bncaanacinnsopor.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bncaanacinnsopor.webcindario.com/
Submission Tags: 7432672
Submission: On February 02 via api (February 2nd 2022, 10:37:03 am UTC) from US — Scanned from DE

Summary HTTP 54 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 21 domains to perform 54 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is bncaanacinnsopor.webcindario.com.
TLS certificate: Issued by R3 on January 27th 2022. Valid for: 3 months.

This is the only time bncaanacinnsopor.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Banco Nacional (Banking)

Domain & IP information

	IP Address	AS Autonomous System
12	5.57.226.202 5.57.226.202	29119 (SERVIHOST...) (SERVIHOSTING-AS AireNetworks)
2	2606:4700:303... 2606:4700:3037::ac43:bb46	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:224... 2600:9000:224a:1200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::200a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:de00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1	35.186.194.101 35.186.194.101	15169 (GOOGLE) (GOOGLE)
1	205.185.216.10 205.185.216.10	20446 (HIGHWINDS3) (HIGHWINDS3)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
1	212.92.55.8 212.92.55.8	24592 (NEXICA-AS) (NEXICA-AS)
6	51.89.64.207 51.89.64.207	16276 (OVH) (OVH)
1	18.222.46.171 18.222.46.171	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	141.94.102.46 141.94.102.46	16276 (OVH) (OVH)
1	18.189.54.62 18.189.54.62	16509 (AMAZON-02) (AMAZON-02)
1	35.241.45.217 35.241.45.217	15169 (GOOGLE) (GOOGLE)
4	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
4 4	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
54	22

12 5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)

bncaanacinnsopor.webcindario.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3037::ac43:bb46 (United States)

ASN13335 (CLOUDFLARENET, US)

hosting.miarroba.info	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:224a:1200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:de00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.194.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.194.186.35.bc.googleusercontent.com

des.smartclip.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.10 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

img.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.se	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.92.55.8 (Vilanova de la Roca, Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unamed.nexica.net

play.sunmediaads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 51.89.64.207 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ns3168032.ip-51-89-64.eu

static.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.222.46.171 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-222-46-171.us-east-2.compute.amazonaws.com

servingcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.102.46 (France)

ASN16276 (OVH, FR)
PTR: ns31432935.ip-141-94-102.eu

services.sunmedia.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.189.54.62 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-54-62.us-east-2.compute.amazonaws.com

jnxm2.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com

pghub.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pandg.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.223.40.198 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
12	webcindario.com bncaanacinnsopor.webcindario.com	133 KB
7	sunmedia.tv static.sunmedia.tv — Cisco Umbrella Rank: 30827 services.sunmedia.tv — Cisco Umbrella Rank: 38689 track.sunmedia.tv — Cisco Umbrella Rank: 38029	197 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	20 KB
4	adsrvr.org 4 redirects match.adsrvr.org — Cisco Umbrella Rank: 329	2 KB
4	tapad.com pandg.tapad.com — Cisco Umbrella Rank: 1840 pixel.tapad.com — Cisco Umbrella Rank: 419	2 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	2 KB
2	google.se www.google.se — Cisco Umbrella Rank: 20475	608 B
2	google.com www.google.com — Cisco Umbrella Rank: 13	608 B
2	sunmediaads.com img.sunmediaads.com — Cisco Umbrella Rank: 123499 play.sunmediaads.com — Cisco Umbrella Rank: 153957	114 KB
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 96	523 B
2	gstatic.com fonts.gstatic.com	35 KB
2	miarroba.info hosting.miarroba.info — Cisco Umbrella Rank: 157042	2 KB
1	pghub.io pghub.io — Cisco Umbrella Rank: 1630	4 KB
1	jnxm2.com jnxm2.com — Cisco Umbrella Rank: 24904	16 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 227	6 KB
1	servingcdn.net servingcdn.net — Cisco Umbrella Rank: 120616	32 KB
1	smartclip.net des.smartclip.net — Cisco Umbrella Rank: 24873	358 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 898	439 B
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1019	10 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 78	50 KB
1	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2278	327 B
54	21

	Domain	Requested by
12	bncaanacinnsopor.webcindario.com	bncaanacinnsopor.webcindario.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	match.adsrvr.org	4 redirects
4	static.sunmedia.tv	bncaanacinnsopor.webcindario.com static.sunmedia.tv
3	fonts.googleapis.com	bncaanacinnsopor.webcindario.com
2	pixel.tapad.com	pandg.tapad.com
2	pandg.tapad.com	pghub.io
2	track.sunmedia.tv
2	www.google.se	bncaanacinnsopor.webcindario.com
2	www.google.com	bncaanacinnsopor.webcindario.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	fonts.gstatic.com	bncaanacinnsopor.webcindario.com fonts.googleapis.com
2	hosting.miarroba.info	bncaanacinnsopor.webcindario.com
1	pghub.io	bncaanacinnsopor.webcindario.com
1	jnxm2.com	servingcdn.net
1	services.sunmedia.tv	static.sunmedia.tv
1	cdnjs.cloudflare.com	servingcdn.net
1	servingcdn.net	img.sunmediaads.com
1	play.sunmediaads.com	img.sunmediaads.com
1	img.sunmediaads.com	bncaanacinnsopor.webcindario.com
1	des.smartclip.net	bncaanacinnsopor.webcindario.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googletagmanager.com	bncaanacinnsopor.webcindario.com
1	quantcast.mgr.consensu.org	bncaanacinnsopor.webcindario.com
54	25

This site contains links to these domains. Also see Links.

Domain
www.bncr.fi.cr

Subject Issuer	Validity	Valid
webcindario.com R3	`2022-01-27` - `2022-04-27`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
quantcast.mgr.consensu.org Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.smartclip.net GTS CA 1D4	`2021-12-07` - `2022-03-07`	3 months	crt.sh
leadzuin.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-08` - `2022-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-01-10` - `2022-04-04`	3 months	crt.sh
*.google.se GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.sunmedia.tv Sectigo ECC Domain Validation Secure Server CA	`2021-01-13` - `2022-02-13`	a year	crt.sh
servingcdn.net Amazon	`2021-10-19` - `2022-11-17`	a year	crt.sh
jnxm2.com Amazon	`2021-05-26` - `2022-06-24`	a year	crt.sh
*.pghub.io DigiCert TLS RSA SHA256 2020 CA1	`2021-02-09` - `2022-02-16`	a year	crt.sh
*.tapad.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-13` - `2022-10-14`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://bncaanacinnsopor.webcindario.com/
Frame ID: 4FDE546186EF2F06E81C025EADE576D8
Requests: 48 HTTP requests in this frame

Frame: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Frame ID: 025E7B7141B89921396A80481A4FDAEE
Requests: 1 HTTP requests in this frame

Frame: https://jnxm2.com/cr?ref=https%3A%2F%2Fbncaanacinnsopor.webcindario.com
Frame ID: 51439818C150D256BB7F5E291692B9D3
Requests: 1 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D
Frame ID: AA37EC0A44BB9C62E30335553B2CAF53
Requests: 2 HTTP requests in this frame

Frame: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Business%22%7D
Frame ID: 0047B6027F05C32C2F9961E7DC2352B2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Banco Nacional de Costa Rica. Inicio de Sesion

Detected technologies

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Page Statistics

54
Requests

96 %
HTTPS

52 %
IPv6

21
Domains

25
Subdomains

22
IPs

6
Countries

625 kB
Transfer

1218 kB
Size

12
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.bncr.fi.cr/
Title: www.bncr.fi.cr

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d2727945-5572-4fe2-b2f7-3fb29e6b22d1&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d2727945-5572-4fe2-b2f7-3fb29e6b22d1&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d5477ed6-ed73-4418-99bf-8c1f66b640fb&ttd_puid=d2727945-5572-4fe2-b2f7-3fb29e6b22d1

Request Chain 52

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ce539bde-bb3d-49d4-814a-31a9fc394aa7&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ce539bde-bb3d-49d4-814a-31a9fc394aa7&gdpr=&gdpr_consent=${gdpr_consent} HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d5477ed6-ed73-4418-99bf-8c1f66b640fb&ttd_puid=ce539bde-bb3d-49d4-814a-31a9fc394aa7

54 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bncaanacinnsopor.webcindario.com/ 60 KB
14 KB 416ms
67ms Document
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: a579cbff7cdab4de97a519fe603d43a88a5fa053eec4836e18626a84369377ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Wed, 02 Feb 2022 10:36:57 GMT
content-type: text/html
vary: Accept-Encoding
x-powered-by: Webcindario Hosting Service
content-encoding: gzip

GET
H2 200 style8f57.css
bncaanacinnsopor.webcindario.com/index_files/ 26 KB
6 KB 50ms
50ms Stylesheet
text/css 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://bncaanacinnsopor.webcindario.com/index_files/style8f57.css
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: be73cab6c4c09afb515cd2c2b637cbfbd5d3ed3af0a8f6e153c6288684d5cdd3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 18:47:29 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: W/"61f98041-667d"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 css
bncaanacinnsopor.webcindario.com/index_files/ 2 KB
632 B 49ms
48ms Stylesheet
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://bncaanacinnsopor.webcindario.com/index_files/css
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 css(1)
bncaanacinnsopor.webcindario.com/index_files/ 664 B
440 B 49ms
48ms Stylesheet
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://bncaanacinnsopor.webcindario.com/index_files/css(1)
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 css(2)
bncaanacinnsopor.webcindario.com/index_files/ 5 KB
743 B 49ms
49ms Stylesheet
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to

Full URL: https://bncaanacinnsopor.webcindario.com/index_files/css(2)
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: ab7baab728cf4fa117cbdd177d0d2f148a69f6ae40859bd3ee5624b5387ca70b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 logo.png
bncaanacinnsopor.webcindario.com/index_files/ 2 KB
2 KB 52ms
51ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bncaanacinnsopor.webcindario.com/index_files/logo.png
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: a11306b40a20c1d8d40e2746d1ee259b7556c00bcbc719e5e1065f02b7cc427c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
last-modified: Tue, 01 Feb 2022 18:47:29 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "61f98041-8ea"
content-type: image/png
accept-ranges: bytes
content-length: 2282

GET
H2 200 BNChat.png
bncaanacinnsopor.webcindario.com/index_files/ 5 KB
6 KB 52ms
51ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bncaanacinnsopor.webcindario.com/index_files/BNChat.png
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 2e4ecfa7866203cf7f8f705c2c9fffa8cdeb3b11bea0cae4399f6bc974b07b6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
last-modified: Tue, 01 Feb 2022 18:47:26 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "61f9803e-15c3"
content-type: image/png
accept-ranges: bytes
content-length: 5571

GET
H2 200 / Show response
hosting.miarroba.info/ 1 KB
1 KB 386ms
207ms Script
application/javascript 2606:4700:3037::ac43:bb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/?__muid=638198d0546c43b725cc98e64dd36e0c18db0ab5&h=2084679&t=1643798217&k=d5823bbddb78b063b8db83f6835428c8
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a86c076552139ce29f4eaf46e51289f44d2670e25ac52861765828a342b062ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: no-cache
last-modified: Wed, 02 Feb 2022 10:36:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=di2clqcdrNlD0MCkZpbDMhENPgZ7bpCm2rq%2BuxqpJyrSZ7z%2Fswmg8tuZZSoP6bA8hcneUqmmzlRNfkiQDzrv5M9F7Pp4exrDZO85uzChtDk3TlTAFqLOA5Hk1ZHr5VGCj1jHNTkdg5JGxLMIOjvA%2BZxPIuQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=iso-8859-1
cache-control: no-cache
cf-ray: 6d72c80b3e51915c-FRA
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 204 choice.js Show response
quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/bncaanacinnsopor.webcindario.com/ 0
327 B 226ms
45ms Script
text/plain 2600:9000:224a:1200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/bncaanacinnsopor.webcindario.com/choice.js
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:1200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:27 GMT
via: 1.1 27a205ba0937fb032aa2efb66ec66a80.cloudfront.net (CloudFront)
server: AmazonS3
age: 30
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: Hit from cloudfront
cache-control: max-age=900
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: C77Ma9rwNGwm0HbH99WGr3GfkQeteyqZ5vk17lgy1oaJn52iU5fuRg==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 134 KB
50 KB 227ms
49ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

73788da09357a6c0dc0451971cda471efc0df39bb24543a3205656d216313fac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 50257
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 02 Feb 2022 10:36:57 GMT

GET
H2 404 illustrationba1b.png
bncaanacinnsopor.webcindario.com/portal/illustration/ 9 KB
9 KB 49ms
46ms Image
text/html 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bncaanacinnsopor.webcindario.com/portal/illustration/illustrationba1b.png?id=183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 003dd7f9a648e970c0f3942899c1753aa656193ab736cc39f8e736e1c1a58049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: gzip
server: nginx
x-powered-by: Webcindario Hosting Service
vary: Accept-Encoding
content-type: text/html

GET
H2 200 fondo.jpg
bncaanacinnsopor.webcindario.com/images/bncr/ 83 KB
84 KB 48ms
46ms Image
image/jpeg 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bncaanacinnsopor.webcindario.com/images/bncr/fondo.jpg
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/index_files/style8f57.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: a25ba1b157ec936592d10b603b83173744a279f8be236e4dc3f25aab9fbbd452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/index_files/style8f57.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
last-modified: Tue, 01 Feb 2022 18:47:53 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "61f98059-14d8f"
content-type: image/jpeg
accept-ranges: bytes
content-length: 85391

GET
H2 200 firma.png
bncaanacinnsopor.webcindario.com/images/bncr/ 3 KB
3 KB 47ms
46ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bncaanacinnsopor.webcindario.com/images/bncr/firma.png
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/index_files/style8f57.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 52691c4f90034c90a93cb95cf2c62e8bfee3f2da454e5ad4195b89db97dfe446

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/index_files/style8f57.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
last-modified: Tue, 01 Feb 2022 18:47:51 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "61f98057-a10"
content-type: image/png
accept-ranges: bytes
content-length: 2576

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v12/ 18 KB
19 KB 169ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v12/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/index_files/style8f57.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bncaanacinnsopor.webcindario.com/
Origin: https://bncaanacinnsopor.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 04:12:39 GMT
x-content-type-options: nosniff
age: 109458
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18684
x-xss-protection: 0
last-modified: Tue, 07 Nov 2017 15:24:32 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 04:12:39 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
695 B 132ms
44ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:21:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Feb 2022 10:36:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Feb 2022 10:36:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 664 B
858 B 131ms
44ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 10:23:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Feb 2022 10:36:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Feb 2022 10:36:57 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
731 B 132ms
45ms Stylesheet
text/css 2a00:1450:4001:803::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:300,400&display=swap

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0202c1e41ee2a905889b0f4140b2853a48703fae16087f17292cbb75c0385ac0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 02 Feb 2022 09:10:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 02 Feb 2022 10:36:57 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 02 Feb 2022 10:36:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
18ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3723
date: Wed, 02 Feb 2022 09:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 02 Feb 2022 11:34:54 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 76ms
21ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: gzip
etag: "yoD6mq4JTyPdtDBolW+GUg=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Wed, 09 Feb 2022 10:36:57 GMT

GET
H2 200 rules-p-d5x2uDVHd7ALE.js Show response
rules.quantcount.com/ 3 B
439 B 85ms
21ms Script
application/javascript 2600:9000:206f:de00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:de00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 07:27:10 GMT
via: 1.1 106758604a7f1ae0fa6678cd3d828d62.cloudfront.net (CloudFront)
age: 12821
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:57:48 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: JcSsXHfVxaQPrgfi8PEO2x-Bg2O5QKFWy1wMvDJQoTZz5bR6K7mPDQ==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
218 B 29ms
27ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=271631417&t=pageview&_s=1&dl=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Banco%20Nacional%20de%20Costa%20Rica.%20Inicio%20de%20Sesion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=31959944&gjid=187193398&cid=1400663557.1643798218&tid=UA-597118-7&_gid=1595851000.1643798218&_r=1&gtm=2wg1v0T2VG59&z=599785798

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bncaanacinnsopor.webcindario.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bncaanacinnsopor.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
27ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=271631417&t=pageview&_s=1&dl=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Banco%20Nacional%20de%20Costa%20Rica.%20Inicio%20de%20Sesion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABCAAAAC~&jid=2116633102&gjid=1285424933&cid=1400663557.1643798218&tid=UA-597118-1&_gid=1595851000.1643798218&_r=1&gtm=2wg1v0T2VG59&z=776634215

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bncaanacinnsopor.webcindario.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bncaanacinnsopor.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
453 B 99ms
29ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-597118-7&cid=1400663557.1643798218&jid=31959944&gjid=187193398&_gid=1595851000.1643798218&_u=YEBAAAAACAAAAC~&z=1504699558

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bncaanacinnsopor.webcindario.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 02 Feb 2022 10:36:57 GMT
content-type: text/plain
access-control-allow-origin: https://bncaanacinnsopor.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
des.smartclip.net/ 20 B
358 B 117ms
30ms Script
application/javascript 35.186.194.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=638198d0546c43b725cc98e64dd36e0c18db0ab5&sz=400x320&rnd=11590245
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.194.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 101.194.186.35.bc.googleusercontent.com
Software: openresty/1.19.9.1 /
Resource Hash: 7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-encoding: gzip
sc-supply-network: 999999
vary: Accept-Encoding
p3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
via: 1.1 google
sc-uuid: 18b12c8d-c95e-fa61-5210-fe0915dc6394
access-control-allow-credentials: true
sc-device-type: PC
content-type: application/javascript; charset=utf-8
alt-svc: clear
server: openresty/1.19.9.1

GET
H2 200 lz_loader.js Show response
img.sunmediaads.com/ads/ 112 KB
113 KB 95ms
22ms Script
text/javascript 205.185.216.10
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 205.185.216.10 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS: map2.hwcdn.net
Software: /
Resource Hash: 7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
last-modified: Sun, 05 Apr 2020 16:15:53 GMT
etag: "1586103353"
x-hw: 1643798217.dop143.fr8.t,1643798217.cds240.fr8.hn,1643798217.cds208.fr8.c
content-type: text/javascript
cache-control: max-age=0
accept-ranges: bytes
content-length: 115125

POST
H3 200 607f6b0b381bbc1f64fa027d62891072_cookie.php Show response
hosting.miarroba.info/ Frame 025E 46 B
691 B 215ms
170ms Document
text/html 2606:4700:3037::ac43:bb46
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hosting.miarroba.info/607f6b0b381bbc1f64fa027d62891072_cookie.php
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::ac43:bb46 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://bncaanacinnsopor.webcindario.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/

Response headers

date: Wed, 02 Feb 2022 10:36:57 GMT
content-type: text/html; charset=iso-8859-1
vary: Accept-Encoding
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M3Q6LbemmJ6bF%2FQeRsTLuAuqK%2BtHSH8CTRJdiCxEstbgQImxqplnPktLQ2qiJW0fvup9wwqb46JwsuCUPv8b0DH3ahCDItA1mfwMxkngsHlIOOtBnpy%2BBWQaYnKey7HHK2sqgr0TRWVjQQlrO3uLXIJoeYc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d72c80d3d88901c-FRA
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 71ms
30ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-597118-1&cid=1400663557.1643798218&jid=2116633102&gjid=1285424933&_gid=1595851000.1643798218&_u=YEDAAAABCAAAAC~&z=123884652

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bncaanacinnsopor.webcindario.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 02 Feb 2022 10:36:57 GMT
content-type: text/plain
access-control-allow-origin: https://bncaanacinnsopor.webcindario.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 123ms
64ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-597118-7&cid=1400663557.1643798218&jid=31959944&_u=YEBAAAAACAAAAC~&z=537122277

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
501 B 103ms
43ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-597118-7&cid=1400663557.1643798218&jid=31959944&_u=YEBAAAAACAAAAC~&z=537122277

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 103ms
44ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-597118-1&cid=1400663557.1643798218&jid=2116633102&_u=YEDAAAABCAAAAC~&z=398215096

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.se/ads/ 42 B
107 B 104ms
44ms Image
image/gif 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.se/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-597118-1&cid=1400663557.1643798218&jid=2116633102&_u=YEDAAAABCAAAAC~&z=398215096

Requested by

Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:57 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK zone.php Show response
play.sunmediaads.com/red/ 1005 B
2 KB 239ms
55ms Script
text/html 212.92.55.8
NEXICA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=9732271760.03777577282055544
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 212.92.55.8 Vilanova de la Roca, Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS: unamed.nexica.net
Software: Apache /
Resource Hash: be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Wed, 02 Feb 2022 10:13:20 GMT
Server: Apache
Connection: close
Content-Length: 1005
Content-Type: text/html; charset=UTF-8

GET
H3 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v27/ 16 KB
16 KB 60ms
25ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bncaanacinnsopor.webcindario.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 01 Feb 2022 18:59:48 GMT
x-content-type-options: nosniff
age: 56230
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16692
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:32:10 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 01 Feb 2023 18:59:48 GMT

GET
H2 200 logo.png
bncaanacinnsopor.webcindario.com/images/bncr/ 2 KB
2 KB 52ms
51ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bncaanacinnsopor.webcindario.com/images/bncr/logo.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: a11306b40a20c1d8d40e2746d1ee259b7556c00bcbc719e5e1065f02b7cc427c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:58 GMT
last-modified: Tue, 01 Feb 2022 18:47:52 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "61f98058-8ea"
content-type: image/png
accept-ranges: bytes
content-length: 2282

GET
H2 200 BNChat.png
bncaanacinnsopor.webcindario.com/images/bncr/ 5 KB
6 KB 51ms
51ms Image
image/png 5.57.226.202
SERVIHOSTING-AS A...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bncaanacinnsopor.webcindario.com/images/bncr/BNChat.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software: nginx / Webcindario Hosting Service
Resource Hash: 2e4ecfa7866203cf7f8f705c2c9fffa8cdeb3b11bea0cae4399f6bc974b07b6f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:58 GMT
last-modified: Tue, 01 Feb 2022 18:47:50 GMT
server: nginx
x-powered-by: Webcindario Hosting Service
etag: "61f98056-15c3"
content-type: image/png
accept-ranges: bytes
content-length: 5571

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 21ms
20ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=271631417&t=timing&_s=2&dl=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Banco%20Nacional%20de%20Costa%20Rica.%20Inicio%20de%20Sesion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1170&pdt=50&dns=0&rrt=0&srt=68&tcp=97&dit=923&clt=923&_gst=753&_gbt=849&_cst=475&_cbt=749&_u=YEDAAAABCAAAAC~&jid=&gjid=&cid=1400663557.1643798218&tid=UA-597118-7&_gid=1595851000.1643798218&gtm=2wg1v0T2VG59&z=858625854

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 23:01:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41713
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 22ms
22ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=271631417&t=timing&_s=2&dl=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Banco%20Nacional%20de%20Costa%20Rica.%20Inicio%20de%20Sesion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1170&pdt=50&dns=0&rrt=0&srt=68&tcp=97&dit=923&clt=923&_gst=753&_gbt=849&_cst=475&_cbt=749&_u=YEDAAAABCAAAAC~&jid=&gjid=&cid=1400663557.1643798218&tid=UA-597118-1&_gid=1595851000.1643798218&gtm=2wg1v0T2VG59&z=27780556

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 23:01:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41713
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 8c4105a4-90ec-434c-bf14-82b194e3019f.js Show response
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 283 KB
96 KB 316ms
34ms Script
application/javascript 51.89.64.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.64.207 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3168032.ip-51-89-64.eu
Software: nginx /
Resource Hash: ac27f5d810d51be0688a4967d2165af0f566f106aa52f39dd1facd5736703e43

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:58 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 25 Jan 2022 10:17:01 GMT
server: nginx
age: 692266
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 98005
accept-ranges: bytes
x-device: mobile

GET
H2 200 / Show response
servingcdn.net/ 32 KB
32 KB 396ms
151ms Script
application/javascript 18.222.46.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Requested by: Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.222.46.171 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-222-46-171.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: c1bd2dfa7afeb49308aa75d948b12b099602f1fe264dcae3e20abfb10176b415

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:58 GMT
server: nginx/1.20.0
x-powered-by: Express
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 32395
expires: -1

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 55ms
51ms Script
application/javascript 51.89.64.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=https%253A%252F%252Fbncaanacinnsopor.webcindario.com%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.64.207 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3168032.ip-51-89-64.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:58 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 1025139
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 postscribe.min.js Show response
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 17 KB
6 KB 116ms
31ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js

Requested by

Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:58 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 694483
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5117
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:15:38 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03faa-45f4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kGa1ULitI3uZggE2bsEStTr%2Fm8IaXbqsQQy99jMuP7L1e5d8uJYdTb1E626XauCqj8%2B21XAdWzuXuymae3PacUbM9Id2la5%2FtKuKIIoVxFxRf90AN1S6vWvg3bP3%2BXCMOqyiEsvyIJa9roWT07b94zjX"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6d72c813cfa99267-FRA
expires: Mon, 23 Jan 2023 10:36:58 GMT

GET
H2 200 b50000f8-170a-4dc8-a66e-61993d94c500.js Show response
static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/ 281 KB
96 KB 26ms
26ms Script
application/javascript 51.89.64.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.64.207 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3168032.ip-51-89-64.eu
Software: nginx /
Resource Hash: 4f9dfae03d34c74a8978c3abf9a1afc45acdf6e905168c3ccce24bb3e13d3735

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:58 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Tue, 25 Jan 2022 10:17:07 GMT
server: nginx
age: 692330
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/javascript
cache-control: max-age=0, s-maxage=2592001
access-control-allow-credentials: true
content-length: 97670
accept-ranges: bytes
x-device: mobile

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 37ms
36ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=271631417&t=timing&_s=3&dl=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Banco%20Nacional%20de%20Costa%20Rica.%20Inicio%20de%20Sesion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1170&pdt=50&dns=0&rrt=0&srt=68&tcp=97&dit=923&clt=923&_gst=753&_gbt=849&_cst=475&_cbt=749&_u=YEDAAAABCAAAAC~&jid=&gjid=&cid=1400663557.1643798218&tid=UA-597118-7&_gid=1595851000.1643798218&gtm=2wg1v0T2VG59&z=777184377

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 23:01:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41713
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 35ms
35ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=271631417&t=timing&_s=3&dl=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&ul=en-us&de=UTF-8&dt=Banco%20Nacional%20de%20Costa%20Rica.%20Inicio%20de%20Sesion&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=1170&pdt=50&dns=0&rrt=0&srt=68&tcp=97&dit=923&clt=923&_gst=753&_gbt=849&_cst=475&_cbt=749&_u=YEDAAAABCAAAAC~&jid=&gjid=&cid=1400663557.1643798218&tid=UA-597118-1&_gid=1595851000.1643798218&gtm=2wg1v0T2VG59&z=42713200

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 01 Feb 2022 23:01:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41713
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adblockDetector.min.js Show response
static.sunmedia.tv/AdBlockDetection/ 3 KB
2 KB 18ms
18ms Script
application/javascript 51.89.64.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sunmedia.tv/AdBlockDetection/adblockDetector.min.js?abf=_smartads_%7C-ad-plugin-%7C-google-ads-%7C-google2-ad-&ref=https%253A%252F%252Fbncaanacinnsopor.webcindario.com%252F
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/b50000f8-170a-4dc8-a66e-61993d94c500/b50000f8-170a-4dc8-a66e-61993d94c500.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.64.207 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3168032.ip-51-89-64.eu
Software: nginx /
Resource Hash: 051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:58 GMT
content-encoding: gzip
tp-cache: HIT
last-modified: Mon, 21 Dec 2020 17:00:21 GMT
server: nginx
age: 1025139
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800, s-maxage=2592000
x-device: mobile
accept-ranges: bytes
content-length: 1634

GET
H2 200 geocity.php Show response
services.sunmedia.tv/geotarget/ 470 B
725 B 113ms
33ms XHR
application/json 141.94.102.46
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://services.sunmedia.tv/geotarget/geocity.php
Requested by: Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 141.94.102.46 , France, ASN16276 (OVH, FR),
Reverse DNS: ns31432935.ip-141-94-102.eu
Software: nginx /
Resource Hash: b79504f9edc481b6b6123dfa49d8f510ad32a58425eef2a8563822fa8565552f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:59 GMT
tp-cache: HIT
server: nginx
age: 2109
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bncaanacinnsopor.webcindario.com
cache-control: max-age=0, s-maxage=2592000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 470

GET
H2 200 cr Show response
jnxm2.com/ Frame 5143 15 KB
16 KB 363ms
115ms Document
text/html 18.189.54.62
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jnxm2.com/cr?ref=https%3A%2F%2Fbncaanacinnsopor.webcindario.com
Requested by: Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.189.54.62 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-54-62.us-east-2.compute.amazonaws.com
Software: nginx/1.20.0 / Express
Resource Hash: 6e2917fb2d1477e04f035da63ce2290a4ee80dd3049f43d898b12166dd07e494

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/

Response headers

date: Wed, 02 Feb 2022 10:36:59 GMT
content-type: text/html; charset=utf-8
content-length: 15725
server: nginx/1.20.0
x-powered-by: Express
access-control-allow-origin: *
etag: W/"3d6d-8OoVQHHv3HY3bEU94cLWimIJ1B0"

GET
H2 200 pandg-sdk.js Show response
pghub.io/js/ 14 KB
4 KB 67ms
19ms Script
application/javascript 35.241.45.217
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pghub.io/js/pandg-sdk.js
Requested by: Host: bncaanacinnsopor.webcindario.com
URL: https://bncaanacinnsopor.webcindario.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 217.45.241.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 09:43:11 GMT
content-encoding: gzip
age: 3228
x-guploader-uploadid: ADPycdvKzKjcXTXpEs5JB9YaePROyMWXfp2Uzg1XE4O78v8jFaM3xWOsDxAsaPemJCqBJON4jqVDp0cR_Lc4ngU3AYI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3637
last-modified: Mon, 22 Nov 2021 21:22:46 GMT
server: UploadServer
etag: "9f5012774da47c70284c82ae0ce443d7"
vary: Accept-Encoding
x-goog-hash: crc32c=oAHW2w==, md5=n1ASd02kfHAoTIKuDORD1w==
x-goog-generation: 1637616166247508
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public,max-age=3600
x-goog-stored-content-length: 3637
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 32ms
17ms Image
image/gif 51.89.64.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.64.207 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3168032.ip-51-89-64.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:59 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1025139
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H2 200 /
track.sunmedia.tv/ 42 B
278 B 17ms
17ms Image
image/gif 51.89.64.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track.sunmedia.tv/?ap=smptf&it=b50000f8-170a-4dc8-a66e-61993d94c500&tp=op&pb=1&pos=0&loop=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 51.89.64.207 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS: ns3168032.ip-51-89-64.eu
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:59 GMT
tp-cache: HIT
last-modified: Thu, 15 Nov 2018 09:59:07 GMT
server: nginx
age: 1025139
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=0, s-maxage=31536000
access-control-allow-credentials: true
x-device: mobile
accept-ranges: bytes
content-length: 42

GET
H2 200 tag Show response
pandg.tapad.com/ Frame AA37 188 B
694 B 108ms
37ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

44b2b4377f82d79ecd1dc08670cf8f1a8691cb74914bedca2843113314138e27

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/

Response headers

date: Wed, 02 Feb 2022 10:36:59 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2 200 tag Show response
pandg.tapad.com/ Frame 0047 188 B
432 B 98ms
38ms Document
text/html 35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: pghub.io
URL: https://pghub.io/js/pandg-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

7039da3b18f7b1e742365e7820a8e06610360e68503a0560b2706e4f8fa0d06b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://bncaanacinnsopor.webcindario.com/

Response headers

date: Wed, 02 Feb 2022 10:36:59 GMT
strict-transport-security: max-age=31536000
content-security-policy: default-src 'none';img-src https://*.tapad.com https://match.adsrvr.org
access-control-max-age: 300
access-control-allow-origin: *
content-type: text/html;charset=utf-8
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 188
via: 1.1 google
alt-svc: clear

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame AA37
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d2727945-5572-4fe2-b2f7-3fb29e6b22d1&gdpr=&gdpr_consent=${gdpr_consent}
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=d2727945-5572-4fe2-b2f7-3fb29e6b22d1&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d5477ed6-ed73-4418-99bf-8c1f66b640fb&ttd_puid=d2727945-5572-4fe2-b2f7-3fb29e6b22d1

95 B
419 B

28ms
27ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d5477ed6-ed73-4418-99bf-8c1f66b640fb&ttd_puid=d2727945-5572-4fe2-b2f7-3fb29e6b22d1

Requested by

Host: pandg.tapad.com
URL: https://pandg.tapad.com/tag?gdpr=%24%7Bgdpr%7D&gdpr_consent=%24%7Bgdpr_consent%7D&referrer_url=&page_url=https%3A%2F%2Fbncaanacinnsopor.webcindario.com%2F&owner=P%26G&bp_id=sunmedia&data=%7B%22category%22%3A%22Hobbies%20and%20Interests%22%7D

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:59 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d5477ed6-ed73-4418-99bf-8c1f66b640fb&ttd_puid=d2727945-5572-4fe2-b2f7-3fb29e6b22d1
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

GET
H2

200

receive
pixel.tapad.com/idsync/ex/ Frame 0047
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ce539bde-bb3d-49d4-814a-31a9fc394aa7&gdpr=&gdpr_consent=${gdpr_consent}
https://match.adsrvr.org/track/cmb/generic?ttd_pid=tapad&ttd_tpi=1&ttd_puid=ce539bde-bb3d-49d4-814a-31a9fc394aa7&gdpr=&gdpr_consent=${gdpr_consent}
https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d5477ed6-ed73-4418-99bf-8c1f66b640fb&ttd_puid=ce539bde-bb3d-49d4-814a-31a9fc394aa7

95 B
430 B

27ms
26ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d5477ed6-ed73-4418-99bf-8c1f66b640fb&ttd_puid=ce539bde-bb3d-49d4-814a-31a9fc394aa7

Requested by

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pandg.tapad.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 02 Feb 2022 10:36:59 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

pragma: no-cache
date: Wed, 02 Feb 2022 10:36:59 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.tapad.com/idsync/ex/receive?partner_id=1830&partner_device_id=d5477ed6-ed73-4418-99bf-8c1f66b640fb&ttd_puid=ce539bde-bb3d-49d4-814a-31a9fc394aa7
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 347

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Banco Nacional (Banking)

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.webcindario.com/	1970-01-25 20:31:23	Name: __muid Value: 638198d0546c43b725cc98e64dd36e0c18db0ab5
.bncaanacinnsopor.webcindario.com/	1970-01-20 18:07:50	Name: _ga Value: GA1.3.1400663557.1643798218
.bncaanacinnsopor.webcindario.com/	1970-01-20 00:38:04	Name: _gid Value: GA1.3.1595851000.1643798218
.bncaanacinnsopor.webcindario.com/	1970-01-20 00:36:38	Name: _gat_UA-597118-7 Value: 1
.bncaanacinnsopor.webcindario.com/	1970-01-20 00:36:38	Name: _gat_UA-597118-1 Value: 1
.sunmediaads.com/	1970-01-20 09:22:14	Name: lz_frecy Value: %7B%22HEZRL65RXYI2%22%3A%7B%22times%22%3A1%2C%22time%22%3A1643842800%7D%7D
.sunmediaads.com/	1970-01-20 09:22:14	Name: lz_frecy_crea Value: %7B%22HEZRL65RXYI2%22%3A%7B%221%22%3A%7B%22visto%22%3A1%2C%22time%22%3A1643842800%7D%7D%7D
.adsrvr.org/	1970-01-20 09:22:14	Name: TDID Value: d5477ed6-ed73-4418-99bf-8c1f66b640fb
.adsrvr.org/	1970-01-20 09:22:14	Name: TDCPM Value: CAESFAoFdGFwYWQSCwjW2fOYv5CzOhAFGAUgASgCMgsInpy1xdWQszoQBTgB
.tapad.com/	1970-01-20 02:03:02	Name: TapAd_3WAY_SYNCS Value: 1!802
.tapad.com/	1970-01-20 02:03:02	Name: TapAd_TS Value: 1643798219522
.tapad.com/	1970-01-20 02:03:02	Name: TapAd_DID Value: d5477ed6-ed73-4418-99bf-8c1f66b640fb

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bncaanacinnsopor.webcindario.com/portal/illustration/illustrationba1b.png?id=183128A3C941EDE3D9199FA37D6AA90E0A7DFE101B37D10B4FEDA0CF35E11AFD&rp=37d0e840-bdc3-e911-90f3-005056b6cfbb Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bncaanacinnsopor.webcindario.com
cdnjs.cloudflare.com
des.smartclip.net
fonts.googleapis.com
fonts.gstatic.com
hosting.miarroba.info
img.sunmediaads.com
jnxm2.com
match.adsrvr.org
pandg.tapad.com
pghub.io
pixel.tapad.com
play.sunmediaads.com
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
services.sunmedia.tv
servingcdn.net
static.sunmedia.tv
stats.g.doubleclick.net
track.sunmedia.tv
www.google-analytics.com
www.google.com
www.google.se
www.googletagmanager.com
141.94.102.46
18.189.54.62
18.222.46.171
205.185.216.10
212.92.55.8
2600:9000:206f:de00:6:44e3:f8c0:93a1
2600:9000:224a:1200:9:46dc:4700:93a1
2606:4700:3037::ac43:bb46
2606:4700::6810:135e
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:803::200a
2a00:1450:4001:813::2003
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82f::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9c
35.186.194.101
35.227.248.159
35.241.45.217
5.57.226.202
51.89.64.207
52.223.40.198
003dd7f9a648e970c0f3942899c1753aa656193ab736cc39f8e736e1c1a58049
0202c1e41ee2a905889b0f4140b2853a48703fae16087f17292cbb75c0385ac0
051a4df5ca07ec7979f14e486352a62c72733c9aabb6528adaddc9a911fbfca3
05410fbe1192a21525520421f6ddce4a065a94658a42146ae707a814926fa77d
08f3d7de7aea50ee4f77098ffd4ecce4d803a35b21285f45e6b72e3a497d7122
19603242f3bfa5b6cf922d65bc2353813d1b4c3a4b970638f3fa1c5b6dd39a88
2e4ecfa7866203cf7f8f705c2c9fffa8cdeb3b11bea0cae4399f6bc974b07b6f
3a57826dd4437403ec9dffe3d8a907466926d7123e4a765ec724d79ae24e1d54
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
44b2b4377f82d79ecd1dc08670cf8f1a8691cb74914bedca2843113314138e27
4ab7918478793ceb022d3f5449e401b44b78d87bc4429058ebb8b64163640da2
4f9dfae03d34c74a8978c3abf9a1afc45acdf6e905168c3ccce24bb3e13d3735
52691c4f90034c90a93cb95cf2c62e8bfee3f2da454e5ad4195b89db97dfe446
6e2917fb2d1477e04f035da63ce2290a4ee80dd3049f43d898b12166dd07e494
7039da3b18f7b1e742365e7820a8e06610360e68503a0560b2706e4f8fa0d06b
7285303c6f1bd19a091fb8046d1c43704c3f846461b957fe4198c3e051fce7eb
73788da09357a6c0dc0451971cda471efc0df39bb24543a3205656d216313fac
7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
9cd1b5630bcc34ecc71dbcbdfe45ddb9ed3cb4c0464a2abeb76bcc490635e376
a11306b40a20c1d8d40e2746d1ee259b7556c00bcbc719e5e1065f02b7cc427c
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a25ba1b157ec936592d10b603b83173744a279f8be236e4dc3f25aab9fbbd452
a579cbff7cdab4de97a519fe603d43a88a5fa053eec4836e18626a84369377ab
a86c076552139ce29f4eaf46e51289f44d2670e25ac52861765828a342b062ad
ab7baab728cf4fa117cbdd177d0d2f148a69f6ae40859bd3ee5624b5387ca70b
ac27f5d810d51be0688a4967d2165af0f566f106aa52f39dd1facd5736703e43
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b79504f9edc481b6b6123dfa49d8f510ad32a58425eef2a8563822fa8565552f
be5eeb099a1cf713146da66dd7c33e478e64d3c021a1a08fc21ba103064951a9
be73cab6c4c09afb515cd2c2b637cbfbd5d3ed3af0a8f6e153c6288684d5cdd3
c1bd2dfa7afeb49308aa75d948b12b099602f1fe264dcae3e20abfb10176b415
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cce577471c2586f3e0c2518fff84a970d33f61491fb8c629341b86f238cf07c0
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

bncaanacinnsopor.webcindario.com Open in urlscan Pro 5.57.226.202 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

54 Requests

96 %HTTPS

52 %IPv6

21 Domains

25 Subdomains

22 IPs

6 Countries

625 kBTransfer

1218 kBSize

12 Cookies

1 Outgoing links

Redirected requests

54 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bncaanacinnsopor.webcindario.com Open in urlscan Pro
5.57.226.202 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

54
Requests

96 %
HTTPS

52 %
IPv6

21
Domains

25
Subdomains

22
IPs

6
Countries

625 kB
Transfer

1218 kB
Size

12
Cookies

54 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!