.richaudience.com

sync.richaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.124 (Netherlands)

ASN35220 (SPOTX-AMS, NL)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.5.97.37 (Netherlands) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-5-97-37.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:2200:19:fc2c:a140:93a1 (United States)

ASN16509 (AMAZON-02, US)

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:814::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 68.232.35.16 (United States)

ASN15133 (EDGECAST, US)

ec.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 34.95.120.147 (United States)

ASN15169 (GOOGLE, US)
PTR: 147.120.95.34.bc.googleusercontent.com

sun-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.215 (Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:e000:a:d79f:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

prebid.digitru.st	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:d72 (United States)

ASN13335 (CLOUDFLARENET, US)

miarroba.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.92 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-92.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.210.249.83 (Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-83.deploy.static.akamaitechnologies.com

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.28.138.9 (Sweden)

ASN197541 (VIDEOPLAZA-AS, SE)

es-sunelespanol.videoplaza.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:818::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:824::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.186.105 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-105.deploy.static.akamaitechnologies.com

ced.sascdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)

www8.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
50	sunmedia.tv static.sunmedia.tv services.sunmedia.tv track.sunmedia.tv vast.sunmedia.tv creatives.sunmedia.tv	450 KB
15	webcindario.com idvbuo.webcindario.com	548 KB
14	googleapis.com ajax.googleapis.com fonts.googleapis.com imasdk.googleapis.com	454 KB
12	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	244 KB
9	scorecardresearch.com 4 redirects b.scorecardresearch.com sb.scorecardresearch.com	6 KB
9	tiqcdn.com tags.tiqcdn.com	137 KB
9	google.com 3 redirects adservice.google.com www.google.com	2 KB
7	google-analytics.com 3 redirects www.google-analytics.com	36 KB
6	doubleclick.net 3 redirects googleads.g.doubleclick.net stats.g.doubleclick.net	479 B
5	google.de adservice.google.de www.google.de	669 B
4	2mdn.net s0.2mdn.net	41 KB
4	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com	128 B
4	adnxs.com ib.adnxs.com acdn.adnxs.com	2 KB
4	openx.net sun-d.openx.net eu-u.openx.net	738 B
4	sascdn.com ec.sascdn.com ced.sascdn.com	41 KB
4	sunmediaads.com img.sunmediaads.com play.sunmediaads.com	59 KB
3	richaudience.com sync.richaudience.com	615 B
3	agkn.com js.agkn.com d.agkn.com	3 KB
3	oraclecloud.com public.cobrowse.oraclecloud.com	36 KB
3	smartclip-services.com cdn.smartclip-services.com	42 KB
3	googletagmanager.com www.googletagmanager.com	60 KB
2	smartadserver.com www8.smartadserver.com	3 KB
2	videoplaza.tv es-sunelespanol.videoplaza.tv	8 KB
2	criteo.net static.criteo.net	32 KB
2	digitru.st prebid.digitru.st	2 KB
2	criteo.com bidder.criteo.com	302 B
2	spotxchange.com search.spotxchange.com	3 KB
2	demdex.net dpm.demdex.net bofa.demdex.net	2 KB
2	googletagservices.com www.googletagservices.com	55 KB
2	smartclip.net des.smartclip.net	3 KB
2	miarroba.info hosting.miarroba.info	426 B
1	miarroba.com miarroba.com
0	bankofamerica.com Failed jazz-pt.ecnp.bankofamerica.com Failed
185	33

	Domain	Requested by
17	static.sunmedia.tv	idvbuo.webcindario.com static.sunmedia.tv creatives.sunmedia.tv
15	idvbuo.webcindario.com	idvbuo.webcindario.com tags.tiqcdn.com
14	track.sunmedia.tv	creatives.sunmedia.tv
12	imasdk.googleapis.com	static.sunmedia.tv imasdk.googleapis.com
11	creatives.sunmedia.tv	static.sunmedia.tv creatives.sunmedia.tv
9	tags.tiqcdn.com	idvbuo.webcindario.com tags.tiqcdn.com
8	pagead2.googlesyndication.com	idvbuo.webcindario.com pagead2.googlesyndication.com
7	www.google-analytics.com	3 redirects www.googletagmanager.com idvbuo.webcindario.com
6	vast.sunmedia.tv	static.sunmedia.tv
6	adservice.google.com	pagead2.googlesyndication.com imasdk.googleapis.com
5	b.scorecardresearch.com	2 redirects idvbuo.webcindario.com
4	s0.2mdn.net	imasdk.googleapis.com
4	tpc.googlesyndication.com	static.sunmedia.tv
4	sb.scorecardresearch.com	2 redirects
3	sync.richaudience.com	idvbuo.webcindario.com sync.richaudience.com
3	public.cobrowse.oraclecloud.com	tags.tiqcdn.com public.cobrowse.oraclecloud.com
3	cdn.smartclip-services.com	des.smartclip.net cdn.smartclip-services.com
3	www.google.de	idvbuo.webcindario.com
3	www.google.com	3 redirects
3	stats.g.doubleclick.net	3 redirects
3	googleads.g.doubleclick.net	pagead2.googlesyndication.com
3	www.googletagmanager.com	idvbuo.webcindario.com
2	www8.smartadserver.com	ced.sascdn.com
2	ced.sascdn.com	creatives.sunmedia.tv
2	es-sunelespanol.videoplaza.tv	static.sunmedia.tv
2	eu-u.openx.net	creatives.sunmedia.tv
2	acdn.adnxs.com	creatives.sunmedia.tv
2	ads.pubmatic.com	creatives.sunmedia.tv
2	static.criteo.net	creatives.sunmedia.tv
2	prebid.digitru.st	creatives.sunmedia.tv
2	hbopenbid.pubmatic.com	creatives.sunmedia.tv
2	bidder.criteo.com	creatives.sunmedia.tv
2	ib.adnxs.com	creatives.sunmedia.tv
2	sun-d.openx.net	creatives.sunmedia.tv
2	ec.sascdn.com	creatives.sunmedia.tv
2	d.agkn.com	js.agkn.com
2	search.spotxchange.com	static.sunmedia.tv
2	services.sunmedia.tv	static.sunmedia.tv
2	play.sunmediaads.com	img.sunmediaads.com
2	www.googletagservices.com	pagead2.googlesyndication.com
2	img.sunmediaads.com	idvbuo.webcindario.com
2	des.smartclip.net	idvbuo.webcindario.com
2	adservice.google.de	pagead2.googlesyndication.com
2	hosting.miarroba.info	idvbuo.webcindario.com
1	miarroba.com	idvbuo.webcindario.com
1	fonts.googleapis.com
1	js.agkn.com	idvbuo.webcindario.com
1	bofa.demdex.net	tags.tiqcdn.com
1	dpm.demdex.net	tags.tiqcdn.com
1	ajax.googleapis.com	cdn.smartclip-services.com
0	jazz-pt.ecnp.bankofamerica.com Failed	tags.tiqcdn.com
185	51

This site contains links to these domains. Also see Links.

Domain
secure.bankofamerica.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com CloudFlare Inc ECC CA-2	`2019-11-03` - `2020-10-09`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2019-05-20` - `2020-06-18`	a year	crt.sh
www.google.de GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.smartclip-services.com Let's Encrypt Authority X3	`2019-11-28` - `2020-02-26`	3 months	crt.sh
*.storage.googleapis.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
*.cobrowse.oraclecloud.com DigiCert SHA2 Secure Server CA	`2019-10-07` - `2021-01-05`	a year	crt.sh
*.sunmedia.tv COMODO RSA Domain Validation Secure Server CA	`2018-01-19` - `2021-01-18`	3 years	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2018-06-21` - `2020-09-16`	2 years	crt.sh
*.richaudience.com RapidSSL RSA CA 2018	`2019-03-07` - `2021-04-05`	2 years	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2019-03-18` - `2021-03-17`	2 years	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2018-01-04` - `2020-07-09`	3 years	crt.sh
*.criteo.com DigiCert ECC Secure Server CA	`2019-12-05` - `2021-04-08`	a year	crt.sh
*.pubmatic.com Sectigo RSA Organization Validation Secure Server CA	`2019-02-22` - `2021-02-21`	2 years	crt.sh
cdn-cf.digitru.st Amazon	`2019-05-21` - `2020-06-21`	a year	crt.sh
*.videoplaza.com Let's Encrypt Authority X3	`2020-01-26` - `2020-04-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.doubleclick.net GTS CA 1O1	`2020-01-07` - `2020-03-31`	3 months	crt.sh
*.sascdn.com DigiCert SHA2 Secure Server CA	`2019-10-17` - `2020-10-16`	a year	crt.sh

This page contains 34 frames:

Primary Page: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Frame ID: F2DDC9CB23EB1E4694766E4365B0B961
Requests: 87 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/zrt_lookup.html
Frame ID: 8249E021BB57E5DD2ED40395E75DC8F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1580042040&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580042039857&bpp=154&bdt=42&fdt=221&idt=221&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=7108948157988&frm=20&pv=2&ga_vid=979697727.1580042040&ga_sid=1580042040&ga_hid=1812709016&ga_fc=0&iag=0&icsg=9169136&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065274&oid=3&pvsid=2757739005080940&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=232
Frame ID: 0E82B05F06EF80ABB41BEBFA83639042
Requests: 1 HTTP requests in this frame

Frame: https://miarroba.com/
Frame ID: 9C549C6A90FAF47CB4991263780440F9
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3279755398&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580042040465&bpp=9&bdt=31&fdt=45&idt=45&shv=r20200122&cbv=r20190131&saldr=aa&nras=1&correlator=7108948157988&frm=23&ife=1&pv=1&ga_vid=979697727.1580042040&ga_sid=1580042041&ga_hid=942862497&ga_fc=0&iag=3&icsg=8399360&nhd=1&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=231786881&scr_x=0&scr_y=0&eid=26835106&oid=3&pvsid=1429040262214310&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=20&bc=23&ifi=0&uci=0.8i3ab8ey3f2g&fsb=1&dtd=50
Frame ID: 6DDA5FB16E9EF810760288299A72470D
Requests: 1 HTTP requests in this frame

Frame: https://public.cobrowse.oraclecloud.com/1805/storage/ll_storage_html5.html?context=kdhae70je9&version=20180713
Frame ID: FA3765A358582BD23E8B2523B18B2608
Requests: 1 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=98413077&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: F6FDC30A0C4DCEC5DAD127497FF28F68
Requests: 1 HTTP requests in this frame

Frame: http://d.agkn.com/iframe/8613/?che=243838647&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: F8078FF3D59ACFEC87670B5C05D1E363
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3693108&pubconsent=1&euconsent=1&hasConsent=1
Frame ID: 9A2CB2AAF710EC0BEF53B81607E3B092
Requests: 1 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3693108&pubconsent=1&euconsent=1&hasConsent=1
Frame ID: EFFB3F72A9CCC384A36D6B8C2F9F6F8D
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Frame ID: 53BDADEAE80183D38D65E3900CF1919B
Requests: 4 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Frame ID: 9A0AA3B1CBFAC32B15A37ABE8B5E7925
Requests: 4 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: BE75B885D6F0ECDAD73A6628AB5A4CB2
Requests: 10 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 8DEDFBC4FCDD8840200002A340F42C7E
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: AD02E408504B409B1D58D085FD0909E6
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: 8FDBA65BC55970EB066FA21643006BDC
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=48c05810-ff4e-4f97-9e53-51ecc3eb37e2&gdpr=1
Frame ID: 7A32EC2B71EA4A45C17DA269979647BB
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: DFB74BC4806EC823D90E7A9DD19D27BA
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=48c05810-ff4e-4f97-9e53-51ecc3eb37e2&gdpr=1
Frame ID: 7D1D9D47991FAE95C7985DA371E60408
Requests: 1 HTTP requests in this frame

Frame: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Frame ID: B63FAF16EB1DF321C8AD8086DA93F451
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/260217354/marca_com_marca_video_instream_video_topsites%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26tfcd%3D0%26npa%3D0%26sz%3D300x250%257C320x180%257C320x240%257C540x360%257C640x360%257C640x480%257C720x576%257C768x576%257C1280x720%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26channel%3Dvastadp
Frame ID: D121727C2D65DA497DE1BBFF8D1E0CA2
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/260217354/marca_com_marca_video_instream_video_topsites%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26tfcd%3D0%26npa%3D0%26sz%3D300x250%257C320x180%257C320x240%257C540x360%257C640x360%257C640x480%257C720x576%257C768x576%257C1280x720%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26channel%3Dvastadp
Frame ID: A109E25E970974E95B1F595ACB273EC2
Requests: 6 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.363.1_en.html
Frame ID: D3DC8F6039A837BA5572BDFFCA7B6C65
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.363.1_en.html
Frame ID: FB93238E38D18407D1219DE736AB08DA
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26vpos%3Dpreroll%26iu%3D/21631112852/RevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1%26channel%3Dvastadp&correlator=1041903318
Frame ID: F53D0AC5A68A9F27FD0DBB3E58C658DE
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26vpos%3Dpreroll%26iu%3D/21631112852/RevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1%26channel%3Dvastadp
Frame ID: 0B539195C3E9D85A4851CB600754BE35
Requests: 6 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.363.1_en.html
Frame ID: 17B6F342951406A9285C20937D8BBB6C
Requests: 1 HTTP requests in this frame

Frame: http://imasdk.googleapis.com/js/core/bridge3.363.1_en.html
Frame ID: C0F2C33977B4B90B59727C67345F5CE4
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Frame ID: 3BE3F84747F6A291F579753CC7E00099
Requests: 3 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Frame ID: A3B19DB17A939FA5BE65DF36A043C4DC
Requests: 3 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 2A1FB4483D7BE8917A1849B6FC83594C
Requests: 4 HTTP requests in this frame

Frame: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Frame ID: 9D897A02E324871BBD26C2622A36AF16
Requests: 4 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Frame ID: 3BBE4DEEACF0B14EC0B80ECAA81888FC
Requests: 1 HTTP requests in this frame

Frame: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Frame ID: E86E913D351B41C9EDDAAD3A0EE3B489
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

url /\.php(?:$|\?)/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Tealium (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /^(?:https?:)?\/\/tags\.tiqcdn\.com\//i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

185
Requests

69 %
HTTPS

43 %
IPv6

33
Domains

51
Subdomains

41
IPs

10
Countries

2267 kB
Transfer

7942 kB
Size

12
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://secure.bankofamerica.com/login/sign-in/entry/signOnV2.go#skip-to-h1
Title: Skip to main content

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/languageToggle.go?request_locale=es_US
Title: En EspaÃ±ol

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/sign-in/forgotAnswer.go
Title: Request an authorization code

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/sign-in/entry/privacy/
Title: Privacy & Security

Search URL Search Domain Scan URL

URL: https://secure.bankofamerica.com/login/sign-in/entry/help/equalhousing_popup.cfm
Title: Equal Housing Lender

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 22

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1812709016&t=pageview&_s=1&dl=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ul=en-us&de=windows-1252&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABC~&jid=2113089546&gjid=995464533&cid=979697727.1580042040&tid=UA-597118-7&_gid=442343796.1580042040&_r=1&gtm=2wg1f1T2VG59&z=774544920 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=979697727.1580042040&jid=2113089546&_gid=442343796.1580042040&gjid=995464533&_v=j79&z=774544920 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=979697727.1580042040&jid=2113089546&_v=j79&z=774544920 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=979697727.1580042040&jid=2113089546&_v=j79&z=774544920&slf_rd=1&random=1197985515

Request Chain 23

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1812709016&t=pageview&_s=1&dl=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ul=en-us&de=windows-1252&dt=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABC~&jid=85016967&gjid=753404709&cid=979697727.1580042040&tid=UA-597118-1&_gid=442343796.1580042040&_r=1&gtm=2wg1f1T2VG59&z=1254963872 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-1&cid=979697727.1580042040&jid=85016967&_gid=442343796.1580042040&gjid=753404709&_v=j79&z=1254963872 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=979697727.1580042040&jid=85016967&_v=j79&z=1254963872 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=979697727.1580042040&jid=85016967&_v=j79&z=1254963872&slf_rd=1&random=1509915842

Request Chain 54

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=942862497&t=pageview&_s=1&dl=http%3A%2F%2Fidvbuo.webcindario.com%2Ftc-chat-bac.html%3FIFRAME%26env%3Dnotprod%26tmProfile%3Dolb&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAAAB~&jid=1611288884&gjid=711056356&cid=979697727.1580042040&tid=UA-597118-17&_gid=442343796.1580042040&_r=1&gtm=2wg1f1N7B2KH&z=1219566670 HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-17&cid=979697727.1580042040&jid=1611288884&_gid=442343796.1580042040&gjid=711056356&_v=j79&z=1219566670 HTTP 302
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-17&cid=979697727.1580042040&jid=1611288884&_v=j79&z=1219566670 HTTP 302
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-17&cid=979697727.1580042040&jid=1611288884&_v=j79&z=1219566670&slf_rd=1&random=2874332223

Request Chain 80

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=609967197&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=1528463 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=609967197&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=1528463&cs_ak_ss=1

Request Chain 85

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=353194335&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3813955 HTTP 302
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=353194335&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3813955&cs_ak_ss=1

Request Chain 88

http://b.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041225&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&c7=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041225&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&c7=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&c9=&cs_ak_ss=1

Request Chain 89

http://b.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041226&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&c7=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&c9= HTTP 302
http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041226&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&c7=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&c9=&cs_ak_ss=1

185 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request Cookie set question.php Show response
idvbuo.webcindario.com/b/run/ 21 KB
8 KB 62ms
62ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 6367d97034ea3cb26e6f9a2459318a717f4673c0153ffa230cdd5773f9252c2c

Request headers

Host: idvbuo.webcindario.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Server: nginx
Date: Sun, 26 Jan 2020 12:33:59 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120
Vary: Accept-Encoding
Set-Cookie: __muid=bb796f210f3c15bc6ca90e68806896c414e73084; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly PHPSESSID=429af56854578ce0aa8be97b8009571b; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 105 KB
37 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0eb755d9761643245021ae41c430f44a86ea89b08098925eea490aa5cf3dfb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:33:59 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1422555229654741508
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 37799
X-XSS-Protection: 0
Expires: Sun, 26 Jan 2020 12:33:59 GMT

GET
H/1.1 200
OK utag.js.download Show response
idvbuo.webcindario.com/b/run/images/ 98 KB
27 KB 57ms
57ms Script
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/b/run/images/utag.js.download
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 5446a03c45ddf23c321718362a191587a68be6936bfc29924653bf88ae19f9d5

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:33:59 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 200
OK vipaa-v4-jawr.css
idvbuo.webcindario.com/b/run/images/ 447 KB
64 KB 56ms
55ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/b/run/images/vipaa-v4-jawr.css
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 8b499b2157a28eadb22d48c963dccf295194a765ee08fe3719d9e10088c74da0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:33:59 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Jan 2020 05:40:39 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
ETag: W/"5e2d2657-6fa5a"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 200
OK vipaa-v4-jawr.js.download Show response
idvbuo.webcindario.com/b/run/images/ 2 MB
365 KB 53ms
52ms Script
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/b/run/images/vipaa-v4-jawr.js.download
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 3006087b65710dcd0afe3892425082cb993455fce9f28aafe1d8965ef7f225d6

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:33:59 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 200
OK BofA_rgb.png
idvbuo.webcindario.com/b/run/images/ 38 KB
39 KB 44ms
44ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idvbuo.webcindario.com/b/run/images/BofA_rgb.png
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:33:59 GMT
Last-Modified: Sun, 26 Jan 2020 05:38:08 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
ETag: "5e2d25c0-99fe"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Keep-Alive: timeout=120
Content-Length: 39422

GET
H/1.1 200
OK util-boa-digitaldata.js.download Show response
idvbuo.webcindario.com/b/run/images/ 9 KB
3 KB 44ms
44ms Script
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/b/run/images/util-boa-digitaldata.js.download
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: e030d7def4d545a05d951ed8a99a688de64a5875fb13b6078d62de23f72e0f0d

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:33:59 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 200
OK cm-jawr.js.download Show response
idvbuo.webcindario.com/b/run/images/ 41 KB
14 KB 47ms
47ms Script
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/b/run/images/cm-jawr.js.download
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: e49851a126b4eac23416ee43bc11329b8cf2a857018e030191c4b649a975fb61

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:33:59 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H2 200 / Show response
hosting.miarroba.info/ 0
213 B 64ms
64ms Script
application/javascript 2606:4700:20::681a:cc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=bb796f210f3c15bc6ca90e68806896c414e73084&h=1924234&t=1580042039&k=5617ac704657065bf778d6b45e3b1b58
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:33:59 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 26 Jan 2020 12:33:59 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200
cache-control: no-cache
cf-ray: 55b284bd6bc496d4-FRA
content-type: application/javascript; charset=iso-8859-1
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 53 KB
20 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

498102d8d0e8815d114e73e70baccbd7de8b09d9ee5e72e776e474fdc50712b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:33:59 GMT
content-encoding: br
last-modified: Sun, 26 Jan 2020 12:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 20313
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:33:59 GMT

GET
H/1.1 200
OK vipaa-v4-jawr-print.css
idvbuo.webcindario.com/b/run/images/ 10 KB
1 KB 68ms
67ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/b/run/images/vipaa-v4-jawr-print.css
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 2f0ac0559a948fa017a8ecdb5bddf7ac54033e8aa1eb91ff7df93243c690f0d1

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Jan 2020 05:40:36 GMT
Server: nginx
X-Powered-By: Webcindario Hosting Service
ETag: W/"5e2d2654-26e1"
Vary: Accept-Encoding
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=idvbuo.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=idvbuo.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/ 220 KB
82 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:33:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84103
x-xss-protection: 0
server: cafe
etag: 10778269677459870046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Jan 2020 12:33:59 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 27
date: Sun, 26 Jan 2020 12:33:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sun, 26 Jan 2020 14:33:33 GMT

GET
H2 200 zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/ Frame 8249 0
0 7ms
6ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20200122/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20200122/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkhOSQUxU9eddzBqIet7yQPv38ZTsCqjTw10jyWMj0QvOF42ERndOTKDsUk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
vary: Accept-Encoding
date: Wed, 22 Jan 2020 19:50:39 GMT
expires: Wed, 05 Feb 2020 19:50:39 GMT
content-type: text/html; charset=UTF-8
etag: 4350393549794053402
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 6578
x-xss-protection: 0
cache-control: public, max-age=1209600
age: 319401
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H/1.1 404
Not Found fsd-secure-esp-sprite.png
idvbuo.webcindario.com/pa/components/modules-app/VIPAA/header-vipaa-module/1.0/graphic/ 5 KB
5 KB 60ms
60ms Image
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idvbuo.webcindario.com/pa/components/modules-app/VIPAA/header-vipaa-module/1.0/graphic/fsd-secure-esp-sprite.png
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: af2060e1f1065baf432a59dc47e6c12d1a4301a0399a267b94a3bcd147852485

Request headers

Referer: http://idvbuo.webcindario.com/b/run/images/vipaa-v4-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 404
Not Found help-qm-fsd.png
idvbuo.webcindario.com/pa/global-assets/1.0/graphic/ 5 KB
5 KB 55ms
54ms Image
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idvbuo.webcindario.com/pa/global-assets/1.0/graphic/help-qm-fsd.png
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: af2060e1f1065baf432a59dc47e6c12d1a4301a0399a267b94a3bcd147852485

Request headers

Referer: http://idvbuo.webcindario.com/b/run/images/vipaa-v4-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 404
Not Found fsd-arrows.png
idvbuo.webcindario.com/pa/components/modules-app/VIPAA/quick-help-vipaa-module/1.0/graphic/ 5 KB
5 KB 86ms
86ms Image
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idvbuo.webcindario.com/pa/components/modules-app/VIPAA/quick-help-vipaa-module/1.0/graphic/fsd-arrows.png
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: af2060e1f1065baf432a59dc47e6c12d1a4301a0399a267b94a3bcd147852485

Request headers

Referer: http://idvbuo.webcindario.com/b/run/images/vipaa-v4-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 200 ads Show response
des.smartclip.net/ 3 KB
2 KB 52ms
51ms Script
application/javascript 54.72.49.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=bb796f210f3c15bc6ca90e68806896c414e73084&sz=400x320&rnd=3889049
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 54.72.49.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-49-47.eu-west-1.compute.amazonaws.com
Software: nginx/1.17.1 /
Resource Hash: f4ea3e2251af85c81c02a2b231738957006a2edcf79235a287ff5404c308ed85

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Sc-Supply-Network: 999999
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Sc-Uuid: c5a9db3a-eeb4-4204-81a3-ca32bbbb911c
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Sc-Device-Type: PC
Server: nginx/1.17.1

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ 95 KB
29 KB 287ms
287ms Script
text/javascript 89.255.250.53
LEASEWEBCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.255.250.53 , Germany, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software: leasewebcdn/5.4.2 /
Resource Hash: 674180023f1a85c33961a413fb895c5a930af5a90dedda881c61347d6e3f20e3

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
cdn-cache-hit: 0
last-modified: Tue, 07 Jan 2020 17:06:21 GMT
server: leasewebcdn/5.4.2
etag: W/"1555654466"
content-type: text/javascript
status: 200
cache-control: max-age=0
cdn-node: FRA1-SO03001
cdn-cache: MISS
expires: Sun, 26 Jan 2020 12:34:00 GMT

GET
H/1.1 404
Not Found gfootb-static-sprite.png
idvbuo.webcindario.com/pa/components/modules/global-footer-module/2.5/graphic/ 5 KB
5 KB 73ms
73ms Image
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idvbuo.webcindario.com/pa/components/modules/global-footer-module/2.5/graphic/gfootb-static-sprite.png
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: af2060e1f1065baf432a59dc47e6c12d1a4301a0399a267b94a3bcd147852485

Request headers

Referer: http://idvbuo.webcindario.com/b/run/images/vipaa-v4-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 404
Not Found gfoot-home-icon.png
idvbuo.webcindario.com/pa/components/modules/global-footer-module/2.5/graphic/ 5 KB
5 KB 52ms
52ms Image
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://idvbuo.webcindario.com/pa/components/modules/global-footer-module/2.5/graphic/gfoot-home-icon.png
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: af2060e1f1065baf432a59dc47e6c12d1a4301a0399a267b94a3bcd147852485

Request headers

Referer: http://idvbuo.webcindario.com/b/run/images/vipaa-v4-jawr.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1812709016&t=pageview&_s=1&dl=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d6964...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-7&cid=979697727.1580042040&jid=2113089546&_gid=442343796.1580042040&gjid=995464533&_v=j79&z=774544920
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=979697727.1580042040&jid=2113089546&_v=j79&z=774544920
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=979697727.1580042040&jid=2113089546&_v=j79&z=774544920&slf_rd=1&random=1197985515

42 B
109 B

18ms
18ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=979697727.1580042040&jid=2113089546&_v=j79&z=774544920&slf_rd=1&random=1197985515

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-7&cid=979697727.1580042040&jid=2113089546&_v=j79&z=774544920&slf_rd=1&random=1197985515
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=1812709016&t=pageview&_s=1&dl=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d6964...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-1&cid=979697727.1580042040&jid=85016967&_gid=442343796.1580042040&gjid=753404709&_v=j79&z=1254963872
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=979697727.1580042040&jid=85016967&_v=j79&z=1254963872
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=979697727.1580042040&jid=85016967&_v=j79&z=1254963872&slf_rd=1&random=1509915842

42 B
109 B

20ms
20ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=979697727.1580042040&jid=85016967&_v=j79&z=1254963872&slf_rd=1&random=1509915842

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-1&cid=979697727.1580042040&jid=85016967&_v=j79&z=1254963872&slf_rd=1&random=1509915842
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 0E82 0
0 34ms
34ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1580042040&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580042039857&bpp=154&bdt=42&fdt=221&idt=221&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=7108948157988&frm=20&pv=2&ga_vid=979697727.1580042040&ga_sid=1580042040&ga_hid=1812709016&ga_fc=0&iag=0&icsg=9169136&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065274&oid=3&pvsid=2757739005080940&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=232

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3025194257&lmt=1580042040&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580042039857&bpp=154&bdt=42&fdt=221&idt=221&shv=r20200122&cbv=r20190131&saldr=aa&abxe=1&nras=1&correlator=7108948157988&frm=20&pv=2&ga_vid=979697727.1580042040&ga_sid=1580042040&ga_hid=1812709016&ga_fc=0&iag=0&icsg=9169136&dssz=32&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21065274&oid=3&pvsid=2757739005080940&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=16&bc=23&ifi=0&uci=a!0&fsb=1&dtd=232
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkhOSQUxU9eddzBqIet7yQPv38ZTsCqjTw10jyWMj0QvOF42ERndOTKDsUk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 26 Jan 2020 12:34:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579695672934178"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28080
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:00 GMT

GET
H/1.1 200
OK utag.js Show response
tags.tiqcdn.com/utag/bofa/olb/notprod/ 98 KB
26 KB 178ms
178ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/images/util-boa-digitaldata.js.download
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (lab/4FE8) /
Resource Hash: 0da754bf24dcb334bc0610484092df27e76cb97a213ceee5bd763595e78ecde4

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jan 2020 22:10:35 GMT
Server: ECAcc (lab/4FE8)
Age: 13
Etag: "2734325740"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=300
Accept-Ranges: bytes
Content-Length: 26638
Expires: Sun, 26 Jan 2020 12:39:00 GMT

GET
H/1.1 200
OK ava.js Show response
cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ 74 KB
19 KB 45ms
45ms Script
application/javascript 130.61.96.156
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js
Requested by: Host: des.smartclip.net
URL: http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=bb796f210f3c15bc6ca90e68806896c414e73084&sz=400x320&rnd=3889049
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: f6a136cb4fb02027db55cc14c52b6b5fe4644ed1aeeea1c72071c6045ccc050b

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Jan 2020 16:56:20 GMT
ETag: W/"5e287eb4-12788"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Connection: keep-alive
Expires: Wed, 29 Jan 2020 12:34:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.2.1/ 85 KB
30 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.2.1/jquery.min.js

Requested by

Host: cdn.smartclip-services.com
URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Wed, 22 Jan 2020 21:08:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 314726
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 30306
x-xss-protection: 0
last-modified: Fri, 24 Mar 2017 20:55:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Jan 2021 21:08:34 GMT

GET
H/1.1 200
OK miarroba.js Show response
cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/ 3 KB
4 KB 39ms
39ms Script
application/javascript 130.61.96.156
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/config/miarroba.js
Requested by: Host: cdn.smartclip-services.com
URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: 71e62408eae5de6719fe200aa9c9fac7085632768995d14da07790e31d8187ed

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Last-Modified: Fri, 20 Sep 2019 07:54:24 GMT
ETag: "5d8485b0-c76"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length,Content-Range
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Content-Length: 3190
Expires: Mon, 27 Jan 2020 12:34:00 GMT

GET
H/1.1 200
OK id Show response
dpm.demdex.net/ 83 B
784 B 43ms
43ms XHR
application/json 34.252.123.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id?d_orgid=A9893BC75245B1D70A490D4D@AdobeOrg&d_ver=2

Requested by

Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.252.123.130 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-123-130.eu-west-1.compute.amazonaws.com

Software

Resource Hash

826190201cbb9553bede1e1c3f8d6b8b622e6e5adece5d4175f4e6c5d74cc510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

DCS: dcs-prod-irl1-v058-0fb8839d7.edge-irl1.demdex.com 5.64.4.20200120100612 0ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Error: 198
X-TID: jv6VYJ0dRY4=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://idvbuo.webcindario.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 83
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK utag.11.js Show response
tags.tiqcdn.com/utag/bofa/olb/notprod/ 55 KB
15 KB 23ms
22ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.11.js?utv=ut4.41.201911041507
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8A9B) /
Resource Hash: 6f725164ee67b26671224a5bbc250c7ff080537e05b5567c182d08e8ae217c1d

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jan 2020 22:10:34 GMT
Server: ECAcc (ama/8A9B)
Age: 3230
Etag: "2539048212+gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 14887
Expires: Mon, 10 Feb 2020 12:34:00 GMT

GET
H/1.1 200
OK utag.3.js Show response
tags.tiqcdn.com/utag/bofa/olb/notprod/ 8 KB
3 KB 22ms
22ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.3.js?utv=ut4.41.201808311452
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B6E) /
Resource Hash: 599620456ecb3288d5363cd8c1cfc8d1c950d39fefb831efaab5e300e312658d

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jan 2020 22:10:35 GMT
Server: ECAcc (ama/8B6E)
Age: 4716
Etag: "2684350826+gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 2995
Expires: Mon, 10 Feb 2020 12:34:00 GMT

GET
H/1.1 200
OK utag.12.js Show response
tags.tiqcdn.com/utag/bofa/olb/notprod/ 65 KB
11 KB 22ms
22ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.12.js?utv=ut4.41.201911041507
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AE5) /
Resource Hash: 68cb69fc2de2eef113b217d0a7547be2113e9263e1ec234910bdd215c0d89382

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jan 2020 22:10:34 GMT
Server: ECAcc (ama/8AE5)
Age: 3609
Etag: "1852165353+gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 11135
Expires: Mon, 10 Feb 2020 12:34:00 GMT

GET
H/1.1 200
OK utag.13.js Show response
tags.tiqcdn.com/utag/bofa/olb/notprod/ 132 KB
44 KB 22ms
22ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.13.js?utv=ut4.41.201911041507
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B69) /
Resource Hash: 7d54442c85d34c7d51cc3197d8c8cbd6a086f0dc3e96818291698549ed839fee

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jan 2020 22:10:34 GMT
Server: ECAcc (ama/8B69)
Age: 4717
Etag: "3002685343+gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 44634
Expires: Mon, 10 Feb 2020 12:34:00 GMT

GET
H/1.1 200
OK utag.19.js Show response
tags.tiqcdn.com/utag/bofa/olb/notprod/ 3 KB
2 KB 23ms
22ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.19.js?utv=ut4.41.201907181403
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B6F) /
Resource Hash: daec246cf2f862e5ca770dc85098380c7d4ade30432b11bac56b24ab2dec44b9

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jan 2020 22:10:34 GMT
Server: ECAcc (ama/8B6F)
Age: 4412
Etag: "194818761+gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 1337
Expires: Mon, 10 Feb 2020 12:34:00 GMT

GET
H/1.1 200
OK utag.20.js Show response
tags.tiqcdn.com/utag/bofa/olb/notprod/ 7 KB
3 KB 22ms
22ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.20.js?utv=ut4.41.201907181403
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AA3) /
Resource Hash: 825bc85e69d58fdbd856da66583f01c0dce228edee24896a34b28a0cedf302c8

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jan 2020 22:10:34 GMT
Server: ECAcc (ama/8AA3)
Age: 4412
Etag: "1134860948+gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 2720
Expires: Mon, 10 Feb 2020 12:34:00 GMT

GET
H/1.1 200
OK utag.21.js Show response
tags.tiqcdn.com/utag/bofa/olb/notprod/ 162 KB
33 KB 20ms
19ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8AE9) /
Resource Hash: 5b448ed00c660532503979ed4096e068ba969f4f6a55c39c2ccbb87ba87dadfb

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Jan 2020 22:10:35 GMT
Server: ECAcc (ama/8AE9)
Age: 4887
Etag: "2427810356+gzip"
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=1296000
Accept-Ranges: bytes
Content-Length: 33096
Expires: Mon, 10 Feb 2020 12:34:00 GMT

GET
H/1.1 200
OK event Show response
bofa.demdex.net/ 83 B
784 B 175ms
39ms XHR
application/json 52.30.78.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://bofa.demdex.net/event?d_dst=1&d_rtbd=json&c_url=idvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php&c_host=idvbuo.webcindario.com&c_hostname=idvbuo.webcindario.com&c_pathname=b%2Frun%2Fquestion.php&c_protocol=http%3A&c_uriParams=%7B%7D

Requested by

Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.3.js?utv=ut4.41.201808311452

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.30.78.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-30-78-155.eu-west-1.compute.amazonaws.com

Software

Resource Hash

826190201cbb9553bede1e1c3f8d6b8b622e6e5adece5d4175f4e6c5d74cc510

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

DCS: dcs-prod-irl1-v058-028891e8e.edge-irl1.demdex.com 5.64.4.20200120100612 0ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Error: 198
X-TID: D/AaUVLxT4c=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: http://idvbuo.webcindario.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 83
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 global_launcher.js Show response
public.cobrowse.oraclecloud.com/1805/ 132 KB
30 KB 192ms
126ms Script
text/javascript 23.0.38.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://public.cobrowse.oraclecloud.com/1805/global_launcher.js
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.12.js?utv=ut4.41.201911041507
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.38.131 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-38-131.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cae267c6a29c9975382e943d82fe4ae0ebbd5c30c3df5156b232a0df4b2ebff5

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 07:57:13 GMT
server: AkamaiNetStorage
etag: "f016b68a0024402d82b048cdf9014a2a:1543564633"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
accept-ranges: bytes
content-length: 30883

POST session.json
jazz-pt.ecnp.bankofamerica.com/5309/handler9/ 0
0

GET
H/1.1 404
Not Found tc-chat-bac.html Show response
idvbuo.webcindario.com/ Frame 9C54 5 KB
2 KB 44ms
44ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.11.js?utv=ut4.41.201911041507
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: af2060e1f1065baf432a59dc47e6c12d1a4301a0399a267b94a3bcd147852485

Request headers

Host: idvbuo.webcindario.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Cookie: __muid=bb796f210f3c15bc6ca90e68806896c414e73084; PHPSESSID=429af56854578ce0aa8be97b8009571b; _ga=GA1.3.979697727.1580042040; _gid=GA1.3.442343796.1580042040; _gat_UA-597118-7=1; _gat_UA-597118-1=1; utag_main=v_id:016fe1d834010000f890b304270c0007800e107000b08$_sn:1$_ss:1$_st:1580043840323$ses_id:1580042040323%3Bexp-session$_pn:1%3Bexp-session; bactm_lts=%7B%22adobeMID%22%3A%7B%22errors%22%3A%5B%7B%22code%22%3A198%2C%22msg%22%3A%22Requests%20from%20this%20country%20are%20blocked%20by%20partner%22%7D%5D%7D%7D; usy46gabsosd=celebrus_15800420403820.39d9c6301b04ef736ae9afa6ea315858_5309
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Server: nginx
Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120
Vary: Accept-Encoding
X-Powered-By: Webcindario Hosting Service
Content-Encoding: gzip

GET
H/1.1 404
Not Found index.js
idvbuo.webcindario.com/spa/widgets/loader/3.0.0/ 0
0 52ms
52ms Script
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: http://idvbuo.webcindario.com/spa/widgets/loader/3.0.0/index.js
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020
Protocol: HTTP/1.1
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Server: nginx
X-Powered-By: Webcindario Hosting Service
Vary: Accept-Encoding
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=120

GET
H/1.1 200
OK utag.v.js Show response
tags.tiqcdn.com/utag/tiqapp/ 2 B
317 B 18ms
18ms Script
text/javascript 152.199.23.241
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://tags.tiqcdn.com/utag/tiqapp/utag.v.js?a=bofa/olb/202001242210&cb=1580042040401
Requested by: Host: tags.tiqcdn.com
URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js
Protocol: HTTP/1.1
Server: 152.199.23.241 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (ama/8B2B) /
Resource Hash: a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Last-Modified: Thu, 14 Apr 2016 16:59:33 GMT
Server: ECAcc (ama/8B2B)
Age: 221508
Etag: "2243872957"
X-Cache: HIT
Content-Type: text/javascript
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 2
Expires: Sun, 26 Jan 2020 12:44:00 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 9C54 105 KB
37 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0eb755d9761643245021ae41c430f44a86ea89b08098925eea490aa5cf3dfb0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-Type: text/javascript; charset=UTF-8
Server: cafe
ETag: 1422555229654741508
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 37799
X-XSS-Protection: 0
Expires: Sun, 26 Jan 2020 12:34:00 GMT

GET
H2 200 / Show response
hosting.miarroba.info/ Frame 9C54 0
213 B 42ms
42ms Script
application/javascript 2606:4700:20::681a:cc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=bb796f210f3c15bc6ca90e68806896c414e73084&h=1924234&t=1580042040&k=c6581f677bc52c40d6f813238159c7c2
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Sun, 26 Jan 2020 12:34:00 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
status: 200
cache-control: no-cache
cf-ray: 55b284c0bf9096d4-FRA
content-type: application/javascript; charset=iso-8859-1
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9C54 53 KB
20 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

498102d8d0e8815d114e73e70baccbd7de8b09d9ee5e72e776e474fdc50712b8

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: br
last-modified: Sun, 26 Jan 2020 12:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 20313
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 9C54 52 KB
20 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:814::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N7B2KH

Requested by

Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1f0a43e40edd242dde2ca2298d4318b572263e80a7ebe251c36b19392d388d41

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: br
last-modified: Sun, 26 Jan 2020 12:00:00 GMT
server: Google Tag Manager
access-control-allow-origin: http://www.googletagmanager.com
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-length: 20221
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:00 GMT

GET
H/1.1 200 ads Show response
des.smartclip.net/ Frame 9C54 3 KB
2 KB 39ms
39ms Script
application/javascript 54.72.49.47
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=bb796f210f3c15bc6ca90e68806896c414e73084&sz=400x320&rnd=73466612
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
Protocol: HTTP/1.1
Server: 54.72.49.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-49-47.eu-west-1.compute.amazonaws.com
Software: nginx/1.17.6 /
Resource Hash: 8401403ad3ba55e3fc5d87eae348fb19e70c3b79487117bfc2cd1558c1143f6a

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Sc-Supply-Network: 999999
Vary: Accept-Encoding
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Sc-Uuid: ccda45ec-8fb0-4fde-8cb5-5456434cb19b
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Content-Type: application/javascript; charset=utf-8
Sc-Device-Type: PC
Server: nginx/1.17.6

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 9C54 43 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N7B2KH

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 27
date: Sun, 26 Jan 2020 12:33:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 17803
expires: Sun, 26 Jan 2020 14:33:33 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9C54 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=idvbuo.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9C54 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=idvbuo.webcindario.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H2 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/ Frame 9C54 220 KB
82 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 84103
x-xss-protection: 0
server: cafe
etag: 10778269677459870046
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 26 Jan 2020 12:34:00 GMT

GET
H/1.1 200
OK ava.js Show response
cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ Frame 9C54 74 KB
19 KB 34ms
34ms Script
application/javascript 130.61.96.156
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.smartclip-services.com/v1/Storage-a482323/smartclip-services/ava/ava.js
Requested by: Host: des.smartclip.net
URL: http://des.smartclip.net/ads?type=dyn&plc=75133&elementId=bb796f210f3c15bc6ca90e68806896c414e73084&sz=400x320&rnd=73466612
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 130.61.96.156 Frankfurt am Main, Germany, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: /
Resource Hash: f6a136cb4fb02027db55cc14c52b6b5fe4644ed1aeeea1c72071c6045ccc050b

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: public
Date: Sun, 26 Jan 2020 12:34:00 GMT
Content-Encoding: gzip
Last-Modified: Wed, 22 Jan 2020 16:56:20 GMT
ETag: W/"5e287eb4-12788"
Transfer-Encoding: chunked
Content-Type: application/javascript
Cache-Control: max-age=259200, public
Connection: keep-alive
Expires: Wed, 29 Jan 2020 12:34:00 GMT

GET
H2

200

ga-audiences
www.google.de/ads/ Frame 9C54
Redirect Chain

https://www.google-analytics.com/r/collect?v=1&_v=j79&a=942862497&t=pageview&_s=1&dl=http%3A%2F%2Fidvbuo.webcindario.com%2Ftc-chat-bac.html%3FIFRAME%26env%3Dnotprod%26tmProfile%3Dolb&ul=en-us&de=wi...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-597118-17&cid=979697727.1580042040&jid=1611288884&_gid=442343796.1580042040&gjid=711056356&_v=j79&z=1219566670
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-17&cid=979697727.1580042040&jid=1611288884&_v=j79&z=1219566670
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-17&cid=979697727.1580042040&jid=1611288884&_v=j79&z=1219566670&slf_rd=1&random=2874332223

42 B
109 B

17ms
17ms

Image
image/gif

2a00:1450:4001:824::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-17&cid=979697727.1580042040&jid=1611288884&_v=j79&z=1219566670&slf_rd=1&random=2874332223

Requested by

Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:00 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-597118-17&cid=979697727.1580042040&jid=1611288884&_v=j79&z=1219566670&slf_rd=1&random=2874332223
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 9C54 35 B
93 B 7ms
6ms Image
image/gif 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=942862497&t=pageview&_s=1&dl=http%3A%2F%2Fidvbuo.webcindario.com%2Ftc-chat-bac.html%3FIFRAME%26env%3Dnotprod%26tmProfile%3Dolb&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAAAB~&jid=&gjid=&cid=979697727.1580042040&tid=UA-597118-7&_gid=442343796.1580042040&gtm=2wg1f1T2VG59&z=884160669

Requested by

Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 14:28:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 338751
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ Frame 9C54 35 B
99 B 6ms
6ms Image
image/gif 2a00:1450:4001:815::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&a=942862497&t=pageview&_s=1&dl=http%3A%2F%2Fidvbuo.webcindario.com%2Ftc-chat-bac.html%3FIFRAME%26env%3Dnotprod%26tmProfile%3Dolb&ul=en-us&de=windows-1252&sd=24-bit&sr=1600x1200&vp=&je=0&_u=QACAAAAB~&jid=&gjid=&cid=979697727.1580042040&tid=UA-597118-1&_gid=442343796.1580042040&gtm=2wg1f1T2VG59&z=1701867109

Requested by

Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:815::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 22 Jan 2020 14:28:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 338751
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ Frame 9C54 95 KB
29 KB 220ms
220ms Script
text/javascript 89.255.250.53
LEASEWEBCDN

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.255.250.53 , Germany, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software: leasewebcdn/5.4.2 /
Resource Hash: 674180023f1a85c33961a413fb895c5a930af5a90dedda881c61347d6e3f20e3

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
cdn-cache-hit: 0
last-modified: Fri, 20 Dec 2019 12:19:51 GMT
server: leasewebcdn/5.4.2
etag: W/"3347608848"
content-type: text/javascript
status: 200
cache-control: max-age=0
cdn-node: FRA1-SO03001
cdn-cache: MISS
expires: Sun, 26 Jan 2020 12:34:00 GMT

GET
H2 403 ads
googleads.g.doubleclick.net/pagead/ Frame 6DDA 0
0 30ms
29ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3279755398&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580042040465&bpp=9&bdt=31&fdt=45&idt=45&shv=r20200122&cbv=r20190131&saldr=aa&nras=1&correlator=7108948157988&frm=23&ife=1&pv=1&ga_vid=979697727.1580042040&ga_sid=1580042041&ga_hid=942862497&ga_fc=0&iag=3&icsg=8399360&nhd=1&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=231786881&scr_x=0&scr_y=0&eid=26835106&oid=3&pvsid=1429040262214310&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=20&bc=23&ifi=0&uci=0.8i3ab8ey3f2g&fsb=1&dtd=50

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7294310421616689&output=html&adk=1812271804&adf=3279755398&plat=1%3A32776%2C2%3A32776%2C8%3A134250504%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C40%3A32&guci=1.2.0.0.2.2.0.0&format=0x0&url=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ea=0&flash=0&pra=5&wgl=1&adsid=NT&dt=1580042040465&bpp=9&bdt=31&fdt=45&idt=45&shv=r20200122&cbv=r20190131&saldr=aa&nras=1&correlator=7108948157988&frm=23&ife=1&pv=1&ga_vid=979697727.1580042040&ga_sid=1580042041&ga_hid=942862497&ga_fc=0&iag=3&icsg=8399360&nhd=1&dssz=17&mdo=0&mso=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&isw=0&ish=0&ifk=231786881&scr_x=0&scr_y=0&eid=26835106&oid=3&pvsid=1429040262214310&rx=0&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=20&bc=23&ifi=0&uci=0.8i3ab8ey3f2g&fsb=1&dtd=50
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUkhOSQUxU9eddzBqIet7yQPv38ZTsCqjTw10jyWMj0QvOF42ERndOTKDsUk
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb

Response headers

status: 403
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sun, 26 Jan 2020 12:34:00 GMT
server: cafe
content-length: 46
x-xss-protection: 0
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9C54 74 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:81e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20200122/r20190131/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f737f2a78f41bc972d791a7c90af32f4ad8b664250c766ef01fd1a01eda68a1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1579869523779972"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 28204
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:00 GMT

GET
H2 200 ll_storage_html5.html
public.cobrowse.oraclecloud.com/1805/storage/ Frame FA37 0
0 138ms
138ms Document
text/html 23.0.38.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://public.cobrowse.oraclecloud.com/1805/storage/ll_storage_html5.html?context=kdhae70je9&version=20180713
Requested by: Host: public.cobrowse.oraclecloud.com
URL: https://public.cobrowse.oraclecloud.com/1805/global_launcher.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.38.131 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-38-131.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash

Request headers

:method: GET
:authority: public.cobrowse.oraclecloud.com
:scheme: https
:path: /1805/storage/ll_storage_html5.html?context=kdhae70je9&version=20180713
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

status: 200
accept-ranges: bytes
content-type: text/html
etag: "1c69c5ff1efb2009e1fa5e3c405a9a52:1543564649"
last-modified: Fri, 30 Nov 2018 07:57:29 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
date: Sun, 26 Jan 2020 12:34:00 GMT
content-length: 10865

GET
H2 200 hostui_animation.js Show response
public.cobrowse.oraclecloud.com/1805/client/ui/ 37 KB
6 KB 138ms
138ms Script
text/javascript 23.0.38.131
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://public.cobrowse.oraclecloud.com/1805/client/ui/hostui_animation.js?rnd=0.5240191897287272
Requested by: Host: public.cobrowse.oraclecloud.com
URL: https://public.cobrowse.oraclecloud.com/1805/global_launcher.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.0.38.131 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-0-38-131.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 83f5dad4043f29e4ca12cc10dc5d3615c83c31557bdd657f8a28d316bb578d73

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
last-modified: Fri, 30 Nov 2018 07:57:07 GMT
server: AkamaiNetStorage
etag: "aae61f867d876ed48dff3a26f2d32e63:1543564627"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
status: 200
accept-ranges: bytes
content-length: 5996

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ Frame 9C54 385 B
724 B 128ms
45ms Script
text/html 212.92.39.34
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=16415594390.22681604826448298
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.39.34 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software: Apache /
Resource Hash: 44406acea48ad25a48195e7580b2dd83ba6713e1b0423dfdac97fc2b7f2b96a6

Request headers

Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Server: Apache
Connection: close
Content-Length: 385
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ 385 B
724 B 127ms
44ms Script
text/html 212.92.39.34
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=16415590830.17610967582706571
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.39.34 Barcelona, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
Software: Apache /
Resource Hash: 44406acea48ad25a48195e7580b2dd83ba6713e1b0423dfdac97fc2b7f2b96a6

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:00 GMT
Server: Apache
Connection: close
Content-Length: 385
Content-Type: text/html; charset=UTF-8

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 159 KB
43 KB 32ms
31ms Script
application/javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: f8d331c008b8859e4c5634fa81a5c952c6f01e97832ed6c9366408b26fb70d6e

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 20 Jan 2020 10:11:54 GMT
server: nginx
age: 1632
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 43272

GET
H2 200 eu_country.php Show response
static.sunmedia.tv/SMVpaidCreatives/geotarget/ 19 B
316 B 35ms
34ms XHR
application/json 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMVpaidCreatives/geotarget/eu_country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
tp-cache: HIT
server: nginx
age: 1657
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: http://idvbuo.webcindario.com
content-length: 19

GET
H2 200 country.php Show response
services.sunmedia.tv/geotarget/ 16 B
262 B 35ms
35ms XHR
application/json 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 762bea50b1d8bdd1c7f7004cdad0951e4e72ebfa8a9486532b5da32eb4a173e1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
tp-cache: HIT
server: nginx
age: 1644
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: http://idvbuo.webcindario.com
content-length: 16

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 34ms
33ms XHR
application/json 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: f8dbe012cf93ffee0ea358d211da0d9c8f5ce60f2c5388f3b2b8c126caffa328

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
tp-cache: HIT
last-modified: Fri, 24 Jan 2020 18:35:48 GMT
server: nginx
age: 1657
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 2568
accept-ranges: bytes
x-device: desktop

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
4 KB 34ms
33ms XHR
application/json 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 4970a2564975f448345b456d0c9d087ece00083684ded6143b0d77c0dc3aa5c9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
tp-cache: HIT
last-modified: Wed, 18 Dec 2019 20:53:46 GMT
server: nginx
age: 1657
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 3403
accept-ranges: bytes
x-device: desktop

GET
H2 200 adblockDetector.js Show response
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/ 13 KB
5 KB 35ms
34ms Script
application/javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.js
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:15:16 GMT
server: nginx
age: 1657
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
x-device: desktop
accept-ranges: bytes
content-length: 4831

GET
H2 200 country.php Show response
services.sunmedia.tv/geotarget/ 16 B
262 B 32ms
32ms XHR
application/json 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/country.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 762bea50b1d8bdd1c7f7004cdad0951e4e72ebfa8a9486532b5da32eb4a173e1

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
tp-cache: HIT
server: nginx
age: 1644
vary: Accept-Encoding
content-type: application/json
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: http://idvbuo.webcindario.com
content-length: 16

GET
H2 200 inhome-1-0.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
3 KB 46ms
46ms XHR
application/json 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: f8dbe012cf93ffee0ea358d211da0d9c8f5ce60f2c5388f3b2b8c126caffa328

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
tp-cache: HIT
last-modified: Fri, 24 Jan 2020 18:35:48 GMT
server: nginx
age: 1657
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 2568
accept-ranges: bytes
x-device: desktop

GET
H2 200 outstream.json Show response
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 3 KB
4 KB 46ms
46ms XHR
application/json 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 4970a2564975f448345b456d0c9d087ece00083684ded6143b0d77c0dc3aa5c9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com

Response headers

date: Sun, 26 Jan 2020 12:34:00 GMT
tp-cache: HIT
last-modified: Wed, 18 Dec 2019 20:53:46 GMT
server: nginx
age: 1657
status: 200
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, s-maxage=2592000
content-length: 3403
accept-ranges: bytes
x-device: desktop

GET
H2 200 tag.js Show response
js.agkn.com/prod/v0/ 3 KB
3 KB 8ms
8ms Script
application/javascript 2600:9000:214f:d600:15:efbc:e300:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.agkn.com/prod/v0/tag.js
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:214f:d600:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 90c24dbeafc0dea49a10c1140b52b52831fc2c8fb7258b55f46f19b593d7dfc6

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sat, 25 Jan 2020 19:01:21 GMT
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
last-modified: Tue, 22 Oct 2019 20:22:52 GMT
server: AmazonS3
age: 63161
etag: "f53f55cbab099be3a970b446a66c496a"
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 3167
x-amz-cf-id: B-uWhQIwZCtPo9M81or9gZ-lmOs3cccyN3VA84aCiMwseskdeKwscA==

GET
H/1.1 200
OK beacon.js Show response
b.scorecardresearch.com/ 1 KB
1 KB 27ms
26ms Script
application/x-javascript 2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: http://b.scorecardresearch.com/beacon.js
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:01 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 901
Expires: Mon, 27 Jan 2020 12:34:01 GMT

GET
H/1.1 200
OK / Show response
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ 867 B
615 B 84ms
30ms Script
text/html 159.69.72.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.72.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cm022.richaudience.com
Software: nginx/1.14.2 /
Resource Hash: ae6c7c71ba9f0248e0720b58d8309255bcae8f410ffadcd468750b1806a1c670

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:01 GMT
Content-Encoding: gzip
Server: nginx/1.14.2
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ 2 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 SMPlayer_d.css
static.sunmedia.tv/SMSdk/css/SMVast/ 4 KB
1 KB 32ms
32ms Stylesheet
text/css 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 194b85c10c911ac7a204d734b732c3b7af39682d9690273d56d0fc808be650a8

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:14:48 GMT
server: nginx
age: 1657
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: text/css
status: 200
cache-control: max-age=0, s-maxage=2592000
x-device: desktop
accept-ranges: bytes
access-control-allow-origin: *
content-length: 963

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 166ms
166ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&cb=711499471&player_width=420&player_height=236&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1&schain=1.0,1!sunmedia.tv,fbbb8d9c-434e-43c3-a569-dee028be8b85,1,,,
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:01 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000284
X-SpotX-Timing-SpotMarket: 0.125289
X-SpotX-Timing-Page-Mux: 0.000414
X-SpotX-Timing-Page-Require: 0.000459
X-fe: 108
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000024
Content-Length: 76
X-SpotX-Timing-Page: 0.130033
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000339
Last-Modified: Sun, 26 Jan 2020 12:34:01 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.058314
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: http://idvbuo.webcindario.com
X-SpotX-Timing-Page-Misc: 0.003182
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.066975
X-SpotX-Timing-Page-URI: 0.000041
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=609967197&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct...
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=609967197&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_c...

43 B
589 B

52ms
26ms

Image
image/gif

23.5.97.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=609967197&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=1528463&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-97-37.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=609967197&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=1528463&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
track.sunmedia.tv/ 42 B
276 B 31ms
31ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=no-pos&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1658
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ 42 B
276 B 32ms
31ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=req&pb=1&pos=no-pos&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1658
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ 42 B
276 B 31ms
31ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=ef&pb=1&pos=no-pos&loop=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1658
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK 207956 Show response
search.spotxchange.com/vast/2.0/ 67 B
1 KB 222ms
153ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/207956?VPAID=JS&content_page_url=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&cb=952432146&player_width=420&player_height=236&custom_skin=1&ad_volume=0&regs[gdpr]=1&user[consent]=1&schain=1.0,1!sunmedia.tv,fbbb8d9c-434e-43c3-a569-dee028be8b85,1,,,
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , Netherlands, ASN35220 (SPOTX-AMS, NL),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:01 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000310
X-SpotX-Timing-SpotMarket: 0.111744
X-SpotX-Timing-Page-Mux: 0.000420
X-SpotX-Timing-Page-Require: 0.000720
X-fe: 008
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000029
Content-Length: 76
X-SpotX-Timing-Page: 0.116426
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000443
Last-Modified: Sun, 26 Jan 2020 12:34:01 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.065700
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: http://idvbuo.webcindario.com
X-SpotX-Timing-Page-Misc: 0.002744
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.046044
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

p2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/p?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=353194335&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct...
https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=353194335&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_c...

43 B
589 B

29ms
26ms

Image
image/gif

23.5.97.37
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=353194335&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3813955&cs_ak_ss=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.5.97.37 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-5-97-37.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Expires: Mon, 01 Jan 1990 00:00:00 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Location: https://sb.scorecardresearch.com/p2?c1=2&c2=21892462&ns_ap_sv=2.1511.10&ns_type=hidden&ns_st_it=a&ns_st_sv=4.0.0&ns_st_ad=1&ns_st_sq=1&ns_st_id=353194335&ns_st_ec=1&ns_st_cn=1&ns_st_ev=play&ns_st_ct=va00&ns_st_cl=0&ns_st_pt=0&c3=*null&c4=*null&c6=*null&ns_ts=3813955&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame F6FD 0
0 17ms
17ms Document
text/html 2600:9000:2057:2200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d.agkn.com/iframe/8613/?che=98413077&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Server: 2600:9000:2057:2200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Content-Type: text/html;charset=UTF-8
Content-Length: 479
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Date: Sun, 26 Jan 2020 12:34:01 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3AqsUrO6NLlSYkFt%2FPbD77L4URjPLtimOo;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAlwEO5JcBDuQAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
X-Cache: Miss from cloudfront
Via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: -PyEOoyZ_FHBAN9EtHRFW25aKW6cv8se9uR1uCaWRkFudmAx2Vaakg==

GET
H/1.1 200
OK Cookie set /
d.agkn.com/iframe/8613/ Frame F807 0
0 14ms
9ms Document
text/html 2600:9000:2057:2200:19:fc2c:a140:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://d.agkn.com/iframe/8613/?che=243838647&gdpr=&gdpr_consent=&ref=&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22-1%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by: Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol: HTTP/1.1
Server: 2600:9000:2057:2200:19:fc2c:a140:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash

Request headers

Host: d.agkn.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Content-Type: text/html;charset=UTF-8
Content-Length: 479
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Date: Sun, 26 Jan 2020 12:34:00 GMT
Expires: Sat, 01 Jan 2000 00:00:00 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Server: Apache-Coyote/1.1
Set-Cookie: ab=0001%3A2YOwG79xIXIkFt%2FPbD77L6bx18Slc8ig;Max-Age=31536000;domain=agkn.com;path=/ u=C|0AEAlwEO5JcBDuQAAAAAAAg1RAQCADVIBAIA;Max-Age=31536000;domain=agkn.com;path=/
X-Cache: Miss from cloudfront
Via: 1.1 7ed7afde326861e358c3c83359e99895.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA6-C1
X-Amz-Cf-Id: 42HFgAhQsenUpg7phmLOVPMqCyt_KgRjsNpoq3oydSqfMc3B7izM8Q==

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041225&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&...
http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041225&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question...

0
248 B

28ms
28ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041225&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&c7=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041225&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&c7=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

b2
b.scorecardresearch.com/
Redirect Chain

http://b.scorecardresearch.com/b?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041226&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&...
http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041226&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question...

0
248 B

26ms
25ms

Image
text/plain

2.16.186.80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041226&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&c7=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&c9=&cs_ak_ss=1
Protocol: HTTP/1.1
Server: 2.16.186.80 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-80.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: http://b.scorecardresearch.com/b2?c1=8&c2=21892462&c3=1001000630&ns__t=1580042041226&ns_c=windows-1252&cv=3.1&c8=Bank%20of%20America%20%7C%20Online%20Banking%20%7C%20Security%20Challenge%20Question&c7=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&c9=&cs_ak_ss=1
Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:01 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 767 B
435 B 16ms
16ms Stylesheet
text/css 2a00:1450:4001:814::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:814::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Sun, 26 Jan 2020 12:34:01 GMT
server: ESF
access-control-allow-origin: *
date: Sun, 26 Jan 2020 12:34:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:01 GMT

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ 3 KB
3 KB 38ms
30ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:15:14 GMT
server: nginx
age: 1658
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 fullscreen-on.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 39ms
31ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/fullscreen-on.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:14:48 GMT
server: nginx
age: 1657
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1351
accept-ranges: bytes
x-device: desktop

GET
H2 200 skip.png
static.sunmedia.tv/SMSdk/ico/ 3 KB
3 KB 38ms
31ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/skip.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:15:02 GMT
server: nginx
age: 1658
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2761
accept-ranges: bytes
x-device: desktop

GET
H2 200 adlabel.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 37ms
32ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/adlabel.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:14:48 GMT
server: nginx
age: 1658
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1359
accept-ranges: bytes
x-device: desktop

GET
H2 200 play.png
static.sunmedia.tv/SMSdk/ico/ 1 KB
2 KB 37ms
32ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/play.png
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151

Request headers

Referer: https://static.sunmedia.tv/SMSdk/css/SMVast/SMPlayer_d.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:14:48 GMT
server: nginx
age: 1657
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 1525
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK /
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame 9A2C 0
0 91ms
33ms Document
text/html 159.69.72.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3693108&pubconsent=1&euconsent=1&hasConsent=1
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.72.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cm022.richaudience.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: sync.richaudience.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Server: nginx/1.14.2
Date: Sun, 26 Jan 2020 12:34:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip

GET
H/1.1 200
OK /
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame EFFB 0
0 88ms
31ms Document
text/html 159.69.72.190
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=3693108&pubconsent=1&euconsent=1&hasConsent=1
Requested by: Host: sync.richaudience.com
URL: https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 159.69.72.190 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: cm022.richaudience.com
Software: nginx/1.14.2 /
Resource Hash

Request headers

Host: sync.richaudience.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Server: nginx/1.14.2
Date: Sun, 26 Jan 2020 12:34:01 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Content-Encoding: gzip

GET
H2 200 0434c5d5-6985-4bfb-9d0f-35ffc3cf7266 Show response
vast.sunmedia.tv/creatives/ 1 KB
709 B 34ms
33ms XHR
text/xml 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 4b3b9b9f39fef6bd6e316aa19b37be467dd9e47cd53446279fde3cfc2d5067c1

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js Show response
creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/ Frame 53BD 205 KB
35 KB 32ms
32ms Script
application/javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 80b5eb4754c78a4295cab91ff51c2cb2cca1ee0de677aea9e92dee7a95aff95e

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 14 Jan 2020 12:37:24 GMT
server: nginx
age: 1658
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 35887

GET
H2 200 0434c5d5-6985-4bfb-9d0f-35ffc3cf7266 Show response
vast.sunmedia.tv/creatives/ 1 KB
709 B 40ms
40ms XHR
text/xml 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 4b3b9b9f39fef6bd6e316aa19b37be467dd9e47cd53446279fde3cfc2d5067c1

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js Show response
creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/ Frame 9A0A 205 KB
35 KB 31ms
31ms Script
application/javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 80b5eb4754c78a4295cab91ff51c2cb2cca1ee0de677aea9e92dee7a95aff95e

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:01 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 14 Jan 2020 12:37:24 GMT
server: nginx
age: 1658
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 35887

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame BE75 3 KB
3 KB 33ms
32ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:15:14 GMT
server: nginx
age: 1659
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 hb_zhb_generico-caro.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/hb/ Frame BE75 5 KB
2 KB 33ms
33ms Script
application/x-javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/hb/hb_zhb_generico-caro.js?xclk=${xclk}&rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 52935733acbfaa83126cdf4a3cc3ba730eaa8903b9be74b1a8dbf2eaed1bf9ac

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
content-type: application/x-javascript
status: 200
cache-control: no-cache
access-control-allow-credentials: true, true
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 53BD 42 B
276 B 32ms
31ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=0434c5d5-6985-4bfb-9d0f-35ffc3cf7266&tp=SMAdFactory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1659
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 53BD 42 B
276 B 31ms
31ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=0434c5d5-6985-4bfb-9d0f-35ffc3cf7266&tp=adl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1659
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 9A0A 42 B
276 B 42ms
42ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=0434c5d5-6985-4bfb-9d0f-35ffc3cf7266&tp=SMAdFactory
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1659
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 8DED 3 KB
3 KB 35ms
34ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:15:14 GMT
server: nginx
age: 1659
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 hb_zhb_generico-caro.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/hb/ Frame 8DED 5 KB
2 KB 34ms
34ms Script
application/x-javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/hb/hb_zhb_generico-caro.js?xclk=${xclk}&rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 52935733acbfaa83126cdf4a3cc3ba730eaa8903b9be74b1a8dbf2eaed1bf9ac

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
content-type: application/x-javascript
status: 200
cache-control: no-cache
access-control-allow-credentials: true, true
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 9A0A 42 B
276 B 33ms
33ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=0434c5d5-6985-4bfb-9d0f-35ffc3cf7266&tp=adl
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1659
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK smart.js Show response
ec.sascdn.com/tag/1999/ Frame BE75 24 KB
10 KB 19ms
19ms Script
application/javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://ec.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/hb/hb_zhb_generico-caro.js?xclk=${xclk}&rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: 2b75150e90ce1ab05e462c1f9fa3be1b9bf46eb8ca01ace5385ed860ea84c7e2

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Jan 2020 12:32:29 GMT
Server: ECS (amb/6BBF)
Age: 93
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=300
Accept-Ranges: bytes
Content-Length: 10130
Expires: Sun, 26 Jan 2020 12:39:02 GMT

GET
H2 200 prebid.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame BE75 277 KB
88 KB 32ms
32ms Script
application/x-javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/hb/hb_zhb_generico-caro.js?xclk=${xclk}&rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: c8a22161e476569199308a717b2d6e775ddd7d50770f7236df3400fcea193317

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
content-encoding: gzip
tp-cache: HIT
server: nginx
age: 1659
content-type: application/x-javascript
status: 200
cache-control: max-age=0, s-maxage=3600s
access-control-allow-credentials: true, true
content-length: 89279
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK smart.js Show response
ec.sascdn.com/tag/1999/ Frame 8DED 24 KB
10 KB 24ms
18ms Script
application/javascript 68.232.35.16
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: http://ec.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/hb/hb_zhb_generico-caro.js?xclk=${xclk}&rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}
Protocol: HTTP/1.1
Server: 68.232.35.16 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (amb/6BBF) /
Resource Hash: 2b75150e90ce1ab05e462c1f9fa3be1b9bf46eb8ca01ace5385ed860ea84c7e2

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:02 GMT
Content-Encoding: gzip
Last-Modified: Sun, 26 Jan 2020 12:32:29 GMT
Server: ECS (amb/6BBF)
Age: 93
Vary: Accept-Encoding
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=300
Accept-Ranges: bytes
Content-Length: 10130
Expires: Sun, 26 Jan 2020 12:39:02 GMT

GET
H2 200 prebid.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 8DED 277 KB
88 KB 55ms
55ms Script
application/x-javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/hb/hb_zhb_generico-caro.js?xclk=${xclk}&rnd=${random}&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&referrerurl=${request.referrerurl}&rw=${request.width}&rh=${request.height}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: c8a22161e476569199308a717b2d6e775ddd7d50770f7236df3400fcea193317

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:02 GMT
content-encoding: gzip
tp-cache: HIT
server: nginx
age: 1659
content-type: application/x-javascript
status: 200
cache-control: max-age=0, s-maxage=3600s
access-control-allow-credentials: true, true
content-length: 89279
accept-ranges: bytes
x-device: desktop

GET
H2 200 arj Show response
sun-d.openx.net/w/1.0/ Frame BE75 173 B
371 B 78ms
77ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sun-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=e9bc7840-40fa-44aa-b08a-d4152fa2fae2&nocache=1580042042670&x_gdpr_f=1&aus=300x250%2C300x600&divIds=sas_70691&auid=540942402&
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.0 /
Resource Hash: 6821c8647dc2658bcf467680126ac0fa0637ccac0bef0dd3970350a2f02bff3e

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:02 GMT
content-encoding: gzip
server: OXGW/16.174.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BE75 141 B
1 KB 28ms
27ms XHR
application/json 185.33.223.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js

Protocol

HTTP/1.1

Server

185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

88a780053f2091f4dd72a764afdf47d1a32f4518da328797f158493bfe122feb

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:04 GMT
X-Proxy-Origin: 185.210.217.116; 185.210.217.116; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.4:80
AN-X-Request-Uuid: db3f1546-20d8-40f9-a866-b843e61dbf02
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://idvbuo.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 141
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame BE75 0
151 B 29ms
29ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.42.0&cb=9385581996
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 26 Jan 2020 12:34:02 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://idvbuo.webcindario.com
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BE75 0
64 B 119ms
118ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 26 Jan 2020 12:34:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://idvbuo.webcindario.com

GET
H2 200 arj Show response
sun-d.openx.net/w/1.0/ Frame 8DED 173 B
367 B 54ms
54ms XHR
application/json 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://sun-d.openx.net/w/1.0/arj?ju=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.0&dddid=e28234d9-e79a-4b55-8097-0ce48b659639&nocache=1580042042715&x_gdpr_f=1&aus=300x250%2C300x600&divIds=sas_70691&auid=540942402&
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.0 /
Resource Hash: 02c773c1b9bba530dafb306e45a88586a411863f3caebd3daf8d611ed3b7bf5f

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 26 Jan 2020 12:34:02 GMT
content-encoding: gzip
server: OXGW/16.174.0
status: 200
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 165
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 8DED 0
151 B 30ms
30ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=23&wv=2.42.0&cb=18166446941
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 26 Jan 2020 12:34:02 GMT
access-control-allow-credentials: true
server: Finatra
access-control-allow-origin: http://idvbuo.webcindario.com
timing-allow-origin: *
vary: Origin

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 8DED 0
64 B 80ms
80ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

status: 204
date: Sun, 26 Jan 2020 12:34:02 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-origin: http://idvbuo.webcindario.com

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 8DED 142 B
1 KB 30ms
30ms XHR
application/json 185.33.223.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

http://ib.adnxs.com/ut/v3/prebid

Requested by

Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js

Protocol

HTTP/1.1

Server

185.33.223.215 , Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

315.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.13.4 /

Resource Hash

66a4e9a40dc7ec0577404cc5cc68e14b8b3380a1abaf2e55f62669e3c9e20481

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:04 GMT
X-Proxy-Origin: 185.210.217.116; 185.210.217.116; 315.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.39:80
AN-X-Request-Uuid: 7361fe53-1f0a-404a-9bdb-f8ed679d9a34
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: http://idvbuo.webcindario.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 v1 Show response
prebid.digitru.st/id/ Frame BE75 425 B
1 KB 22ms
21ms XHR
application/json 2600:9000:2057:e000:a:d79f:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.digitru.st/id/v1
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:e000:a:d79f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: f6e19fdd6a1ec225f2e8c01db431f08823116b99f16c2caddcb177b8432cd18c

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Jan 2020 12:34:04 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, OPTIONS
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: private, max-age=15552000
access-control-allow-credentials: true
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
content-length: 425
x-amz-cf-id: -rtHNKbvqJtiTERUzc2pfkqMJd01SWsiHxLRdf4n-S7hULd5QEW9RQ==

GET
H2 200 /
track.sunmedia.tv/ Frame 53BD 42 B
276 B 33ms
32ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=0434c5d5-6985-4bfb-9d0f-35ffc3cf7266&tp=vw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:04 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1661
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 v1 Show response
prebid.digitru.st/id/ Frame 8DED 425 B
1 KB 47ms
47ms XHR
application/json 2600:9000:2057:e000:a:d79f:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.digitru.st/id/v1
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:2057:e000:a:d79f:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash: e597c06632ee0db65fbc6d4884889d9bdd3782e7cc4b37660b25c019c6c96991

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Content-Type: text/plain

Response headers

date: Sun, 26 Jan 2020 12:34:04 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677f.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA6-C1
status: 200
vary: Accept-Encoding, Origin
access-control-allow-methods: GET, OPTIONS
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: private, max-age=15552000
access-control-allow-credentials: true
x-cache: LambdaGeneratedResponse from cloudfront
content-type: application/json
content-length: 425
x-amz-cf-id: arnJzOfq4BlT5PgjxMhTK9IID_HyoQ8As2ENOA9vrjMNtkdInBlm_w==

GET
H2 200 /
track.sunmedia.tv/ Frame 9A0A 42 B
276 B 32ms
31ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=0434c5d5-6985-4bfb-9d0f-35ffc3cf7266&tp=vw
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:04 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1661
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame BE75 48 KB
16 KB 15ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: HTTP/1.1
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fd43f7a2cd9dd0f123b3cb12c19b756632aa8a5ebd58ea24683e9966866d8f13

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:05 GMT
content-encoding: gzip
last-modified: Mon, 13 Jan 2020 11:46:43 GMT
server: nginx
etag: W/"5e1c58a3-c125"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 27 Jan 2020 12:34:05 GMT

GET
H/1.1 200
OK publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 8DED 48 KB
16 KB 13ms
13ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: http://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: HTTP/1.1
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: fd43f7a2cd9dd0f123b3cb12c19b756632aa8a5ebd58ea24683e9966866d8f13

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:05 GMT
content-encoding: gzip
last-modified: Mon, 13 Jan 2020 11:46:43 GMT
server: nginx
etag: W/"5e1c58a3-c125"
transfer-encoding: chunked
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
timing-allow-origin: *
expires: Mon, 27 Jan 2020 12:34:05 GMT

GET
H2 200 /
miarroba.com/ Frame 9C54 0
0 134ms
134ms Document
text/html 2606:4700:20::681a:d72
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://miarroba.com/
Requested by: Host: idvbuo.webcindario.com
URL: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:d72 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: miarroba.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb
accept-encoding: gzip, deflate, br
cookie: GED_PLAYLIST_ACTIVITY=W3sidSI6Ijd2bHoiLCJ0c2wiOjE1ODAwNDIwNDEsIm52IjowLCJ1cHQiOjE1ODAwNDIwMjgsImx0IjoxNTgwMDQyMDI4fV0.
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/tc-chat-bac.html?IFRAME&env=notprod&tmProfile=olb

Response headers

status: 200
date: Sun, 26 Jan 2020 12:34:05 GMT
content-type: text/html; charset=iso-8859-1
set-cookie: __cfduid=d761575ffa3e9debf39399e839939f4851580042045; expires=Tue, 25-Feb-20 12:34:05 GMT; path=/; domain=.miarroba.com; HttpOnly; SameSite=Lax; Secure sessionid=5Oql4cPq0y%2Cj90RRHl2p40; path=/; domain=.miarroba.com; HttpOnly _eu_cookiepolicy=1580042045; expires=Tue, 19-Jan-2038 03:14:07 GMT; Max-Age=567441602; path=/; domain=.miarroba.com __muid=99c7dee9a12f18812fd049db6890cb3f07478778; expires=Tue, 25-Jan-2022 12:34:05 GMT; Max-Age=63072000; path=/; domain=.miarroba.com; httponly __miaMRIN-home=1; expires=Sun, 26-Jan-2020 13:34:05 GMT; Max-Age=3600; path=/
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
alt-svc: h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
server: cloudflare
cf-ray: 55b284e1cdd6637d-FRA
content-encoding: br

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame AD02 0
0 31ms
31ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=5ED5415E-AEEA-422C-9311-6FE34BDE21C6; chkChromeAb67Sec=1; DPSync3=1580083200%3A174%7C1581206400%3A197_201; SyncRTB3=1580860800%3A63%7C1582588800%3A203%7C1581206400%3A3_8_7_54_56_161_21%7C1580601600%3A2; KRTBCOOKIE_1101=23040-6786228883837155475; PUBMDCID=3; KRTBCOOKIE_153=19420-6w0ByOZfAJvzC1fNulgenOtYBpXzUVGVug31EOLq&KRTB&22979-6w0ByOZfAJvzC1fNulgenOtYBpXzUVGVug31EOLq; KRTBCOOKIE_27=16735-uid:19f35e2d-807e-4f00-b3ad-1f546dd84a64&KRTB&16736-uid:19f35e2d-807e-4f00-b3ad-1f546dd84a64; SPugT=1580042039; KRTBCOOKIE_391=22924-405111215646767272; KRTBCOOKIE_80=16514-CAESEEubN72FhSzIY-pnZ91A4hA&KRTB&22987-CAESEEubN72FhSzIY-pnZ91A4hA&KRTB&22995-CAESEEubN72FhSzIY-pnZ91A4hA&KRTB&23025-CAESEEubN72FhSzIY-pnZ91A4hA; KRTBCOOKIE_22=14911-7289193819782770113&KRTB&23150-7289193819782770113; KRTBCOOKIE_377=22918-8dbbd880-6fb1-42ae-b846-bd6d70bafb59&KRTB&23031-8dbbd880-6fb1-42ae-b846-bd6d70bafb59; KRTBCOOKIE_466=16530-949607e6-bdc3-469c-97bd-952fc51d95ec&KRTB&16532-949607e6-bdc3-469c-97bd-952fc51d95ec; KRTBCOOKIE_336=5844-6161708833182388675; PugT=1580042040
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Last-Modified: Wed, 22 Jan 2020 11:16:09 GMT
ETag: "13006b6-973d-59cb8a6c84de0"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14478
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=133955
Expires: Tue, 28 Jan 2020 01:46:40 GMT
Date: Sun, 26 Jan 2020 12:34:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame 8FDB 0
0 26ms
26ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: HTTP/1.1
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.11.5 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Cookie: uuid2=3690495831150728838; icu=ChgIjq9kEAoYAiACKAIwvI628QU4AkACSAIQvI628QUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.11.5
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Mon, 25 Jan 2021 12:34:05 GMT
Date: Sun, 26 Jan 2020 12:34:05 GMT
Connection: keep-alive

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 7A32 0
0 34ms
34ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=48c05810-ff4e-4f97-9e53-51ecc3eb37e2&gdpr=1
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=48c05810-ff4e-4f97-9e53-51ecc3eb37e2&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
accept-encoding: gzip, deflate, br
cookie: i=ed2cda53-0f7b-09f7-311b-30d243eb5e2c|1580042039; pd=v2|1580042039|mOgikimWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=ed2cda53-0f7b-09f7-311b-30d243eb5e2c|1580042039; Version=1; Expires=Mon, 25-Jan-2021 12:34:05 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580042039.6|kimWiymOgugi.fcgqsLomgen0; Version=1; Expires=Mon, 10-Feb-2020 12:34:05 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 26 Jan 2020 12:34:05 GMT
content-type: text/html
content-length: 355
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK Cookie set showad.js
ads.pubmatic.com/AdServer/js/ Frame DFB7 0
0 57ms
30ms Document
text/html 23.210.249.92
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.92 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-92.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: nested-navigate
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate, br
Cookie: KTPCACOOKIE=YES; KADUSERCOOKIE=5ED5415E-AEEA-422C-9311-6FE34BDE21C6; chkChromeAb67Sec=1; DPSync3=1580083200%3A174%7C1581206400%3A197_201; SyncRTB3=1580860800%3A63%7C1582588800%3A203%7C1581206400%3A3_8_7_54_56_161_21%7C1580601600%3A2; KRTBCOOKIE_1101=23040-6786228883837155475; PUBMDCID=3; KRTBCOOKIE_153=19420-6w0ByOZfAJvzC1fNulgenOtYBpXzUVGVug31EOLq&KRTB&22979-6w0ByOZfAJvzC1fNulgenOtYBpXzUVGVug31EOLq; KRTBCOOKIE_27=16735-uid:19f35e2d-807e-4f00-b3ad-1f546dd84a64&KRTB&16736-uid:19f35e2d-807e-4f00-b3ad-1f546dd84a64; SPugT=1580042039; KRTBCOOKIE_391=22924-405111215646767272; KRTBCOOKIE_80=16514-CAESEEubN72FhSzIY-pnZ91A4hA&KRTB&22987-CAESEEubN72FhSzIY-pnZ91A4hA&KRTB&22995-CAESEEubN72FhSzIY-pnZ91A4hA&KRTB&23025-CAESEEubN72FhSzIY-pnZ91A4hA; KRTBCOOKIE_22=14911-7289193819782770113&KRTB&23150-7289193819782770113; KRTBCOOKIE_377=22918-8dbbd880-6fb1-42ae-b846-bd6d70bafb59&KRTB&23031-8dbbd880-6fb1-42ae-b846-bd6d70bafb59; KRTBCOOKIE_466=16530-949607e6-bdc3-469c-97bd-952fc51d95ec&KRTB&16532-949607e6-bdc3-469c-97bd-952fc51d95ec; KRTBCOOKIE_336=5844-6161708833182388675; PugT=1580042040
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Last-Modified: Wed, 22 Jan 2020 11:16:09 GMT
ETag: "13006b6-973d-59cb8a6c84de0"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
Set-Cookie: KTPCACOOKIE=YES; domain=.pubmatic.com; path=/; max-age=7776000;
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14478
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=133955
Expires: Tue, 28 Jan 2020 01:46:40 GMT
Date: Sun, 26 Jan 2020 12:34:05 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 pd
eu-u.openx.net/w/1.0/ Frame 7D1D 0
0 260ms
260ms Document
text/html 34.95.120.147
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=48c05810-ff4e-4f97-9e53-51ecc3eb37e2&gdpr=1
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.95.120.147 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: 147.120.95.34.bc.googleusercontent.com
Software: OXGW/16.174.0 /
Resource Hash

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=6&ph=48c05810-ff4e-4f97-9e53-51ecc3eb37e2&gdpr=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: cross-site
sec-fetch-mode: nested-navigate
referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
accept-encoding: gzip, deflate, br
cookie: i=ed2cda53-0f7b-09f7-311b-30d243eb5e2c|1580042039; pd=v2|1580042039|mOgikimWiygu
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

status: 200
vary: Accept, Accept-Encoding
set-cookie: i=ed2cda53-0f7b-09f7-311b-30d243eb5e2c|1580042039; Version=1; Expires=Mon, 25-Jan-2021 12:34:06 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1580042039.6|kimWiymOgugi.fcgqsLomgen0; Version=1; Expires=Mon, 10-Feb-2020 12:34:06 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.174.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Sun, 26 Jan 2020 12:34:06 GMT
content-type: text/html
content-length: 355
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H/1.1 200
OK async_usersync.html
acdn.adnxs.com/ib/static/usersync/v3/ Frame B63F 0
0 49ms
35ms Document
text/html 23.210.249.83
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/prebid.js
Protocol: HTTP/1.1
Server: 23.210.249.83 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-83.deploy.static.akamaitechnologies.com
Software: nginx/1.11.5 /
Resource Hash

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Cookie: uuid2=3690495831150728838; icu=ChgIjq9kEAoYAiACKAIwvI628QU4AkACSAIQvI628QUYAQ..
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.11.5
Content-Type: text/html
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Mon, 25 Jan 2021 12:34:05 GMT
Date: Sun, 26 Jan 2020 12:34:05 GMT
Connection: keep-alive

GET
H2 200 v2 Show response
es-sunelespanol.videoplaza.tv/proxy/distributor/ 59 KB
4 KB 93ms
89ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=137421446&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&vht=236&vwt=420&cp.schain=1.0,1!sunmedia.tv,fbbb8d9c-434e-43c3-a569-dee028be8b85,1,,,
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: 348587faa90957a23eb4e5c5b33eb5d3034c127e92d2a0ab47aab1e5bd999e27

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:07 GMT
content-encoding: gzip
status: 200
vary: Origin, Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 /
track.sunmedia.tv/ 42 B
276 B 89ms
86ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=0434c5d5-6985-4bfb-9d0f-35ffc3cf7266&tp=err
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:07 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1664
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 v2 Show response
es-sunelespanol.videoplaza.tv/proxy/distributor/ 59 KB
4 KB 82ms
79ms XHR
text/xml 185.28.138.9
VIDEOPLAZA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://es-sunelespanol.videoplaza.tv/proxy/distributor/v2?s=RONIH/Desktop&tt=p&rt=vast_2.0&rnd=122461095&pf=fl_11&dcid=pc&xpb=1&gdpr=1&gdpr_consent=1&ru=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d&vht=236&vwt=420&cp.schain=1.0,1!sunmedia.tv,fbbb8d9c-434e-43c3-a569-dee028be8b85,1,,,
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.28.138.9 , Sweden, ASN197541 (VIDEOPLAZA-AS, SE),
Reverse DNS
Software: /
Resource Hash: 1133f89211a8592ec940fa31eeb3ee8e4425a192052c68d7124c69fc1bbf8173

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:07 GMT
content-encoding: gzip
status: 200
vary: Origin, Accept-Encoding
content-type: text/xml;charset=utf-8
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
699 B 15ms
14ms XHR
text/xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=${randoml}&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fiu%3D%2F260217354%2Fmarca_com_marca_video_instream_video_topsites%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26tfcd%3D0%26npa%3D0%26sz%3D300x250%257C320x180%257C320x240%257C540x360%257C640x360%257C640x480%257C720x576%257C768x576%257C1280x720%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b19f4d9a08a17f980a5774ea3d07eeb766f045986d64e9705ba2b2df4829dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jan 2020 12:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 627
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
695 B 67ms
66ms XHR
text/xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b19f4d9a08a17f980a5774ea3d07eeb766f045986d64e9705ba2b2df4829dd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jan 2020 12:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 627
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D121 39 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/260217354/marca_com_marca_video_instream_video_topsites%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26tfcd%3D0%26npa%3D0%26sz%3D300x250%257C320x180%257C320x240%257C540x360%257C640x360%257C640x480%257C720x576%257C768x576%257C1280x720%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26channel%3Dvastadp

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb89404aaa1c8764041237f14d7cb9bb13a36ec1e071a7eeaa8b8f540a3848f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 18:26:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14299
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:49:07 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D121 270 KB
92 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fiu%3D/260217354/marca_com_marca_video_instream_video_topsites%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26tfcd%3D0%26npa%3D0%26sz%3D300x250%257C320x180%257C320x240%257C540x360%257C640x360%257C640x480%257C720x576%257C768x576%257C1280x720%26gdfp_req%3D1%26output%3Dvast%26unviewed_position_start%3D1%26env%3Dvp%26vpos%3Dpreroll%26vpmute%3D0%26vpa%3D0%26type%3Djs%26nofb%3D1%26channel%3Dvastadp

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46eaa78140ea25a90d717b938f9e4f041679c03820cfa62ff3e9ea2c7016cb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 93767
X-XSS-Protection: 0
Expires: Sun, 26 Jan 2020 12:34:07 GMT

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A109 39 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb89404aaa1c8764041237f14d7cb9bb13a36ec1e071a7eeaa8b8f540a3848f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 18:26:07 GMT
server: sffe
age: 0
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14299
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:49:07 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame A109 270 KB
92 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46eaa78140ea25a90d717b938f9e4f041679c03820cfa62ff3e9ea2c7016cb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:07 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 93767
X-XSS-Protection: 0
Expires: Sun, 26 Jan 2020 12:34:07 GMT

GET
H/1.1 200
OK bridge3.363.1_en.html
imasdk.googleapis.com/js/core/ Frame D3DC 0
0 7ms
6ms Document
text/html 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.363.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196512
Date: Sun, 26 Jan 2020 11:48:36 GMT
Expires: Mon, 25 Jan 2021 11:48:36 GMT
Last-Modified: Fri, 24 Jan 2020 18:21:28 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 2732

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D121 26 KB
10 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D121 109 B
171 B 16ms
14ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=idvbuo.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame D121 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame D121 0
415 B 15ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?et=object&lid=126&sdkv=h.3.363.1&e=420706097&id=ima_html5&c=1621681630103484&domain

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:08 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame A109 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK bridge3.363.1_en.html
imasdk.googleapis.com/js/core/ Frame FB93 0
0 5ms
5ms Document
text/html 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.363.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196512
Date: Sun, 26 Jan 2020 11:48:36 GMT
Expires: Mon, 25 Jan 2021 11:48:36 GMT
Last-Modified: Fri, 24 Jan 2020 18:21:28 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 2732

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame A109 26 KB
10 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:08 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame A109 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=idvbuo.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame A109 0
415 B 14ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?et=object&lid=126&sdkv=h.3.363.1&e=370204079%2C420706137&id=ima_html5&c=1236206382610961&domain

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:08 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1 KB
659 B 15ms
14ms XHR
text/xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=1041903318&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x480%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26vpos%3Dpreroll%26iu%3D%2F21631112852%2FRevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

538db99da6d5408e037912230f5c6771ad72444003a2e58d91274dabee6bb578

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jan 2020 12:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 587
x-xss-protection: 0

GET
H2 200 ima3vpaid Show response
tpc.googlesyndication.com/ 1021 B
642 B 51ms
50ms XHR
text/xml 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/ima3vpaid?vad_format=linear&correlator=-669618940&adtagurl=https%3A%2F%2Fpubads.g.doubleclick.net%2Fgampad%2Fads%3Fsz%3D640x480%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26vpos%3Dpreroll%26iu%3D%2F21631112852%2FRevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e880947497ccba68d56293391c23f6e7686cb363e30064fa95f6fc11632138a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

timing-allow-origin: *
date: Sun, 26 Jan 2020 12:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: private
access-control-allow-credentials: true
content-type: text/xml; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 570
x-xss-protection: 0

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F53D 39 KB
14 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26vpos%3Dpreroll%26iu%3D/21631112852/RevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1%26channel%3Dvastadp&correlator=1041903318

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb89404aaa1c8764041237f14d7cb9bb13a36ec1e071a7eeaa8b8f540a3848f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 18:26:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14299
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:49:08 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F53D 270 KB
92 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26vpos%3Dpreroll%26iu%3D/21631112852/RevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1%26channel%3Dvastadp&correlator=1041903318

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46eaa78140ea25a90d717b938f9e4f041679c03820cfa62ff3e9ea2c7016cb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:08 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 93767
X-XSS-Protection: 0
Expires: Sun, 26 Jan 2020 12:34:08 GMT

GET
H2 200 vpaid_adapter.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0B53 39 KB
14 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bb89404aaa1c8764041237f14d7cb9bb13a36ec1e071a7eeaa8b8f540a3848f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 24 Jan 2020 18:26:07 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 14299
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:49:09 GMT

GET
H/1.1 200
OK ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 0B53 270 KB
92 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/vpaid_adapter.js?adtagurl=https://pubads.g.doubleclick.net/gampad/ads%3Fsz%3D640x480%26description_url%3Dhttp://idvbuo.webcindario.com/b/run/question.php%3F69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d%26vpos%3Dpreroll%26iu%3D/21631112852/RevenueMaker_Video%26env%3Dvp%26gdfp_req%3D1%26output%3Dvast%26tfcd%3D0%26npa%3D0%26vpmute%3D0%26vpa%3D0%26type%3Djs%26unviewed_position_start%3D1%26channel%3Dvastadp

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46eaa78140ea25a90d717b938f9e4f041679c03820cfa62ff3e9ea2c7016cb39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:09 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: sffe
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: private, max-age=900, stale-while-revalidate=3600
Accept-Ranges: bytes
Content-Length: 93767
X-XSS-Protection: 0
Expires: Sun, 26 Jan 2020 12:34:09 GMT

GET
DATA 200
OK truncated
/ Frame F53D 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK bridge3.363.1_en.html
imasdk.googleapis.com/js/core/ Frame 17B6 0
0 6ms
5ms Document
text/html 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.363.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196512
Date: Sun, 26 Jan 2020 11:48:36 GMT
Expires: Mon, 25 Jan 2021 11:48:36 GMT
Last-Modified: Fri, 24 Jan 2020 18:21:28 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 2733

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame F53D 26 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame F53D 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=idvbuo.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame F53D 0
415 B 13ms
13ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?et=object&lid=126&sdkv=h.3.363.1&e=189176001%2C44713400&id=ima_html5&c=1679738344856886&domain

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:09 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0B53 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK bridge3.363.1_en.html
imasdk.googleapis.com/js/core/ Frame C0F2 0
0 5ms
5ms Document
text/html 2a00:1450:4001:818::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://imasdk.googleapis.com/js/core/bridge3.363.1_en.html

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

HTTP/1.1

Server

2a00:1450:4001:818::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Host: imasdk.googleapis.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Accept-Encoding: gzip, deflate
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d

Response headers

Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Type: text/html
Content-Length: 196512
Date: Sun, 26 Jan 2020 11:48:36 GMT
Expires: Mon, 25 Jan 2021 11:48:36 GMT
Last-Modified: Fri, 24 Jan 2020 18:21:28 GMT
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Cache-Control: public, max-age=31536000
Age: 2734

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 0B53 26 KB
10 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:824::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:824::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 10523
x-xss-protection: 0
expires: Sun, 26 Jan 2020 12:34:10 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 0B53 109 B
171 B 15ms
15ms Script
application/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=idvbuo.webcindario.com

Requested by

Host: imasdk.googleapis.com
URL: http://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43",h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 104
x-xss-protection: 0

GET
H/1.1 204
No Content gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B53 0
415 B 14ms
14ms Image
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://pagead2.googlesyndication.com/pagead/gen_204?et=object&lid=126&sdkv=h.3.363.1&e=21064201&id=ima_html5&c=162572206507699&domain

Protocol

HTTP/1.1

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:10 GMT
X-Content-Type-Options: nosniff
Content-Type: image/gif
Server: cafe
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, must-revalidate
Timing-Allow-Origin: *
Content-Length: 0
X-XSS-Protection: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5 Show response
vast.sunmedia.tv/creatives/ 1 KB
705 B 33ms
33ms XHR
text/xml 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/855c843c-c46c-46a8-994a-d0500eeecff5
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 8e3194a6bf96d447a6e3d867e9d185b37bedc8b7e94eda83c1de94aac757ee08

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:10 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5 Show response
vast.sunmedia.tv/creatives/ 1 KB
705 B 34ms
34ms XHR
text/xml 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/855c843c-c46c-46a8-994a-d0500eeecff5
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 8e3194a6bf96d447a6e3d867e9d185b37bedc8b7e94eda83c1de94aac757ee08

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:10 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5.js Show response
creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/ Frame 3BE3 205 KB
35 KB 31ms
31ms Script
application/javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: a0d5546ce119affaaa50a99bdfaa74694692790ead83bf8a0b276865e31052f0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:10 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Wed, 08 Jan 2020 12:15:25 GMT
server: nginx
age: 1666
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 35878

GET
H2 200 855c843c-c46c-46a8-994a-d0500eeecff5.js Show response
creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/ Frame A3B1 205 KB
35 KB 37ms
37ms Script
application/javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: a0d5546ce119affaaa50a99bdfaa74694692790ead83bf8a0b276865e31052f0

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:10 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Wed, 08 Jan 2020 12:15:25 GMT
server: nginx
age: 1666
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 35878

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 2A1F 3 KB
3 KB 37ms
37ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:15:14 GMT
server: nginx
age: 1668
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_ava.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 2A1F 896 B
659 B 36ms
36ms Script
application/x-javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 012fc52dc8464e217227a5e7ffb217786966db23b38d5ef8a6ca46e8f051b9ae

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
content-encoding: gzip
tp-cache: HIT
server: nginx
age: 1667
content-type: application/x-javascript
status: 200
cache-control: max-age=0, s-maxage=3600s
access-control-allow-credentials: true, true
content-length: 424
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 3BE3 42 B
276 B 36ms
36ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=SMAdFactory
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1668
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame 3BE3 42 B
276 B 36ms
36ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=adl
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1668
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame A3B1 42 B
276 B 36ms
36ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=SMAdFactory
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1668
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H2 200 sound-on.png
static.sunmedia.tv/SMSdk/ico/ Frame 9D89 3 KB
3 KB 37ms
37ms Image
image/png 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.sunmedia.tv/SMSdk/ico/sound-on.png
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
tp-cache: HIT
last-modified: Wed, 15 Jan 2020 10:15:14 GMT
server: nginx
age: 1668
vary: Accept-Encoding
content-type: image/png
status: 200
cache-control: max-age=0, s-maxage=2592000
content-length: 2894
accept-ranges: bytes
x-device: desktop

GET
H2 200 indisplay_general_ava.js Show response
creatives.sunmedia.tv/vpaid_ssp_display/ Frame 9D89 896 B
659 B 37ms
36ms Script
application/x-javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 012fc52dc8464e217227a5e7ffb217786966db23b38d5ef8a6ca46e8f051b9ae

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
content-encoding: gzip
tp-cache: HIT
server: nginx
age: 1667
content-type: application/x-javascript
status: 200
cache-control: max-age=0, s-maxage=3600s
access-control-allow-credentials: true, true
content-length: 424
accept-ranges: bytes
x-device: desktop

GET
H2 200 /
track.sunmedia.tv/ Frame A3B1 42 B
276 B 37ms
37ms Image
image/gif 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smadf&ce=855c843c-c46c-46a8-994a-d0500eeecff5&tp=adl
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/855c843c-c46c-46a8-994a-d0500eeecff5/video/855c843c-c46c-46a8-994a-d0500eeecff5.js?xclk=${xclk}
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1668
vary: Accept-Encoding
content-type: image/gif
status: 200
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
content-length: 42
accept-ranges: bytes
x-device: desktop

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 2A1F 24 KB
10 KB 29ms
29ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 98fc00528a207dee025a6c14d3b5ddea456fe2a07a10cf88ff197e1cf1057141

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:11 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=146
Content-Length: 10143
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK smart.js Show response
ced.sascdn.com/tag/1999/ Frame 9D89 24 KB
10 KB 50ms
31ms Script
application/javascript 2.16.186.105
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://ced.sascdn.com/tag/1999/smart.js
Requested by: Host: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/vpaid_ssp_display/indisplay_general_ava.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.186.105 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-105.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 98fc00528a207dee025a6c14d3b5ddea456fe2a07a10cf88ff197e1cf1057141

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Date: Sun, 26 Jan 2020 12:34:11 GMT
Content-Encoding: gzip
Cache-Control: public, max-age=146
Content-Length: 10143
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 2A1F 22 B
2 KB 76ms
55ms Script
application/javascript 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=7105748388&tag=sas_70691&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:11 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b11%3b60
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H/1.1 200
OK ac Show response
www8.smartadserver.com/ Frame 9D89 22 B
2 KB 87ms
72ms Script
application/javascript 185.86.137.113
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: http://www8.smartadserver.com/ac?nwid=1999&siteid=281855&pgid=1039313&fmtid=70691&async=1&visit=m&tmstp=3612888621&tag=sas_70691&sh=1200&sw=1600&pgDomain=http%3A%2F%2Fidvbuo.webcindario.com%2Fb%2Frun%2Fquestion.php&noadcbk=sas.noad
Requested by: Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1999/smart.js
Protocol: HTTP/1.1
Server: 185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 26 Jan 2020 12:34:10 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-SMRT-D: 3%3b13%3b65
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Cache-Control: no-cache, no-store
Content-Type: application/javascript; charset=utf-8
Content-Length: 140
Expires: -1

GET
H2 200 0434c5d5-6985-4bfb-9d0f-35ffc3cf7266 Show response
vast.sunmedia.tv/creatives/ 1 KB
709 B 33ms
32ms XHR
text/xml 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 4b3b9b9f39fef6bd6e316aa19b37be467dd9e47cd53446279fde3cfc2d5067c1

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET
H2 200 0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js Show response
creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/ Frame 3BBE 205 KB
35 KB 32ms
32ms Script
application/javascript 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 80b5eb4754c78a4295cab91ff51c2cb2cca1ee0de677aea9e92dee7a95aff95e

Request headers

Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 14 Jan 2020 12:37:24 GMT
server: nginx
age: 1668
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
status: 200
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: desktop
accept-ranges: bytes
content-length: 35887

GET
H2 200 0434c5d5-6985-4bfb-9d0f-35ffc3cf7266 Show response
vast.sunmedia.tv/creatives/ 1 KB
709 B 32ms
32ms XHR
text/xml 51.68.35.185
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://vast.sunmedia.tv/creatives/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.68.35.185 , France, ASN16276 (OVH, FR),
Reverse DNS: ns3128584.ip-51-68-35.eu
Software: nginx /
Resource Hash: 4b3b9b9f39fef6bd6e316aa19b37be467dd9e47cd53446279fde3cfc2d5067c1

Request headers

Accept: */*
Referer: http://idvbuo.webcindario.com/b/run/question.php?69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d69647662756f2e77656263696e646172696f2e636f6d
Origin: http://idvbuo.webcindario.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36

Response headers

date: Sun, 26 Jan 2020 12:34:11 GMT
content-encoding: gzip
tp-cache: MISS
server: nginx
age: 0
status: 200
access-control-allow-methods: GET
content-type: text/xml
access-control-allow-origin: http://idvbuo.webcindario.com
cache-control: no-cache
access-control-allow-credentials: true
x-device: desktop

GET 0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js
creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/ Frame E86E 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: jazz-pt.ecnp.bankofamerica.com
URL: http://jazz-pt.ecnp.bankofamerica.com/5309/handler9/session.json

Domain: creatives.sunmedia.tv
URL: https://creatives.sunmedia.tv/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266/video/0434c5d5-6985-4bfb-9d0f-35ffc3cf7266.js?xclk=${xclk}

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Bank of America (Banking)

517 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.doubleclick.net/	1970-01-19 16:15:38	Name: IDE Value: AHWqTUkhOSQUxU9eddzBqIet7yQPv38ZTsCqjTw10jyWMj0QvOF42ERndOTKDsUk
.idvbuo.webcindario.com/	1970-01-19 06:55:28	Name: _gid Value: GA1.3.442343796.1580042040
.webcindario.com/	1970-01-19 15:39:38	Name: bactm_lts Value: %7B%22adobeMID%22%3A%7B%22errors%22%3A%5B%7B%22code%22%3A198%2C%22msg%22%3A%22Requests%20from%20this%20country%20are%20blocked%20by%20partner%22%7D%5D%7D%7D
.idvbuo.webcindario.com/	1970-01-19 06:54:02	Name: _gat_UA-597118-7 Value: 1
.idvbuo.webcindario.com/	1970-01-19 06:54:02	Name: _gat_UA-597118-17 Value: 1
.webcindario.com/	1970-01-19 15:39:38	Name: utag_main Value: v_id:016fe1d834010000f890b304270c0007800e107000b08$_sn:1$_ss:1$_st:1580043840323$ses_id:1580042040323%3Bexp-session$_pn:1%3Bexp-session
.idvbuo.webcindario.com/	1970-01-20 00:25:14	Name: _ga Value: GA1.3.979697727.1580042040
idvbuo.webcindario.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 429af56854578ce0aa8be97b8009571b
.webcindario.com/	1969-12-31 23:59:59	Name: usy46gabsosd Value: celebrus_15800420403820.39d9c6301b04ef736ae9afa6ea315858_5309
.idvbuo.webcindario.com/	1970-01-19 06:54:02	Name: _gat_UA-597118-1 Value: 1
idvbuo.webcindario.com/	1969-12-31 23:59:59	Name: cmRS Value: t3=1580042040612&pi=
.webcindario.com/	1970-01-25 20:31:23	Name: __muid Value: bb796f210f3c15bc6ca90e68806896c414e73084

33 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: bactm library v2.23.2 initializing.
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: Pageview event added to the dataCollector.
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: dataCollector processing: [object Object]
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: Call pageview on array index 0 with options: [object Object]
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: Firing a pageview with the following info: [object Object]
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 42) Message: [object Object]
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: adobemid plugin v1.1.5 initializing.
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: adobesensei plugin v3.0.0-rc initializing.
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: neustar plugin v1.0.0 initializing.
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.11.js?utv=ut4.41.201911041507(Line 30) Message: boa.chat :: INITIALIZING (version 1.20.1)
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: bactm.chat plugin v1.0.3 initializing.
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: bactm.chat handling a pageview. [object Object]
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: AgentId plugin v0.1.0 initializing.
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.11.js?utv=ut4.41.201911041507(Line 29) Message: boa.chat/translateData/chatData :: [object Object]
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.11.js?utv=ut4.41.201911041507(Line 29) Message: boa.chat/translateTargets/targets :: [object Object]
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.11.js?utv=ut4.41.201911041507(Line 29) Message: boa.chat/DATA PREPARATION COMPLETE :: [object Object]
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.js(Line 144) Message: Adobe MID API request: Success
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 271) Message: Bactm.genesys.chat PubSub
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 271) Message: adding TealiumPubSub
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 271) Message: console.groupEnd
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 330) Message: Bactm.genesys.chat Bootstrap
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 274) Message: Bactm.genesys.chat Placeholder
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 274) Message: appending div#chat-placeholder to body
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 274) Message: console.groupEnd
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 280) Message: Bactm.genesys.chat WidgetScript
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 280) Message: appending script http://localhost:3005/spa/widgets/loader/3.0.0/index.js to <body>
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 280) Message: console.groupEnd
console-api	log	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 330) Message: console.groupEnd
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 397) Message: boa.chat/translateData/chatData :: [object Object]
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 397) Message: boa.chat/translateTargets/targets :: [object Object]
console-api	info	URL: http://tags.tiqcdn.com/utag/bofa/olb/notprod/utag.21.js?utv=ut4.41.201912192020(Line 397) Message: boa.chat/DATA PREPARATION COMPLETE :: [object Object]
console-api	log	URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4(Line 1) Message: [43m%s[0m Send completed [object Object]
console-api	log	URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4(Line 1) Message: [43m%s[0m Send completed [object Object]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acdn.adnxs.com
ads.pubmatic.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
b.scorecardresearch.com
bidder.criteo.com
bofa.demdex.net
cdn.smartclip-services.com
ced.sascdn.com
creatives.sunmedia.tv
d.agkn.com
des.smartclip.net
dpm.demdex.net
ec.sascdn.com
es-sunelespanol.videoplaza.tv
eu-u.openx.net
fonts.googleapis.com
googleads.g.doubleclick.net
hbopenbid.pubmatic.com
hosting.miarroba.info
ib.adnxs.com
idvbuo.webcindario.com
imasdk.googleapis.com
img.sunmediaads.com
jazz-pt.ecnp.bankofamerica.com
js.agkn.com
miarroba.com
pagead2.googlesyndication.com
play.sunmediaads.com
prebid.digitru.st
public.cobrowse.oraclecloud.com
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
services.sunmedia.tv
static.criteo.net
static.sunmedia.tv
stats.g.doubleclick.net
sun-d.openx.net
sync.richaudience.com
tags.tiqcdn.com
tpc.googlesyndication.com
track.sunmedia.tv
vast.sunmedia.tv
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www8.smartadserver.com
creatives.sunmedia.tv
jazz-pt.ecnp.bankofamerica.com
130.61.96.156
152.199.23.241
159.69.72.190
178.250.0.165
185.28.138.9
185.33.223.215
185.64.189.112
185.86.137.113
185.94.180.124
2.16.186.105
2.16.186.80
212.92.39.34
23.0.38.131
23.210.249.83
23.210.249.92
23.5.97.37
2600:9000:2057:2200:19:fc2c:a140:93a1
2600:9000:2057:e000:a:d79f:3100:93a1
2600:9000:214f:d600:15:efbc:e300:93a1
2606:4700:20::681a:cc8
2606:4700:20::681a:d72
2a00:1450:4001:806::2001
2a00:1450:4001:814::2008
2a00:1450:4001:814::200a
2a00:1450:4001:815::200e
2a00:1450:4001:816::200a
2a00:1450:4001:818::200a
2a00:1450:4001:81c::2002
2a00:1450:4001:81e::2002
2a00:1450:4001:824::2003
2a00:1450:4001:824::2004
2a00:1450:4001:824::2006
2a00:1450:400c:c0c::9c
2a02:2638:1::3
34.252.123.130
34.95.120.147
5.57.226.202
51.68.35.185
52.30.78.155
54.72.49.47
68.232.35.16
89.255.250.53
012fc52dc8464e217227a5e7ffb217786966db23b38d5ef8a6ca46e8f051b9ae
02c773c1b9bba530dafb306e45a88586a411863f3caebd3daf8d611ed3b7bf5f
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
0da754bf24dcb334bc0610484092df27e76cb97a213ceee5bd763595e78ecde4
1133f89211a8592ec940fa31eeb3ee8e4425a192052c68d7124c69fc1bbf8173
194b85c10c911ac7a204d734b732c3b7af39682d9690273d56d0fc808be650a8
1b19f4d9a08a17f980a5774ea3d07eeb766f045986d64e9705ba2b2df4829dd5
1f0a43e40edd242dde2ca2298d4318b572263e80a7ebe251c36b19392d388d41
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2607d0df1c0e1e81b8c5fb80453c22b472f00ab4c31d3aeb581146f95af98190
2b75150e90ce1ab05e462c1f9fa3be1b9bf46eb8ca01ace5385ed860ea84c7e2
2f0ac0559a948fa017a8ecdb5bddf7ac54033e8aa1eb91ff7df93243c690f0d1
2fd18698a9c07c01ed01e19274ad4cd456e1faabc8b226a17efc63b3220ef3e2
3006087b65710dcd0afe3892425082cb993455fce9f28aafe1d8965ef7f225d6
30652cee5990b3b76f6cbf6f26362be9254dd62b4c6e6003c1127d1484573787
348587faa90957a23eb4e5c5b33eb5d3034c127e92d2a0ab47aab1e5bd999e27
3850020bf3d555d772316cf9a0dd1a07f374aed3fd305e667b69c812adc0ebf3
44406acea48ad25a48195e7580b2dd83ba6713e1b0423dfdac97fc2b7f2b96a6
46eaa78140ea25a90d717b938f9e4f041679c03820cfa62ff3e9ea2c7016cb39
47fd77ed50c61b270cf73b6b71c5ae29d7b46023ea1e3d2f646858d839c927bb
4970a2564975f448345b456d0c9d087ece00083684ded6143b0d77c0dc3aa5c9
498102d8d0e8815d114e73e70baccbd7de8b09d9ee5e72e776e474fdc50712b8
4984c39b03cddab1198a70add535b4600ac615d3e938edbec8d2d8b53b9f0a60
4b3b9b9f39fef6bd6e316aa19b37be467dd9e47cd53446279fde3cfc2d5067c1
4cf86b8273ac1a15c23684145f8035a0e3c9d67942f62cb44bb8b95bd7465877
52935733acbfaa83126cdf4a3cc3ba730eaa8903b9be74b1a8dbf2eaed1bf9ac
538db99da6d5408e037912230f5c6771ad72444003a2e58d91274dabee6bb578
5446a03c45ddf23c321718362a191587a68be6936bfc29924653bf88ae19f9d5
599620456ecb3288d5363cd8c1cfc8d1c950d39fefb831efaab5e300e312658d
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5b448ed00c660532503979ed4096e068ba969f4f6a55c39c2ccbb87ba87dadfb
5bb89404aaa1c8764041237f14d7cb9bb13a36ec1e071a7eeaa8b8f540a3848f
62f2eeec7851ae0d5e322062cf40092478236d4a4fc5a2cfd87b257739104147
6367d97034ea3cb26e6f9a2459318a717f4673c0153ffa230cdd5773f9252c2c
66a4e9a40dc7ec0577404cc5cc68e14b8b3380a1abaf2e55f62669e3c9e20481
674180023f1a85c33961a413fb895c5a930af5a90dedda881c61347d6e3f20e3
6821c8647dc2658bcf467680126ac0fa0637ccac0bef0dd3970350a2f02bff3e
68cb69fc2de2eef113b217d0a7547be2113e9263e1ec234910bdd215c0d89382
6f725164ee67b26671224a5bbc250c7ff080537e05b5567c182d08e8ae217c1d
71e62408eae5de6719fe200aa9c9fac7085632768995d14da07790e31d8187ed
762bea50b1d8bdd1c7f7004cdad0951e4e72ebfa8a9486532b5da32eb4a173e1
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7a000f38eb0e9764341b690ff8c931c309a4392e7b35c157652864658ab406eb
7d54442c85d34c7d51cc3197d8c8cbd6a086f0dc3e96818291698549ed839fee
80b5eb4754c78a4295cab91ff51c2cb2cca1ee0de677aea9e92dee7a95aff95e
825bc85e69d58fdbd856da66583f01c0dce228edee24896a34b28a0cedf302c8
826190201cbb9553bede1e1c3f8d6b8b622e6e5adece5d4175f4e6c5d74cc510
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83f5dad4043f29e4ca12cc10dc5d3615c83c31557bdd657f8a28d316bb578d73
8401403ad3ba55e3fc5d87eae348fb19e70c3b79487117bfc2cd1558c1143f6a
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
872c6c526e00fe24fc350c4dc439b7167639431c5123d684c828d343c5dbaa8f
88a780053f2091f4dd72a764afdf47d1a32f4518da328797f158493bfe122feb
8b499b2157a28eadb22d48c963dccf295194a765ee08fe3719d9e10088c74da0
8e3194a6bf96d447a6e3d867e9d185b37bedc8b7e94eda83c1de94aac757ee08
90c24dbeafc0dea49a10c1140b52b52831fc2c8fb7258b55f46f19b593d7dfc6
98fc00528a207dee025a6c14d3b5ddea456fe2a07a10cf88ff197e1cf1057141
9d02d662da8a47fb5fb610b545007507b6017028043dbb63cd09ec897d3b9627
a0d5546ce119affaaa50a99bdfaa74694692790ead83bf8a0b276865e31052f0
a2c2339691fc48fbd14fb307292dff3e21222712d9240810742d7df0c6d74dfb
ae6c7c71ba9f0248e0720b58d8309255bcae8f410ffadcd468750b1806a1c670
af2060e1f1065baf432a59dc47e6c12d1a4301a0399a267b94a3bcd147852485
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4723b5b14abe7a2062b65bf79b4d5d1e575e786a439e61ff95a38e7e9e140e9
bdc8974fef203fa0bb84f6488aca9993abe075e703a1edc87c583e71ae855412
c8a22161e476569199308a717b2d6e775ddd7d50770f7236df3400fcea193317
cae267c6a29c9975382e943d82fe4ae0ebbd5c30c3df5156b232a0df4b2ebff5
d0fd74148f4cbe78bd0e6328dc5ce5955f0a0ecdb1eb2919da4a7e596ac65912
daec246cf2f862e5ca770dc85098380c7d4ade30432b11bac56b24ab2dec44b9
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
dd4473796fb0eda44798d1802b139e99b54cdf783a2df05f0be684481238c151
e030d7def4d545a05d951ed8a99a688de64a5875fb13b6078d62de23f72e0f0d
e0eb755d9761643245021ae41c430f44a86ea89b08098925eea490aa5cf3dfb0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e49851a126b4eac23416ee43bc11329b8cf2a857018e030191c4b649a975fb61
e597c06632ee0db65fbc6d4884889d9bdd3782e7cc4b37660b25c019c6c96991
e880947497ccba68d56293391c23f6e7686cb363e30064fa95f6fc11632138a7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4ea3e2251af85c81c02a2b231738957006a2edcf79235a287ff5404c308ed85
f6a136cb4fb02027db55cc14c52b6b5fe4644ed1aeeea1c72071c6045ccc050b
f6e19fdd6a1ec225f2e8c01db431f08823116b99f16c2caddcb177b8432cd18c
f737f2a78f41bc972d791a7c90af32f4ad8b664250c766ef01fd1a01eda68a1a
f8d331c008b8859e4c5634fa81a5c952c6f01e97832ed6c9366408b26fb70d6e
f8dbe012cf93ffee0ea358d211da0d9c8f5ce60f2c5388f3b2b8c126caffa328
fd43f7a2cd9dd0f123b3cb12c19b756632aa8a5ebd58ea24683e9966866d8f13

idvbuo.webcindario.com Open in urlscan Pro 5.57.226.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

185 Requests

69 %HTTPS

43 %IPv6

33 Domains

51 Subdomains

41 IPs

10 Countries

2267 kBTransfer

7942 kBSize

12 Cookies

5 Outgoing links

Redirected requests

185 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

idvbuo.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

185
Requests

69 %
HTTPS

43 %
IPv6

33
Domains

51
Subdomains

41
IPs

10
Countries

2267 kB
Transfer

7942 kB
Size

12
Cookies

185 HTTP transactions
6 data transactions