urlscan.io logo urlscan.io
SecurityTrails logo

amzservice.webcindario.com Open in urlscan Pro
5.57.226.202  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://amzservice.webcindario.com/files
Effective URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Submission: On December 06 via manual from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 8 countries across 19 domains to perform 42 HTTP transactions. The main IP is 5.57.226.202, located in Madrid, Spain and belongs to SERVIHOSTING-AS AireNetworks, ES. The main domain is amzservice.webcindario.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on October 7th 2020. Valid for: 3 months.
This is the only time amzservice.webcindario.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Generic (Online) Amazon (Online)

Domain & IP information

IP Address AS Autonomous System
3 10 5.57.226.202 29119 (SERVIHOST...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:210... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 54.194.51.120 16509 (AMAZON-02)
1 89.255.248.54 60626 (LEASEWEBCDN)
3 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:210... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 212.92.55.6 24592 (NEXICA-AS)
5 51.89.234.150 16276 (OVH)
1 3.131.72.148 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 51.89.67.82 16276 (OVH)
6 2a02:26f0:2b0... 20940 (AKAMAI-ASN1)
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2600:9000:206... 16509 (AMAZON-02)
1 94.130.216.200 24940 (HETZNER-AS)
1 18.195.194.125 16509 (AMAZON-02)
42 22
10    5.57.226.202 (Madrid, Spain)

ASN29119 (SERVIHOSTING-AS AireNetworks, ES)
amzservice.webcindario.com
1    2606:4700:20::681a:dc8 (United States)

ASN13335 (CLOUDFLARENET, US)
hosting.miarroba.info
1    2600:9000:2104:fc00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)
quantcast.mgr.consensu.org
1    2a00:1450:4001:817::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    54.194.51.120 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-51-120.eu-west-1.compute.amazonaws.com
des.smartclip.net
1    89.255.248.54 (Netherlands)

ASN60626 (LEASEWEBCDN, NL)
img.sunmediaads.com
3    2a00:1450:4001:824::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
1    2600:9000:2104:b800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:400c:c09::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:820::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    212.92.55.6 (Spain)

ASN24592 (NEXICA-AS, ES)
PTR: unamed.nexica.net
play.sunmediaads.com
5    51.89.234.150 (France)

ASN16276 (OVH, FR)
PTR: ns31195936.ip-51-89-234.eu
static.sunmedia.tv
track.sunmedia.tv
1    3.131.72.148 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-131-72-148.us-east-2.compute.amazonaws.com
servingcdn.net
1    2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    51.89.67.82 (France)

ASN16276 (OVH, FR)
PTR: ns3166667.ip-51-89-67.eu
services.sunmedia.tv
6    2a02:26f0:2b00:12::5f64:5542 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
ads.projectagoraservices.com
1    2606:4700:3037::6812:3d5e (United States)

ASN13335 (CLOUDFLARENET, US)
projectagora.net
1    2600:9000:206f:1a00:15:efbc:e300:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.agkn.com
1    94.130.216.200 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: cm023.richaudience.com
sync.richaudience.com
1    18.195.194.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-194-125.eu-central-1.compute.amazonaws.com
d.agkn.com
Domain Requested by
10 amzservice.webcindario.com 3 redirects amzservice.webcindario.com
6 ads.projectagoraservices.com cdnjs.cloudflare.com
4 static.sunmedia.tv amzservice.webcindario.com
static.sunmedia.tv
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.google.de amzservice.webcindario.com
2 www.google.com amzservice.webcindario.com
2 stats.g.doubleclick.net www.google-analytics.com
1 d.agkn.com js.agkn.com
1 track.sunmedia.tv
1 sync.richaudience.com amzservice.webcindario.com
1 js.agkn.com amzservice.webcindario.com
1 projectagora.net ads.projectagoraservices.com
1 services.sunmedia.tv static.sunmedia.tv
1 cdnjs.cloudflare.com servingcdn.net
1 servingcdn.net img.sunmediaads.com
1 play.sunmediaads.com img.sunmediaads.com
1 rules.quantcount.com secure.quantserve.com
1 secure.quantserve.com www.googletagmanager.com
1 img.sunmediaads.com amzservice.webcindario.com
1 des.smartclip.net amzservice.webcindario.com
1 www.googletagmanager.com amzservice.webcindario.com
1 quantcast.mgr.consensu.org amzservice.webcindario.com
1 hosting.miarroba.info amzservice.webcindario.com
42 23

This site contains no links.

Subject Issuer Validity Valid
webcindario.com
Let's Encrypt Authority X3		 2020-10-07 -
2021-01-05		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2020-07-16 -
2021-07-16		 a year crt.sh
quantcast.mgr.consensu.org
Amazon		 2020-05-22 -
2021-06-22		 a year crt.sh
*.google-analytics.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.smartclip.net
Amazon		 2020-02-29 -
2021-03-29		 a year crt.sh
leadzuin.com
Sectigo RSA Domain Validation Secure Server CA		 2020-06-13 -
2021-07-13		 a year crt.sh
*.quantserve.com
DigiCert SHA2 High Assurance Server CA		 2020-10-02 -
2021-10-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.com
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
www.google.de
GTS CA 1O1		 2020-11-03 -
2021-01-26		 3 months crt.sh
*.sunmedia.tv
COMODO RSA Domain Validation Secure Server CA		 2018-01-19 -
2021-01-18		 3 years crt.sh
servingcdn.net
Sectigo RSA Domain Validation Secure Server CA		 2020-10-06 -
2021-11-06		 a year crt.sh
paadserver.projectagora.info
Let's Encrypt Authority X3		 2020-10-08 -
2021-01-06		 3 months crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
*.richaudience.com
RapidSSL RSA CA 2018		 2019-03-07 -
2021-04-05		 2 years crt.sh

This page contains 2 frames:

Primary Page: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Frame ID: 0BD9EB07E95A8ACCC97F93E4AFF7EAD4
Requests: 41 HTTP requests in this frame

Frame: https://d.agkn.com/iframe/8613/?che=243961034&gdpr=&gdpr_consent=&ref=https%3A%2F%2Famzservice.webcindario.com%2Ffiles%2F&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Famzservice.webcindario.com%2Ffiles%2Fsnxpl%2Flogin.php%3Fp%3D0%26sessionid%3Dca43432fb553f2bc681b8d36abb0260698651592%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22https%3A%2F%2Famzservice.webcindario.com%2Ffiles%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Frame ID: 92B7B3B8FFCF16D2965026AEB607F604
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://amzservice.webcindario.com/files/snxpl HTTP 301
    https://amzservice.webcindario.com/files/snxpl/ HTTP 302
    https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592 Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

42
Requests

100 %
HTTPS

59 %
IPv6

19
Domains

23
Subdomains

22
IPs

8
Countries

365 kB
Transfer

1069 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://amzservice.webcindario.com/files/snxpl HTTP 301
    https://amzservice.webcindario.com/files/snxpl/ HTTP 302
    https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0
  • https://amzservice.webcindario.com/files HTTP 301
  • https://amzservice.webcindario.com/files/

42 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
amzservice.webcindario.com/files/
Redirect Chain
  • https://amzservice.webcindario.com/files
  • https://amzservice.webcindario.com/files/
0
297 B 		Document
General
Check archive.org
Download Go to
Full URL
https://amzservice.webcindario.com/files/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method
GET
:authority
amzservice.webcindario.com
:scheme
https
:path
/files/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__muid=9187184b343762620d336d41166fc6567dd85148
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server
nginx
date
Sun, 06 Dec 2020 17:04:29 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
set-cookie
PHPSESSID=43c51eae987cbd6694c0cd389de48fd0; path=/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
refresh
0; url=snxpl
x-powered-by
Webcindario Hosting Service
content-encoding
gzip

Redirect headers

server
nginx
date
Sun, 06 Dec 2020 17:04:28 GMT
content-type
text/html
location
https://amzservice.webcindario.com/files/
set-cookie
__muid=9187184b343762620d336d41166fc6567dd85148; Domain=.webcindario.com; Path=/; Expires=Tue, 19 Jan 2038 03:14:11 GMT; HttpOnly
x-powered-by
Webcindario Hosting Service
Primary Request login.php
amzservice.webcindario.com/files/snxpl/
Redirect Chain
  • https://amzservice.webcindario.com/files/snxpl
  • https://amzservice.webcindario.com/files/snxpl/
  • https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
14 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
fa230486988ad1b06d1cf2b052fe025844aeb63919998079b197fc1c93039e8b

Request headers

:method
GET
:authority
amzservice.webcindario.com
:scheme
https
:path
/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
document
referer
https://amzservice.webcindario.com/files/
accept-encoding
gzip, deflate, br
accept-language
en-US
cookie
__muid=9187184b343762620d336d41166fc6567dd85148; PHPSESSID=43c51eae987cbd6694c0cd389de48fd0
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://amzservice.webcindario.com/files/

Response headers

server
nginx
date
Sun, 06 Dec 2020 17:04:30 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-powered-by
Webcindario Hosting Service
content-encoding
gzip

Redirect headers

server
nginx
date
Sun, 06 Dec 2020 17:04:30 GMT
content-type
text/html; charset=UTF-8
location
login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-powered-by
Webcindario Hosting Service
functions.js
amzservice.webcindario.com/files/snxpl/assets/js/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amzservice.webcindario.com/files/snxpl/assets/js/functions.js
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:30 GMT
content-encoding
gzip
last-modified
Sun, 06 Dec 2020 17:04:29 GMT
server
nginx
x-powered-by
Webcindario Hosting Service
etag
W/"5fcd0f1d-4f65"
vary
Accept-Encoding
content-type
application/javascript
/
hosting.miarroba.info/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hosting.miarroba.info/?__muid=9187184b343762620d336d41166fc6567dd85148&h=2042843&t=1607274270&k=da22f74614d0559aca25655839d8218d
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:dc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e43899d2f27ba4284ef6002196f02f6544b46fc093ab410a31bdb9fa57b87dc

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:30 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"report_to":"cf-nel","max_age":604800}
p3p
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
cf-request-id
06da9c272d000064853c01b000000001
pragma
no-cache
last-modified
Sun, 06 Dec 2020 17:04:30 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XQP4CYVXU6uyWReidJxfDnX5FArIzXgr%2FJMBCSqxjRghJbtyHNtI0iIdl9w3iWUJ7q2iCLlDOXtGrKU7yD3jZ8JDAedf7Hj%2FVpmZy1ck2Qggi9MZ2Vzym8FpwALIrb3LfoE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=iso-8859-1
cache-control
no-cache
cf-ray
5fd7961ea8756485-FRA
expires
Mon, 26 Jul 1997 05:00:00 GMT
choice.js
quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/amzservice.webcindario.com/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://quantcast.mgr.consensu.org/choice/d5x2uDVHd7ALE/amzservice.webcindario.com/choice.js
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:fc00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 16:53:49 GMT
via
1.1 bdba42cf1410fb617eeb4ffd3e0b9cb7.cloudfront.net (CloudFront)
etag
"d41d8cd98f00b204e9800998ecf8427e"
last-modified
Thu, 21 May 2020 21:03:42 GMT
server
AmazonS3
age
1160
x-amz-server-side-encryption
AES256
x-cache
Error from cloudfront
content-type
text/html
cache-control
public, max-age=7200
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
0
x-amz-cf-id
510tHnV6YIkUymvsWKzq_2fS5cNLsuXjn-Kwitdh3TS_1B4Itdy-pw==
gtm.js
www.googletagmanager.com/ 		109 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:817::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
68f5bd96d81f1d6fb964f93395fca5f9d0fafc4d4e3f3394793de2ecd73e2a8e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:30 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
41200
x-xss-protection
0
last-modified
Sun, 06 Dec 2020 15:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sun, 06 Dec 2020 17:04:30 GMT
jquery-3.1.1.min.js
amzservice.webcindario.com/files/snxpl/assets/js/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amzservice.webcindario.com/files/snxpl/assets/js/jquery-3.1.1.min.js
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:30 GMT
content-encoding
gzip
last-modified
Sun, 06 Dec 2020 17:04:29 GMT
server
nginx
x-powered-by
Webcindario Hosting Service
etag
W/"5fcd0f1d-152b5"
vary
Accept-Encoding
content-type
application/javascript
style.css
amzservice.webcindario.com/files/snxpl/assets/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://amzservice.webcindario.com/files/snxpl/assets/css/style.css
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
52e25b2e54db7aec42319dded8a0abcd1ae63666a0302a80de6d405e36a496df

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:30 GMT
content-encoding
gzip
last-modified
Sun, 06 Dec 2020 17:04:29 GMT
server
nginx
x-powered-by
Webcindario Hosting Service
etag
W/"5fcd0f1d-3f8f"
vary
Accept-Encoding
content-type
text/css
1.png
amzservice.webcindario.com/files/snxpl/assets/imgs/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://amzservice.webcindario.com/files/snxpl/assets/imgs/1.png
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/assets/css/style.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/assets/css/style.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:30 GMT
last-modified
Sun, 06 Dec 2020 17:04:29 GMT
server
nginx
x-powered-by
Webcindario Hosting Service
etag
"5fcd0f1d-62ae"
content-type
image/png
accept-ranges
bytes
content-length
25262
ads
des.smartclip.net/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://des.smartclip.net/ads?type=dyn&plc=75133&elementId=9187184b343762620d336d41166fc6567dd85148&sz=400x320&rnd=98673545
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.194.51.120 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-51-120.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
lz_loader.js
img.sunmediaads.com/ads/ 		112 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
89.255.248.54 , Netherlands, ASN60626 (LEASEWEBCDN, NL),
Reverse DNS
Software
leasewebcdn/5.4.2 /
Resource Hash
7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:32 GMT
content-encoding
gzip
cdn-cache-hit
0
last-modified
Sun, 05 Apr 2020 16:15:53 GMT
server
leasewebcdn/5.4.2
etag
W/"1261860600"
content-type
text/javascript
cdn-cache
MISS
cache-control
max-age=0
cdn-node
AMS1-SO01004
expires
Sun, 06 Dec 2020 17:04:32 GMT
timezone.php
amzservice.webcindario.com/files/snxpl/ 		0
231 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://amzservice.webcindario.com/files/snxpl/timezone.php?time=Sun%20Dec%2006%202020%2018:04:30%20GMT+0100%20(Central%20European%20Standard%20Time)
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/assets/js/jquery-3.1.1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
5.57.226.202 Madrid, Spain, ASN29119 (SERVIHOSTING-AS AireNetworks, ES),
Reverse DNS
Software
nginx / Webcindario Hosting Service
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
*/*
Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:30 GMT
content-encoding
gzip
server
nginx
x-powered-by
Webcindario Hosting Service
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
expires
Thu, 19 Nov 1981 08:52:00 GMT
analytics.js
www.google-analytics.com/ 		46 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 23 Oct 2020 03:00:57 GMT
server
Golfe2
age
880
date
Sun, 06 Dec 2020 16:49:50 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18817
expires
Sun, 06 Dec 2020 18:49:50 GMT
quant.js
secure.quantserve.com/ 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T2VG59
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:30 GMT
content-encoding
gzip
etag
"O/+l6c17R2TQ0JQMJXOiXA=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Sun, 13 Dec 2020 17:04:30 GMT
collect
www.google-analytics.com/j/ 		2 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=821762681&t=pageview&_s=1&dl=https%3A%2F%2Famzservice.webcindario.com%2Ffiles%2Fsnxpl%2Flogin.php%3Fp%3D0%26sessionid%3Dca43432fb553f2bc681b8d36abb0260698651592&ul=en-us&de=UTF-8&dt=Amazon%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABCAAAAC~&jid=160877997&gjid=334237269&cid=1670035495.1607274271&tid=UA-597118-7&_gid=1875579811.1607274271&_r=1&gtm=2wgb41T2VG59&z=447556713
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amzservice.webcindario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
25 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j87&a=821762681&t=pageview&_s=1&dl=https%3A%2F%2Famzservice.webcindario.com%2Ffiles%2Fsnxpl%2Flogin.php%3Fp%3D0%26sessionid%3Dca43432fb553f2bc681b8d36abb0260698651592&ul=en-us&de=UTF-8&dt=Amazon%20-%20Sign%20In&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAAABCAAAAC~&jid=537623750&gjid=1282822729&cid=1670035495.1607274271&tid=UA-597118-1&_gid=1875579811.1607274271&_r=1&gtm=2wgb41T2VG59&z=2141285332
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-Q050
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:824::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:30 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://amzservice.webcindario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
rules-p-d5x2uDVHd7ALE.js
rules.quantcount.com/ 		3 B
348 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-d5x2uDVHd7ALE.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2104:b800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sat, 05 Dec 2020 20:11:35 GMT
via
1.1 fb8f21b90b0483bdc64e7c79b3e007e0.cloudfront.net (CloudFront)
last-modified
Sat, 04 Mar 2017 20:57:48 GMT
server
AmazonS3
age
75176
etag
"8a80554c91d9fca8acb82f023de02f11"
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
x-amz-cf-pop
AMS1-C1
accept-ranges
bytes
content-length
3
x-amz-cf-id
pANsU9goWtsXo-PiQDkCzazaKjpnILx2l_YA2xdiXgXzSwW5EX5jug==
collect
stats.g.doubleclick.net/j/ 		4 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-597118-7&cid=1670035495.1607274271&jid=160877997&gjid=334237269&_gid=1875579811.1607274271&_u=YEBAAAAACAAAAC~&z=197429539
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 06 Dec 2020 17:04:30 GMT
content-type
text/plain
access-control-allow-origin
https://amzservice.webcindario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-597118-1&cid=1670035495.1607274271&jid=537623750&gjid=1282822729&_gid=1875579811.1607274271&_u=YEDAAAABCAAAAC~&z=213587137
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Sun, 06 Dec 2020 17:04:30 GMT
content-type
text/plain
access-control-allow-origin
https://amzservice.webcindario.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-7&cid=1670035495.1607274271&jid=160877997&_u=YEBAAAAACAAAAC~&z=1216520353
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-7&cid=1670035495.1607274271&jid=160877997&_u=YEBAAAAACAAAAC~&z=1216520353
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-1&cid=1670035495.1607274271&jid=537623750&_u=YEDAAAABCAAAAC~&z=1193707791
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-597118-1&cid=1670035495.1607274271&jid=537623750&_u=YEDAAAABCAAAAC~&z=1193707791
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:820::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:30 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zone.php
play.sunmediaads.com/red/ 		516 B
879 B 		Script
General
Check archive.org
Download Go to
Full URL
https://play.sunmediaads.com/red/zone.php?code=HEZRL65RXYI2&a=&pubid=&lgid=9565037110.37976709417224397
Requested by
Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
212.92.55.6 , Spain, ASN24592 (NEXICA-AS, ES),
Reverse DNS
unamed.nexica.net
Software
Apache /
Resource Hash
43b9d30c68e6583a9fd1779713362522eb175ccb318e252387f3e955156acee6

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 06 Dec 2020 17:04:32 GMT
Server
Apache
Connection
close
Content-Length
516
Content-Type
text/html; charset=UTF-8
8c4105a4-90ec-434c-bf14-82b194e3019f.js
static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/ 		179 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31195936.ip-51-89-234.eu
Software
nginx /
Resource Hash
c61d8adda3313e4ea083538e0a8086b9b9e68927a3b1a24a05eaaedf4e2a5b93

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:33 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Fri, 04 Dec 2020 12:15:07 GMT
server
nginx
age
190103
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/javascript
cache-control
max-age=0, s-maxage=2592001
access-control-allow-credentials
true
content-length
50665
accept-ranges
bytes
x-device
desktop
/
servingcdn.net/ 		28 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Requested by
Host: img.sunmediaads.com
URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.131.72.148 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-131-72-148.us-east-2.compute.amazonaws.com
Software
nginx/1.16.1 / Express
Resource Hash
0bcc013b816fbf1c04d5c31fc8a7aa02306ad7022ee0fe08e3ca519bd8accae7

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:33 GMT
content-encoding
gzip
server
nginx/1.16.1
x-powered-by
Express
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
-1
postscribe.min.js
cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Requested by
Host: servingcdn.net
URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:33 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
313537
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
content-length
5117
cf-request-id
06da9c31c100001f1d059e6000000001
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:15:38 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03faa-45f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hdq14uvuVIz41tJgTuQYUpVUqRNp95v91O3mUPd65o0cLA9WioJdL2KlMVlCBp5bo24ciIBzhMFmKdTQ7Pqn41tVA232nh0sHWiOUmvOZKlp5kDIgJCwewpauS732J8uTA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
5fd7962f9e391f1d-FRA
expires
Fri, 26 Nov 2021 17:04:33 GMT
geocity.php
services.sunmedia.tv/geotarget/ 		455 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.sunmedia.tv/geotarget/geocity.php
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.67.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3166667.ip-51-89-67.eu
Software
nginx /
Resource Hash
a8fb2f653e47a0ff75a677b2cf71dfc5ddc8605e1cea41720149c378a8c1a580

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:33 GMT
tp-cache
HIT
server
nginx
age
171
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://amzservice.webcindario.com
cache-control
max-age=0, s-maxage=2592000
access-control-allow-credentials
true
x-device
mobile
accept-ranges
bytes
content-length
455
inhome-1-0.json
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/inhome-1-0.json
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31195936.ip-51-89-234.eu
Software
nginx /
Resource Hash
e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:34 GMT
tp-cache
HIT
last-modified
Tue, 01 Dec 2020 14:41:43 GMT
server
nginx
age
190633
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=2592000
content-length
2788
accept-ranges
bytes
x-device
desktop
outstream.json
static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/ 		3 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/SMSdk/tracker/09c4c4e3-fdda-4924-9962-27814a8d84e8/outstream.json
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31195936.ip-51-89-234.eu
Software
nginx /
Resource Hash
1b7b30e5d39ee70ff4346e1a6866466a63ac691d2d47233c35b0a739666f2920

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:34 GMT
tp-cache
HIT
last-modified
Fri, 16 Oct 2020 16:17:06 GMT
server
nginx
age
190633
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=0, s-maxage=2592000
content-length
2845
accept-ranges
bytes
x-device
desktop
adblockDetector.min.js
static.sunmedia.tv/SMSdk/assets/AdBlockDetection/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.sunmedia.tv/SMSdk/assets/AdBlockDetection/adblockDetector.min.js
Requested by
Host: static.sunmedia.tv
URL: https://static.sunmedia.tv/integrations/8c4105a4-90ec-434c-bf14-82b194e3019f/8c4105a4-90ec-434c-bf14-82b194e3019f.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31195936.ip-51-89-234.eu
Software
nginx /
Resource Hash
ce29b347db6fc1e413ce157f52289e7a551fca5532817543961a0dc341b474b8

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:33 GMT
content-encoding
gzip
tp-cache
HIT
last-modified
Fri, 04 Dec 2020 12:01:42 GMT
server
nginx
age
190632
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=0, s-maxage=2592000
x-device
desktop
accept-ranges
bytes
content-length
1630
/
ads.projectagoraservices.com/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5719
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2b00:12::5f64:5542 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3724
expires
Sun, 06 Dec 2020 17:04:34 GMT
prebid.3-25.js
projectagora.net/libs/prebidv3/ 		269 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://projectagora.net/libs/prebidv3/prebid.3-25.js
Requested by
Host: ads.projectagoraservices.com
URL: https://ads.projectagoraservices.com/?id=5719
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6812:3d5e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f33f8c271b704a3a06db5ef14daa0a3b18e35643df7678ca1128e7500dc5728f

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:34 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"report_to":"cf-nel","max_age":604800}
age
4106
x-amz-request-id
6H6Z0M3K4G0SDJ5M
x-amz-id-2
J6qLlpAOrAg8g7nUL6kqeTLTr5GLIzbLjuX2iQzi1s4wmpadzTA0FI6RF3SZ9rEN9PKcGzNaEv8=
last-modified
Wed, 14 Oct 2020 14:40:15 GMT
server
cloudflare
etag
W/"0926c1cca7636a4e7a577e89f647addf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Gj6Qv8mTbVGPg0UBpnaK9JrDydhx1xl2kvSN6pRkJnL0OlaJ0QJmZlql%2BQT52QaklZ5jDcOuJ%2BeTje9mvlSIaGFDhVwkFgqxfkbMgyh%2BEzc23m51a9S1ou8s%2Fo99"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-request-id
06da9c362c0000177a50b91000000001
cf-ray
5fd79636acbc177a-FRA
/
ads.projectagoraservices.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5734
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2b00:12::5f64:5542 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
6280
expires
Sun, 06 Dec 2020 17:04:34 GMT
/
ads.projectagoraservices.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5734
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2b00:12::5f64:5542 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
6280
expires
Sun, 06 Dec 2020 17:04:34 GMT
/
ads.projectagoraservices.com/ 		22 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5734
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2b00:12::5f64:5542 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
6280
expires
Sun, 06 Dec 2020 17:04:34 GMT
/
ads.projectagoraservices.com/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5719
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2b00:12::5f64:5542 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3724
expires
Sun, 06 Dec 2020 17:04:34 GMT
/
ads.projectagoraservices.com/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.projectagoraservices.com/?id=5719
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/postscribe/2.0.8/postscribe.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:2b00:12::5f64:5542 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
/
Resource Hash
c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 06 Dec 2020 17:04:34 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, no-cache, no-store, must-revalidate
content-length
3724
expires
Sun, 06 Dec 2020 17:04:34 GMT
tag.js
js.agkn.com/prod/v0/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.agkn.com/prod/v0/tag.js
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:1a00:15:efbc:e300:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 07:07:21 GMT
via
1.1 29d33c5cd70a6501fde7bc2dba557906.cloudfront.net (CloudFront)
last-modified
Tue, 22 Oct 2019 20:22:52 GMT
server
AmazonS3
age
35835
etag
"f53f55cbab099be3a970b446a66c496a"
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
3167
x-amz-cf-id
1ngsg1XC2b0azO8qWbbpgUykzJPDbInQAdKP8inb6YoNJhXg1dfMjA==
/
sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/DF2886F390D432DF0C8E98D69702ED6F/
Requested by
Host: amzservice.webcindario.com
URL: https://amzservice.webcindario.com/files/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
94.130.216.200 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
cm023.richaudience.com
Software
nginx/1.14.2 /
Resource Hash
67230799b6dfbf38819a30940317ef073b9b8692f4b7e09867b460cf50699424

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date
Sun, 06 Dec 2020 17:04:35 GMT
Server
nginx/1.14.2
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/javascript;charset=UTF-8
/
track.sunmedia.tv/ 		42 B
278 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.sunmedia.tv/?ap=smptf&it=8c4105a4-90ec-434c-bf14-82b194e3019f&tp=op&pb=1&pos=no-pos&loop=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
51.89.234.150 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31195936.ip-51-89-234.eu
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Sun, 06 Dec 2020 17:04:36 GMT
tp-cache
HIT
last-modified
Thu, 15 Nov 2018 09:59:07 GMT
server
nginx
age
2763942
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=0, s-maxage=31536000
access-control-allow-credentials
true
x-device
mobile
accept-ranges
bytes
content-length
42
Cookie set /
d.agkn.com/iframe/8613/ Frame 92B7 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://d.agkn.com/iframe/8613/?che=243961034&gdpr=&gdpr_consent=&ref=https%3A%2F%2Famzservice.webcindario.com%2Ffiles%2F&bpid=sunmedia&c=%7B%22bpid%22%3A%22sunmedia%22%2C%22loc%22%3A%22https%3A%2F%2Famzservice.webcindario.com%2Ffiles%2Fsnxpl%2Flogin.php%3Fp%3D0%26sessionid%3Dca43432fb553f2bc681b8d36abb0260698651592%22%2C%22gdpr%22%3A%22%22%2C%22gdpr_consent%22%3A%22%22%2C%22ref%22%3A%22https%3A%2F%2Famzservice.webcindario.com%2Ffiles%2F%22%2C%22cid%22%3A%22-1%22%2C%22sid%22%3A%22-1%22%2C%22gen%22%3A%22-1%22%2C%22age%22%3A%22-1%22%2C%22cat%22%3A%22Hobbies%20and%20Interests%22%2C%22brd%22%3A%22-1%22%7D
Requested by
Host: js.agkn.com
URL: https://js.agkn.com/prod/v0/tag.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.194.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-194-125.eu-central-1.compute.amazonaws.com
Software
Apache-Coyote/1.1 /
Resource Hash

Request headers

Host
d.agkn.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592

Response headers

Cache-Control
no-cache, must-revalidate
Content-Type
text/html;charset=UTF-8
Date
Sun, 06 Dec 2020 17:04:35 GMT
Expires
Sat, 01 Jan 2000 00:00:00 GMT
P3P
CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma
no-cache
Server
Apache-Coyote/1.1
Set-Cookie
ab=0001%3AsaJ%2Ff9GPf6PdN%2BXL8ZjdzEMlgW%2F5iv7E;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure u=C|0AEAnX8ukJ1_LpAAAAAAAAg1RAQCADVIBAIA;Path=/;Domain=agkn.com;Max-Age=31536000;SameSite=None;Secure
Content-Length
481
Connection
keep-alive

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Generic (Online) Amazon (Online)

126 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker object| trustedTypes boolean| crossOriginIsolated function| __tcfapi function| __uspapi object| dataLayer object| Aes object| Base64 object| Utf8 string| he12p string| gea string| output string| ctrTxt function| $ function| jQuery object| s string| t object| lz_elem object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| mia_ga object| _qevents object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| parser object| lz_ua function| _lz_console object| lz_console function| _lz_utils object| lz_utils object| dfcheck object| df_orientation_data object| df_motion_data object| pool undefined| current number| default_lz_max_time_fallback object| lz_fallback object| lz_ads number| lz_time_listener object| pila_ban function| fixtweakboxapp function| lz_loadads function| lz_loadscripts function| lz_loadfill function| lz_loadscr function| lz_callfallback function| lz_script_item function| lz_listener_dummy function| lz_listener_banner function| lz_fallback_banner function| lz_listener_sunmedia function| lz_fallback_sunmedia function| IW_carga function| UAParser boolean| scoreForce function| lz_touchend function| lz_touchstart function| lz_deviceorientation function| lz_MozOrientation function| lz_devicemotion number| lz_max_time_fallback function| htmlParser function| oldwrite function| oldwriteln function| IW_load string| lz_zone object| target function| a object| n object| _0x1892 function| _0x45d2 function| script function| _getRandomInt function| _loadSingle function| _load function| parseDataTag function| randomSort function| _getScriptContent function| _cb function| postscribe string| uAgent object| SMGDPRKey object| smdevice string| smuAgent object| SMInHome object| adblockDetector boolean| partnerSco object| projectAgoraPbjs function| projectAgoraPbjsChunk object| _pbjsGlobals object| agkn function| setUpAgknTag string| tcf string| raEuconsent string| raReferrer function| agknTagBuilder object| _agknTag string| _agknTagName object| _agknEchoTag number| _isAgknTagSet function| loadCMP string| raConsentString string| raReferrerDomain string| raHasConsent

6 Cookies

Domain/Path Name / Value
.amzservice.webcindario.com/ Name: _gat_UA-597118-1
Value: 1
.amzservice.webcindario.com/ Name: _gid
Value: GA1.3.1875579811.1607274271
.webcindario.com/ Name: __muid
Value: 9187184b343762620d336d41166fc6567dd85148
amzservice.webcindario.com/ Name: PHPSESSID
Value: 43c51eae987cbd6694c0cd389de48fd0
.amzservice.webcindario.com/ Name: _gat_UA-597118-7
Value: 1
.amzservice.webcindario.com/ Name: _ga
Value: GA1.3.1670035495.1607274271

3 Console Messages

Source Level URL
Text
console-api log URL: https://img.sunmediaads.com/ads/lz_loader.js?ver=1.4(Line 4)
Message:
%s Send completed [object Object]
console-api log URL: https://servingcdn.net/?uid=5e18adb5b6e69a5d886e2702&w=320&h=50&click=(Line 1)
Message:
%c [object HTMLImageElement]
console-api warning URL: https://amzservice.webcindario.com/files/snxpl/login.php?p=0&sessionid=ca43432fb553f2bc681b8d36abb0260698651592(Line 135)
Message:
USP is not accessible

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.projectagoraservices.com
amzservice.webcindario.com
cdnjs.cloudflare.com
d.agkn.com
des.smartclip.net
hosting.miarroba.info
img.sunmediaads.com
js.agkn.com
play.sunmediaads.com
projectagora.net
quantcast.mgr.consensu.org
rules.quantcount.com
secure.quantserve.com
services.sunmedia.tv
servingcdn.net
static.sunmedia.tv
stats.g.doubleclick.net
sync.richaudience.com
track.sunmedia.tv
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
18.195.194.125
212.92.55.6
2600:9000:206f:1a00:15:efbc:e300:93a1
2600:9000:2104:b800:6:44e3:f8c0:93a1
2600:9000:2104:fc00:9:46dc:4700:93a1
2606:4700:20::681a:dc8
2606:4700:3037::6812:3d5e
2606:4700::6810:135e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:802::2004
2a00:1450:4001:817::2008
2a00:1450:4001:820::2003
2a00:1450:4001:824::200e
2a00:1450:400c:c09::9c
2a02:26f0:2b00:12::5f64:5542
3.131.72.148
5.57.226.202
51.89.234.150
51.89.67.82
54.194.51.120
89.255.248.54
94.130.216.200
0bcc013b816fbf1c04d5c31fc8a7aa02306ad7022ee0fe08e3ca519bd8accae7
1b7b30e5d39ee70ff4346e1a6866466a63ac691d2d47233c35b0a739666f2920
3425e9036117199702c5eea1bec0a4cecc8b779edae5e4870e688d67d12ac71a
43b9d30c68e6583a9fd1779713362522eb175ccb318e252387f3e955156acee6
52e25b2e54db7aec42319dded8a0abcd1ae63666a0302a80de6d405e36a496df
5e43899d2f27ba4284ef6002196f02f6544b46fc093ab410a31bdb9fa57b87dc
67230799b6dfbf38819a30940317ef073b9b8692f4b7e09867b460cf50699424
68f5bd96d81f1d6fb964f93395fca5f9d0fafc4d4e3f3394793de2ecd73e2a8e
7c074d5639b08b7eee3923842b52d5333c37eceb96baf14ee213584981066fe5
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85556761a8800d14ced8fcd41a6b8b26bf012d44a318866c0d81a62092efd9bf
87d73170be9a2e277c57d324c4e05ec0ac60ed3c0191fa29e7a31133b4c4c119
a8fb2f653e47a0ff75a677b2cf71dfc5ddc8605e1cea41720149c378a8c1a580
c2b19343a0c70e8766ab29db692677c2ea099f7e8bcc1aac528c7294e422d55f
c4e20f53f5ef0ed44b783437aa3f4638a9a56cc4aa29ae83ed9212eb2807052a
c61d8adda3313e4ea083538e0a8086b9b9e68927a3b1a24a05eaaedf4e2a5b93
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ce29b347db6fc1e413ce157f52289e7a551fca5532817543961a0dc341b474b8
ce347d6dfb58eb986351695bfc565ffb59d30714dcbbf12bce99e5fb06071719
dc82de33871a9ed40a5379ed264dd0456d9bf58839286b913231648f527bc72b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3802f02f4480d3b247af948f029fc343b6947d933a8dc978a738be684e7a3f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f33f8c271b704a3a06db5ef14daa0a3b18e35643df7678ca1128e7500dc5728f
fa230486988ad1b06d1cf2b052fe025844aeb63919998079b197fc1c93039e8b